public override Key GetKey(string password)
{
var encrypted = PartialEncrypted.ToArray();
//Derive passfactor using scrypt with ownerentropy and the user's passphrase and use it to recompute passpoint
byte[] passfactor = CalculatePassFactor(password, LotSequence, OwnerEntropy);
var passpoint = CalculatePassPoint(passfactor);
var derived = SCrypt.BitcoinComputeDerivedKey2(passpoint, this.AddressHash.Concat(this.OwnerEntropy).ToArray());
//Decrypt encryptedpart1 to yield the remainder of seedb.
var seedb = DecryptSeed(encrypted, derived);
var factorb = Hashes.DoubleSHA256(seedb).ToBytes();
#if HAS_SPAN
var eckey = NBitcoinContext.Instance.CreateECPrivKey(passfactor).TweakMul(factorb);
var key = new Key(eckey, IsCompressed);
#else
var curve = ECKey.Secp256k1;
//Multiply passfactor by factorb mod N to yield the private key associated with generatedaddress.
var keyNum = new BigInteger(1, passfactor).Multiply(new BigInteger(1, factorb)).Mod(curve.N);
var keyBytes = keyNum.ToByteArrayUnsigned();
if (keyBytes.Length < 32)
{
keyBytes = new byte[32 - keyBytes.Length].Concat(keyBytes).ToArray();
}
var key = new Key(keyBytes, fCompressedIn: IsCompressed);
#endif
var generatedaddress = key.PubKey.GetAddress(ScriptPubKeyType.Legacy, Network);
var addresshash = HashAddress(generatedaddress);
if (!Utils.ArrayEqual(addresshash, AddressHash))
{
throw new SecurityException("Invalid password (or invalid Network)");
}
return(key);
}
public override Key GetKey(string password)
{
byte[] encrypted = PartialEncrypted.ToArray();
//Derive passfactor using scrypt with ownerentropy and the user's passphrase and use it to recompute passpoint
byte[] passfactor = CalculatePassFactor(password, LotSequence, OwnerEntropy);
byte[] passpoint = CalculatePassPoint(passfactor);
byte[] derived = SCrypt.BitcoinComputeDerivedKey2(passpoint, this.AddressHash.Concat(this.OwnerEntropy).ToArray());
//Decrypt encryptedpart1 to yield the remainder of seedb.
byte[] seedb = DecryptSeed(encrypted, derived);
byte[] factorb = Hashes.Hash256(seedb).ToBytes();
X9ECParameters curve = ECKey.Secp256k1;
//Multiply passfactor by factorb mod N to yield the private key associated with generatedaddress.
BigInteger keyNum = new BigInteger(1, passfactor).Multiply(new BigInteger(1, factorb)).Mod(curve.N);
byte[] keyBytes = keyNum.ToByteArrayUnsigned();
if (keyBytes.Length < 32)
{
keyBytes = new byte[32 - keyBytes.Length].Concat(keyBytes).ToArray();
}
var key = new Key(keyBytes, fCompressedIn: IsCompressed);
BitcoinPubKeyAddress generatedaddress = key.PubKey.GetAddress(Network);
byte[] addresshash = HashAddress(generatedaddress);
if (!Utils.ArrayEqual(addresshash, AddressHash))
{
throw new SecurityException("Invalid password (or invalid Network)");
}
return(key);
}
internal static byte[] CalculateDecryptionKey(byte[] Passpoint, byte[] addresshash, byte[] ownerEntropy)
{
return(SCrypt.BitcoinComputeDerivedKey2(Passpoint, addresshash.Concat(ownerEntropy).ToArray()));
}