|
|
|
@ -1,8 +1,9 @@ |
|
|
|
var sha512 = require('sha512') |
|
|
|
var ECKey = require('eckey') |
|
|
|
var BigInteger = require('bigi') |
|
|
|
var crypto = require('crypto') |
|
|
|
var assert = require('assert') |
|
|
|
var crypto = require('crypto') |
|
|
|
var BigInteger = require('bigi') |
|
|
|
var ecurve = require('ecurve') |
|
|
|
var ecparams = ecurve.getCurveByName('secp256k1') |
|
|
|
var sha512 = require('sha512') |
|
|
|
|
|
|
|
module.exports = HDKey |
|
|
|
|
|
|
|
@ -11,7 +12,8 @@ var HARDENED_OFFSET = 0x80000000 |
|
|
|
var LEN = 78 |
|
|
|
|
|
|
|
//I hate that this is hardcoded, but for now...
|
|
|
|
var N = BigInteger.fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141") |
|
|
|
//var N = BigInteger.fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141")
|
|
|
|
var N = ecparams.params.n |
|
|
|
|
|
|
|
//Bitcoin hardcoded by default, can use package `coininfo` for others
|
|
|
|
var VERSIONS = {private: 0x0488ADE4, public: 0x0488B21E} |
|
|
|
@ -24,8 +26,8 @@ function HDKey(seed) { |
|
|
|
var IL = I.slice(0, 32) |
|
|
|
var IR = I.slice(32) |
|
|
|
|
|
|
|
this.priv = new ECKey(IL, true) |
|
|
|
this.pub = this.priv.publicPoint |
|
|
|
setPrivPub(this, IL) |
|
|
|
|
|
|
|
this.chaincode = IR |
|
|
|
this.depth = 0 |
|
|
|
this.index = 0 |
|
|
|
@ -60,7 +62,7 @@ Object.defineProperty(HDKey.prototype, 'private', { |
|
|
|
|
|
|
|
// 0x00 + k for private keys
|
|
|
|
buffer.writeUInt8(0, 45) |
|
|
|
this.priv.privateKey.copy(buffer, 46) |
|
|
|
this.priv.copy(buffer, 46) |
|
|
|
|
|
|
|
|
|
|
|
return buffer |
|
|
|
@ -150,7 +152,7 @@ HDKey.prototype.deriveChild = function(index) { |
|
|
|
if (isHardened) { |
|
|
|
assert(this.priv, 'Could not derive hardened child key') |
|
|
|
|
|
|
|
var pk = this.priv.privateKey |
|
|
|
var pk = this.priv |
|
|
|
var zb = new Buffer([0]) |
|
|
|
pk = Buffer.concat([zb, pk]) |
|
|
|
|
|
|
|
@ -178,15 +180,16 @@ HDKey.prototype.deriveChild = function(index) { |
|
|
|
// Private parent key -> private child key
|
|
|
|
if (this.priv) { |
|
|
|
// ki = parse256(IL) + kpar (mod n)
|
|
|
|
var ki = pIL.add(BigInteger.fromBuffer(this.priv.privateKey)).mod(N) |
|
|
|
var ki = pIL.add(BigInteger.fromBuffer(this.priv)).mod(N) |
|
|
|
|
|
|
|
// In case parse256(IL) >= n or ki == 0, one should proceed with the next value for i
|
|
|
|
if (pIL.compareTo(N) >= 0 || ki.signum() === 0) { |
|
|
|
return this.derive(index + 1) |
|
|
|
} |
|
|
|
|
|
|
|
hd.priv = new ECKey(ki.toBuffer(), true) |
|
|
|
hd.pub = hd.priv.publicPoint |
|
|
|
//hd.priv = new ECKey(ki.toBuffer(), true)
|
|
|
|
//hd.pub = hd.priv.publicPoint
|
|
|
|
setPrivPub(hd, ki.toBuffer()) |
|
|
|
|
|
|
|
// Public parent key -> public child key
|
|
|
|
} else { |
|
|
|
@ -208,4 +211,11 @@ HDKey.prototype.deriveChild = function(index) { |
|
|
|
hd.index = index |
|
|
|
|
|
|
|
return hd |
|
|
|
} |
|
|
|
|
|
|
|
//temporary
|
|
|
|
function setPrivPub(hd, privKey) { |
|
|
|
hd.priv = privKey |
|
|
|
hd.compressed = true |
|
|
|
hd.pub = ecparams.params.G.multiply(BigInteger.fromBuffer(privKey)) |
|
|
|
} |
JP Richardson
11 years ago