public function GOST_verifies($hash, Signature $signature)
{
if (extension_loaded('gmp') && USE_EXT == 'GMP') {
$G = $this->generator;
//P
$n = $this->generator->getOrder();
//q
$point = $this->point;
//Q
$r = $signature->getR();
$s = $signature->getS();
if (gmp_cmp($r, 1) < 0 || gmp_cmp($r, gmp_sub($n, 1)) > 0) {
return false;
}
if (gmp_cmp($s, 1) < 0 || gmp_cmp($s, gmp_sub($n, 1)) > 0) {
return false;
}
//step 3 GOST
$e = gmp_Utils::gmp_mod2($hash, $n);
if (gmp_cmp($e, '0') === 0) {
$e = gmp_init('1');
}
// step 4 GOST
$v = gmp_strval(gmp_invert($e, $n));
// step 5 GOST
$z1 = gmp_Utils::gmp_mod2(gmp_mul($s, $v), $n);
$z2 = gmp_Utils::gmp_mod2(gmp_mul(gmp_neg($r), $v), $n);
// step 6 GOST
$C = Point::add(Point::mul($z1, $G), Point::mul($z2, $point));
$R = gmp_Utils::gmp_mod2($C->getX(), $n);
if (0) {
echo "n - " . $n . "\n";
echo "h - " . $hash . "\n";
echo "e - " . gmp_Utils::gmp_dechex($e) . "\n";
echo "v - " . gmp_Utils::gmp_dechex($v) . "\n";
echo "r - " . $r . "\n";
echo "s - " . $s . "\n";
echo "z1 - " . gmp_Utils::gmp_dechex($z1) . "\nz2 - " . gmp_Utils::gmp_dechex($z2) . "\n";
echo "Q - " . $point . "\nG - " . $G . "\n";
echo "C - " . $C . "\nR - " . $R . "\n";
}
if (gmp_cmp($R, $r) == 0) {
return true;
} else {
return false;
}
} else {
throw new ErrorException("Please install GMP");
}
}
function recoverPubKey($r, $s, $e, $recoveryFlags, $G)
{
$isYEven = ($recoveryFlags & 1) != 0;
$isSecondKey = ($recoveryFlags & 2) != 0;
$curve = $G->getCurve();
$signature = new Signature($r, $s);
// Precalculate (p + 1) / 4 where p is the field order
static $p_over_four;
// XXX just assuming only one curve/prime will be used
if (!$p_over_four) {
$p_over_four = gmp_div(gmp_add($curve->getPrime(), 1), 4);
}
// 1.1 Compute x
if (!$isSecondKey) {
$x = $r;
} else {
$x = gmp_add($r, $G->getOrder());
}
// 1.3 Convert x to point
$alpha = gmp_mod(gmp_add(gmp_add(gmp_pow($x, 3), gmp_mul($curve->getA(), $x)), $curve->getB()), $curve->getPrime());
$beta = NumberTheory::modular_exp($alpha, $p_over_four, $curve->getPrime());
// If beta is even, but y isn't or vice versa, then convert it,
// otherwise we're done and y == beta.
if (isBignumEven($beta) == $isYEven) {
$y = gmp_sub($curve->getPrime(), $beta);
} else {
$y = $beta;
}
// 1.4 Check that nR is at infinity (implicitly done in construtor)
$R = new Point($curve, $x, $y, $G->getOrder());
$point_negate = function ($p) {
return new Point($p->curve, $p->x, gmp_neg($p->y), $p->order);
};
// 1.6.1 Compute a candidate public key Q = r^-1 (sR - eG)
$rInv = NumberTheory::inverse_mod($r, $G->getOrder());
$eGNeg = $point_negate(Point::mul($e, $G));
$Q = Point::mul($rInv, Point::add(Point::mul($s, $R), $eGNeg));
// 1.6.2 Test Q as a public key
$Qk = new PublicKey($G, $Q);
if ($Qk->verifies($e, $signature)) {
return $Qk;
}
return false;
}
public function getPublicPoint()
{
if (extension_loaded('gmp') && USE_EXT == 'GMP') {
//alice selects a random number between 1 and the order of the generator point(private)
$n = $this->generator->getOrder();
$this->secret = gmp_Utils::gmp_random($n);
//Alice computes da * generator Qa is public, da is private
$this->pubPoint = Point::mul($this->secret, $this->generator);
return $this->pubPoint;
} else {
if (extension_loaded('bcmath') && USE_EXT == 'BCMATH') {
//alice selects a random number between 1 and the order of the generator point(private)
$n = $this->generator->getOrder();
$this->secret = bcmath_Utils::bcrand($n);
//Alice computes da * generator Qa is public, da is private
$this->pubPoint = Point::mul($this->secret, $this->generator);
return $this->pubPoint;
} else {
throw new ErrorException("Please Install BCMATH or GMP.");
}
}
}
function addr_from_mpk($mpk, $index)
{
// create the ecc curve
$_p = gmp_init('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F', 16);
$_r = gmp_init('FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141', 16);
$_b = gmp_init('0000000000000000000000000000000000000000000000000000000000000007', 16);
$_Gx = gmp_init('79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798', 16);
$_Gy = gmp_init('483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8', 16);
$curve = new Curve($_p, 0, $_b);
$gen = new Point($curve, $_Gx, $_Gy, $_r);
// prepare the input values
$x = gmp_init(substr($mpk, 0, 64), 16);
$y = gmp_init(substr($mpk, 64, 64), 16);
$z = gmp_init(hash('sha256', hash('sha256', $index . ':0:' . pack('H*', $mpk), TRUE)), 16);
// generate the new public key based off master and sequence points
$pt = Point::add(new Point($curve, $x, $y), Point::mul($z, $gen));
$keystr = pack('H*', '04' . str_pad(gmp_strval($pt->x, 16), 64, '0', STR_PAD_LEFT) . str_pad(gmp_strval($pt->y, 16), 64, '0', STR_PAD_LEFT));
$vh160 = '00' . hash('ripemd160', hash('sha256', $keystr, TRUE));
$addr = $vh160 . substr(hash('sha256', hash('sha256', pack('H*', $vh160), TRUE)), 0, 8);
$num = gmp_strval(gmp_init($addr, 16), 58);
$num = strtr($num, '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuv', '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz');
$pad = '';
$n = 0;
while ($addr[$n] == '0' && $addr[$n + 1] == '0') {
$pad .= '1';
$n += 2;
}
return $pad . $num;
}
public function verifies($hash, Signature $signature)
{
if (extension_loaded('gmp') && USE_EXT == 'GMP') {
$G = $this->generator;
$n = $this->generator->getOrder();
$point = $this->point;
$r = $signature->getR();
$s = $signature->getS();
if (gmp_cmp($r, 1) < 0 || gmp_cmp($r, gmp_sub($n, 1)) > 0) {
return false;
}
if (gmp_cmp($s, 1) < 0 || gmp_cmp($s, gmp_sub($n, 1)) > 0) {
return false;
}
$c = NumberTheory::inverse_mod($s, $n);
$u1 = gmp_Utils::gmp_mod2(gmp_mul($hash, $c), $n);
$u2 = gmp_Utils::gmp_mod2(gmp_mul($r, $c), $n);
$xy = Point::add(Point::mul($u1, $G), Point::mul($u2, $point));
$v = gmp_Utils::gmp_mod2($xy->getX(), $n);
if (gmp_cmp($v, $r) == 0) {
return true;
} else {
return false;
}
} else {
if (extension_loaded('bcmath') && USE_EXT == 'BCMATH') {
$G = $this->generator;
$n = $this->generator->getOrder();
$point = $this->point;
$r = $signature->getR();
$s = $signature->getS();
if (bccomp($r, 1) == -1 || bccomp($r, bcsub($n, 1)) == 1) {
return false;
}
if (bccomp($s, 1) == -1 || bccomp($s, bcsub($n, 1)) == 1) {
return false;
}
$c = NumberTheory::inverse_mod($s, $n);
$u1 = bcmod(bcmul($hash, $c), $n);
$u2 = bcmod(bcmul($r, $c), $n);
$xy = Point::add(Point::mul($u1, $G), Point::mul($u2, $point));
$v = bcmod($xy->getX(), $n);
if (bccomp($v, $r) == 0) {
return true;
} else {
return false;
}
} else {
throw new ErrorException("Please install BCMATH or GMP");
}
}
}
/**
* Get public key from a private key
*
* @author Jacob Bruce
* @param string $privKey
* @return string
* @access public
*/
public static function privKeyToPubKey($privKey)
{
$g = SECcurve::generator_secp256k1();
$privKey = self::decodeHex($privKey);
$secretG = Point::mul($privKey, $g);
$xHex = self::encodeHex($secretG->getX());
$yHex = self::encodeHex($secretG->getY());
$xHex = str_pad($xHex, 64, '0', STR_PAD_LEFT);
$yHex = str_pad($yHex, 64, '0', STR_PAD_LEFT);
return '04' . $xHex . $yHex;
}
public static function test_multiply(CurveFp $c, $x1, $y1, $m, $x3, $y3, $verbose = false)
{
if (extension_loaded('gmp') && USE_EXT == 'GMP') {
// expect that on curve c, m * (x2, y2) = (x3, y3)
$p1 = new Point($c, $x1, $y1);
$p3 = Point::mul($m, $p1);
if ($verbose) {
echo $p1 . " * " . $m . " = " . $p3;
}
if ($p3 instanceof Point) {
if (gmp_Utils::gmp_mod2($p3->getX(), 23) != $x3 || gmp_Utils::gmp_mod2($p3->getY(), 23) != $y3) {
echo " MULT TEST FAILURE: should give: (" . $x3 . " , " . $y3 . ")<br /><br /><br />";
flush();
} else {
if ($verbose) {
echo " MULT TEST SUCCESSFUL<br /><br /><br />";
}
flush();
}
} else {
if ($p3 == 'infinity') {
echo " INFINITY MULT TEST FAILURE: should give: (" . $x3 . " , " . $y3 . ")<br /><br /><br />";
flush();
} else {
if ($verbose) {
echo " INFINITY MULT TEST SUCCESSFUL<br /><br /><br />";
}
flush();
}
}
} else {
if (extension_loaded('bcmath') && USE_EXT == 'BCMATH') {
// expect that on curve c, m * (x2, y2) = (x3, y3)
$p1 = new Point($c, $x1, $y1);
$p3 = Point::mul($m, $p1);
if ($verbose) {
echo $p1 . " * " . $m . " = " . $p3;
}
flush();
if ($p3 instanceof Point) {
if (bcmod($p3->getX(), 23) != $x3 || bcmod($p3->getY(), 23) != $y3) {
echo " MULT TEST FAILURE: should give: (" . $x3 . " , " . $y3 . ")<br /><br /><br />";
flush();
} else {
if ($verbose) {
echo " MULT TEST SUCCESSFUL<br /><br /><br />";
}
flush();
}
} else {
if ($p3 == 'infinity') {
echo " INFINITY MULT TEST FAILURE: should give: (" . $x3 . " , " . $y3 . ")<br /><br /><br />";
flush();
} else {
if ($verbose) {
echo " INFINITY MULT TEST SUCCESSFUL<br /><br /><br />";
}
flush();
}
}
}
}
}
public static function create_key_pair()
{
self::debug('create_key_pair');
$privBin = '';
for ($i = 0; $i < 32; $i++) {
$privBin .= chr(mt_rand(0, $i ? 0xff : 0xfe));
}
self::debug('create_key_pair: privBin: ' . bin2hex($privBin));
//self::debug('create_key_pair: point');
$point = Point::mul(bcmath_Utils::bin2bc("" . $privBin), self::$secp256k1_G);
self::debug('create_key_pair: point: ' . $point);
//self::debug('create_key_pair: pubBinStr');
$pubBinStr = "" . str_pad(bcmath_Utils::bc2bin($point->getX()), 32, "", STR_PAD_LEFT) . str_pad(bcmath_Utils::bc2bin($point->getY()), 32, "", STR_PAD_LEFT);
self::debug('create_key_pair: pubBinStr: ' . bin2hex($pubBinStr));
self::$key_pair_public = hash('ripemd160', hash('sha256', $pubBinStr, true), true);
self::debug('create_key_pair: key_pair_public: ' . bin2hex(self::$key_pair_public));
self::$key_pair_private = $privBin;
self::debug('create_key_pair: key_pair_private: ' . bin2hex($privBin));
//return array('public' => hash('ripemd160', hash('sha256', $pubBinStr, true), true), 'private' => $privBin);
}
/**
* Private Key To Public Key
*
* Accepts a $privKey as input, and does EC multiplication to obtain
* a new point along the curve. The X and Y coordinates are the public
* key, which are returned as a hexadecimal string in uncompressed
* format.
*
* @param string $privKey
* @param boolean $compressed
* @return string
*/
public static function private_key_to_public_key($privKey, $compressed = FALSE)
{
$g = \SECcurve::generator_secp256k1();
$privKey = self::hex_decode($privKey);
try {
$secretG = \Point::mul($privKey, $g);
} catch (\Exception $e) {
return FALSE;
}
$xHex = self::hex_encode($secretG->getX());
$yHex = self::hex_encode($secretG->getY());
$xHex = str_pad($xHex, 64, '0', STR_PAD_LEFT);
$yHex = str_pad($yHex, 64, '0', STR_PAD_LEFT);
$public_key = '04' . $xHex . $yHex;
return $compressed == TRUE ? self::compress_public_key($public_key) : $public_key;
}
public static function point_is_valid(Point $generator, $x, $y)
{
if (extension_loaded('gmp') && USE_EXT == 'GMP') {
$n = $generator->getOrder();
$curve = $generator->getCurve();
if (gmp_cmp($x, 0) < 0 || gmp_cmp($n, $x) <= 0 || gmp_cmp($y, 0) < 0 || gmp_cmp($n, $y) <= 0) {
return false;
}
$containment = $curve->contains($x, $y);
if (!$containment) {
return false;
}
$point = new Point($curve, $x, $y);
$op = Point::mul($n, $point);
if (!(Point::cmp($op, Point::$infinity) == 0)) {
return false;
}
return true;
} else {
if (extension_loaded('bcmath') && USE_EXT == 'BCMATH') {
$n = $generator->getOrder();
$curve = $generator->getCurve();
if (bccomp($x, 0) == -1 || bccomp($n, $x) != 1 || bccomp($y, 0) == -1 || bccomp($n, $y) != 1) {
return false;
}
$containment = $curve->contains($x, $y);
if (!$containment) {
return false;
}
$point = new Point($curve, $x, $y);
$op = Point::mul($n, $point);
if (!(Point::cmp($op, Point::$infinity) == 0)) {
return false;
}
return true;
} else {
throw new ErrorException("Please install BCMATH or GMP");
}
}
}
public function CKD($master, $address_definition, $generated = array())
{
// Import master
$previous = $this->import($master);
// Check key type
if ($previous['type'] == 'private') {
$private_key = $previous['key'];
$public_key = $this->private_to_public($private_key, true);
} else {
if ($previous['type'] == 'public') {
$public_key = $previous['key'];
} else {
return false;
}
}
// Get fingerprint
$fingerprint = substr(hash('ripemd160', hash('sha256', pack("H*", $public_key), true)), 0, 8);
$i = array_pop($address_definition);
// Check prime
$is_prime = gmp_cmp(gmp_init($i, 16), gmp_init('80000000', 16)) == -1 ? 0 : 1;
if ($is_prime == 1) {
if ($previous['type'] == 'public') {
return false;
}
$data = '00' . $private_key . $i;
} else {
if ($is_prime == 0) {
$data = $public_key . $i;
}
}
// Hash data
if (!isset($data)) {
return false;
}
$I = hash_hmac('sha512', pack("H*", $data), pack("H*", $previous['chain_code']));
$I_l = substr($I, 0, 64);
$I_r = substr($I, 64, 64);
// Initialize curve
$g = SECcurve::generator_secp256k1();
$n = $g->getOrder();
// Generate key
if ($previous['type'] == 'private') {
$key = str_pad(gmp_strval(gmp_Utils::gmp_mod2(gmp_add(gmp_init($I_l, 16), gmp_init($private_key, 16)), $n), 16), 64, '0', STR_PAD_LEFT);
} else {
if ($previous['type'] == 'public') {
$decompressed = $this->decompress_public_key($public_key);
$curve = SECcurve::curve_secp256k1();
$new_point = Point::add(Point::mul(gmp_init($I_l, 16), $g), $decompressed['point']);
$new_x = str_pad(gmp_strval($new_point->getX(), 16), 64, '0', STR_PAD_LEFT);
$new_y = str_pad(gmp_strval($new_point->getY(), 16), 64, '0', STR_PAD_LEFT);
$key = '04' . $new_x . $new_y;
$key = '0' . (gmp_Utils::gmp_mod2(gmp_init(substr($key, 66, 64), 16), 2) == 0 ? '2' : '3') . substr($key, 2, 64);
//$key = preg_replace("/^04/", "", $key);
}
}
if (!isset($key)) {
return FALSE;
}
// Set data
$data = array('network' => $previous['network'], 'testnet' => $previous['testnet'], 'magic_bytes' => $previous['magic_bytes'], 'type' => $previous['type'], 'depth' => $previous['depth'] + 1, 'fingerprint' => $fingerprint, 'i' => $i, 'address_number' => $this->get_address_number($i), 'chain_code' => $I_r, 'key' => $key);
// Return
if (count($address_definition) > 0) {
return $this->CKD($this->encode($data), $address_definition, $generated);
} else {
return array($this->encode($data), implode('/', $generated));
}
}
/**
* Public Key From MPK
*
* This function is used to generate a public key from the supplied
* $mpk - the master public key, and an $iteration indicating which
* address in the sequence should be generated.
*
* @param string $mpk
* @param int $iteration
* @return string
*/
public static function public_key_from_mpk($mpk, $iteration, $change = 0, $compressed = FALSE)
{
$change = $change == 0 ? '0' : '1';
// Generate the curve, and the generator point.
$curve = \SECcurve::curve_secp256k1();
$gen = \SECcurve::generator_secp256k1();
// Prepare the input values, by converting the MPK to X and Y coordinates
$x = gmp_init(substr($mpk, 0, 64), 16);
$y = gmp_init(substr($mpk, 64, 64), 16);
// Generate a scalar from the $iteration and $mpk
$z = gmp_init(hash('sha256', hash('sha256', "{$iteration}:{$change}:" . pack('H*', $mpk), TRUE)), 16);
try {
// Add the Point defined by $x and $y, to the result of EC multiplication of $z by $gen
$pt = \Point::add(new \Point($curve, $x, $y), \Point::mul($z, $gen));
// Generate the uncompressed public key.
$keystr = '04' . str_pad(gmp_strval($pt->x, 16), 64, '0', STR_PAD_LEFT) . str_pad(gmp_strval($pt->y, 16), 64, '0', STR_PAD_LEFT);
} catch (Exception $e) {
throw new ErrorException($e->getMessage());
}
return $compressed == TRUE ? BitcoinLib::compress_public_key($keystr) : $keystr;
}
public static function create_key_pair()
{
$privBin = '';
for ($i = 0; $i < 32; $i++) {
$privBin .= chr(mt_rand(0, $i ? 0xff : 0xfe));
}
$point = Point::mul(bcmath_Utils::bin2bc("" . $privBin), self::$secp256k1_G);
$pubBinStr = "" . str_pad(bcmath_Utils::bc2bin($point->getX()), 32, "", STR_PAD_LEFT) . str_pad(bcmath_Utils::bc2bin($point->getY()), 32, "", STR_PAD_LEFT);
$pubBinStrCompressed = (intval(substr($point->getY(), -1, 1)) % 2 == 0 ? "" : "") . str_pad(bcmath_Utils::bc2bin($point->getX()), 32, "", STR_PAD_LEFT);
self::$key_pair_public = hash('ripemd160', hash('sha256', $pubBinStr, true), true);
self::$key_pair_public_hex = bin2hex($pubBinStr);
self::$key_pair_private = $privBin;
self::$key_pair_private_hex = bin2hex($privBin);
self::$key_pair_compressed_public = hash('ripemd160', hash('sha256', $pubBinStrCompressed, true), true);
self::$key_pair_compressed_public_hex = bin2hex($pubBinStrCompressed);
self::$key_pair_compressed_private = self::base58check_encode(self::$prefix_private, $privBin, 0x1);
self::$key_pair_compressed_private_hex = self::$key_pair_private_hex;
}
function BWWC__MATH_generate_bitcoin_address_from_mpk($master_public_key, $key_index)
{
if (USE_EXT != 'GMP' && USE_EXT != 'BCMATH') {
return false;
}
/*
if (USE_EXT == 'GMP')
{
$utils_class = 'gmp_Utils';
$fn_bchexdec = 'gmp_hexdec';
$fn_dec2base = 'gmp_dec2base';
$fn_base2dec = 'gmp_base2dec';
}
else if (USE_EXT == 'BCMATH')
{
$utils_class = 'bcmath_Utils';
$fn_bchexdec = 'bchexdec';
$fn_dec2base = 'dec2base';
$fn_base2dec = 'base2dec';
}
else
return false;
*/
// create the ecc curve
if (USE_EXT == 'GMP') {
// GMP
$_p = gmp_Utils::gmp_hexdec('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F');
$_r = gmp_Utils::gmp_hexdec('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141');
$_b = gmp_Utils::gmp_hexdec('0x0000000000000000000000000000000000000000000000000000000000000007');
$_Gx = gmp_Utils::gmp_hexdec('0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798');
$_Gy = gmp_Utils::gmp_hexdec('0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8');
} else {
// BCMATH
$_p = bcmath_Utils::bchexdec('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F');
$_r = bcmath_Utils::bchexdec('0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141');
$_b = bcmath_Utils::bchexdec('0x0000000000000000000000000000000000000000000000000000000000000007');
$_Gx = bcmath_Utils::bchexdec('0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798');
$_Gy = bcmath_Utils::bchexdec('0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8');
}
$curve = new CurveFp($_p, 0, $_b);
$gen = new Point($curve, $_Gx, $_Gy, $_r);
// prepare the input values
if (USE_EXT == 'GMP') {
// GMP
$x = gmp_Utils::gmp_hexdec('0x' . substr($master_public_key, 0, 64));
$y = gmp_Utils::gmp_hexdec('0x' . substr($master_public_key, 64, 64));
$z = gmp_Utils::gmp_hexdec('0x' . hash('sha256', hash('sha256', $key_index . ':0:' . pack('H*', $master_public_key), TRUE)));
} else {
// BCMATH
$x = bcmath_Utils::bchexdec('0x' . substr($master_public_key, 0, 64));
$y = bcmath_Utils::bchexdec('0x' . substr($master_public_key, 64, 64));
$z = bcmath_Utils::bchexdec('0x' . hash('sha256', hash('sha256', $key_index . ':0:' . pack('H*', $master_public_key), TRUE)));
}
// generate the new public key based off master and sequence points
$pt = Point::add(new Point($curve, $x, $y), Point::mul($z, $gen));
if (USE_EXT == 'GMP') {
// GMP
$keystr = "" . str_pad(gmp_Utils::gmp_dec2base($pt->getX(), 256), 32, "", STR_PAD_LEFT) . str_pad(gmp_Utils::gmp_dec2base($pt->getY(), 256), 32, "", STR_PAD_LEFT);
} else {
// BCMATH
$keystr = "" . str_pad(bcmath_Utils::dec2base($pt->getX(), 256), 32, "", STR_PAD_LEFT) . str_pad(bcmath_Utils::dec2base($pt->getY(), 256), 32, "", STR_PAD_LEFT);
}
$vh160 = "" . hash('ripemd160', hash('sha256', $keystr, TRUE), TRUE);
$addr = $vh160 . substr(hash('sha256', hash('sha256', $vh160, TRUE), TRUE), 0, 4);
// base58 conversion
$alphabet = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz';
$encoded = '';
if (USE_EXT == 'GMP') {
// GMP
$num = gmp_Utils::gmp_base2dec($addr, 256);
} else {
// BCMATH
$num = bcmath_Utils::base2dec($addr, 256);
}
while (intval($num) >= 58) {
$div = bcdiv($num, '58');
$mod = bcmod($num, '58');
$encoded = $alphabet[intval($mod)] . $encoded;
$num = $div;
}
$encoded = $alphabet[intval($num)] . $encoded;
$pad = '';
$n = 0;
while ($addr[$n++] == "") {
$pad .= '1';
}
return $pad . $encoded;
}
function privkey2pubkey($ECDSA, $secp256k1_G)
{
// this is function that needs the phpecc stuff - rewrite when binary module available
$privKey = gmp_Utils::gmp_hexdec($ECDSA);
$pubKey = new PublicKey($secp256k1_G, Point::mul($privKey, $secp256k1_G));
$xcoord = strtoupper(gmp_Utils::gmp_dechex($pubKey->getPoint()->getX()));
$xcoord = str_pad($xcoord, 64, '0', STR_PAD_LEFT);
$ycoord = strtoupper(gmp_Utils::gmp_dechex($pubKey->getPoint()->getY()));
$ycoord = str_pad($ycoord, 64, '0', STR_PAD_LEFT);
return '04' . $xcoord . $ycoord;
}
/**
* CKD
*
* This recursive function accepts $master, a parent extended key,
* and an array of address bytes (the $address_definition tuple). It
* pop's the next value from the $address_definition tuple and
* generates the desired key. If the $address_definition tuple is
* empty, then it returns the key. If not, then it calls itself again
* with the new key and the tuple with the remaining key indexes to
* generate, but will terminate with an array containing the desired
* key at index 0, and it's human readable definition in the second.
*
* @param string $master
* @param array $address_definition
* @return array
*/
public static function CKD($master, $address_definition, $generated = array())
{
$previous = self::import($master);
if ($previous['type'] == 'private') {
$private_key = $previous['key'];
$public_key = BitcoinLib::private_key_to_public_key($private_key, TRUE);
} else {
if ($previous['type'] == 'public') {
$public_key = $previous['key'];
} else {
// Exception here?
return FALSE;
}
}
$fingerprint = substr(hash('ripemd160', hash('sha256', pack("H*", $public_key), TRUE)), 0, 8);
$i = array_pop($address_definition);
$is_prime = self::check_is_prime_hex($i);
if ($is_prime == 1) {
if ($previous['type'] == 'public') {
return FALSE;
}
// Cannot derive private from public key - Exception here?
$data = '00' . $private_key . $i;
} else {
if ($is_prime == 0) {
$data = $public_key . $i;
}
}
if (!isset($data)) {
return FALSE;
}
$I = hash_hmac('sha512', pack("H*", $data), pack("H*", $previous['chain_code']));
$I_l = substr($I, 0, 64);
$I_r = substr($I, 64, 64);
if (self::check_valid_hmac_key($I_l) == FALSE) {
// Check the key is in a valid range.
// calculate the next i in the sequence, and start over with that.
$new_i = self::calc_address_bytes(self::get_address_number($i) + 1, $is_prime);
array_push($address_definition, $new_i);
return self::CKD($master, $address_definition, $generated);
}
// Keep a record of the address being built. Done after error
// checking so only valid keys get to this point.
if (count($generated) == 0 && $previous['depth'] == 0) {
array_push($generated, $previous['type'] == 'private' ? 'm' : 'M');
}
array_push($generated, self::get_address_number($i, $is_prime) . ($is_prime == 1 ? "'" : NULL));
$g = \SECcurve::generator_secp256k1();
$n = $g->getOrder();
if ($previous['type'] == 'private') {
// (Il + kpar) mod n
$key = str_pad(gmp_strval(\gmp_Utils::gmp_mod2(gmp_add(gmp_init($I_l, 16), gmp_init($private_key, 16)), $n), 16), 64, '0', STR_PAD_LEFT);
} else {
if ($previous['type'] == 'public') {
// newPoint + parentPubkeyPoint
$decompressed = BitcoinLib::decompress_public_key($public_key);
// Can return FALSE. Throw exception?
$curve = \SECcurve::curve_secp256k1();
// Prepare offset, by multiplying Il by g, and adding this to the previous public key point.
// Create a new point by adding the two.
$new_point = \Point::add(\Point::mul(gmp_init($I_l, 16), $g), $decompressed['point']);
$new_x = str_pad(gmp_strval($new_point->getX(), 16), 64, '0', STR_PAD_LEFT);
$new_y = str_pad(gmp_strval($new_point->getY(), 16), 64, '0', STR_PAD_LEFT);
$key = BitcoinLib::compress_public_key('04' . $new_x . $new_y);
}
}
if (!isset($key)) {
return FALSE;
}
$data = array('network' => $previous['network'], 'testnet' => $previous['testnet'], 'magic_bytes' => $previous['magic_bytes'], 'type' => $previous['type'], 'depth' => $previous['depth'] + 1, 'fingerprint' => $fingerprint, 'i' => $i, 'address_number' => self::get_address_number($i), 'chain_code' => $I_r, 'key' => $key);
return count($address_definition) > 0 ? self::CKD(self::encode($data), $address_definition, $generated) : array(self::encode($data), implode('/', $generated));
}