/**
* Sign
*
* This function accepts the same parameters as signrawtransaction.
* $raw_transaction is a hex encoded string for an unsigned/partially
* signed transaction. $inputs is an array, containing the txid/vout/
* scriptPubKey/redeemscript. $priv_keys contains WIF keys.
*
* The function looks at each TxIn and tries to sign, if the hash160
* belongs to a key specified in the wallet.
*
* @param array $wallet
* @param string $raw_transaction
* @param array $inputs
* @param string $magic_byte
* @return array
*/
public static function sign($wallet, $raw_transaction, $inputs, $magic_byte = '00')
{
// Generate digests of inputs to sign.
$message_hash = self::_create_txin_signature_hash($raw_transaction, $inputs);
$inputs_arr = (array) json_decode($inputs);
// Generate an association of expected hash160's and related information.
//$wallet = BitcoinLib::private_keys_to_receive($priv_keys);
$decode = self::decode($raw_transaction);
$req_sigs = 0;
$sign_count = 0;
foreach ($decode['vin'] as $vin => $input) {
$scriptPubKey = self::_decode_scriptPubKey($inputs_arr[$vin]->scriptPubKey);
$tx_info = self::_get_transaction_type($scriptPubKey, $magic_byte);
if (isset($wallet[$tx_info['hash160']])) {
$key_info = $wallet[$tx_info['hash160']];
$generator = \SECcurve::generator_secp256k1();
if ($key_info['type'] == 'scripthash') {
$signatures = self::extract_input_signatures_p2sh($input, $message_hash[$vin], $key_info);
$sign_count += count($signatures);
// Create Signature
foreach ($key_info['keys'] as $key) {
$point = new \Point($generator->getCurve(), gmp_init(substr($key['uncompressed_key'], 2, 64), 16), gmp_init(substr($key['uncompressed_key'], 66, 64), 16), $generator->getOrder());
$_public_key = new \PublicKey($generator, $point);
$_private_key = new \PrivateKey($_public_key, gmp_init($key['private_key'], 16));
$sign = $_private_key->sign(gmp_init($message_hash[$vin], 16), gmp_init((string) bin2hex(openssl_random_pseudo_bytes(32)), 16));
if ($sign !== FALSE) {
$sign_count++;
$signatures[$key['public_key']] = self::encode_signature($sign);
}
}
$decode['vin'][$vin]['scriptSig']['hex'] = self::_apply_sig_scripthash_multisig($signatures, $key_info);
// Increase required # signature counter.
$req_sigs += $key_info['required_signature_count'];
}
if ($key_info['type'] == 'pubkeyhash') {
// Create Signature
$point = new \Point($generator->getCurve(), gmp_init(substr($key_info['uncompressed_key'], 2, 64), 16), gmp_init(substr($key_info['uncompressed_key'], 66, 64), 16), $generator->getOrder());
$_public_key = new \PublicKey($generator, $point);
$_private_key = new \PrivateKey($_public_key, gmp_init($key_info['private_key'], 16));
$sign = $_private_key->sign(gmp_init($message_hash[$vin], 16), gmp_init((string) bin2hex(openssl_random_pseudo_bytes(32)), 16));
if ($sign !== FALSE) {
$sign_count++;
$decode['vin'][$vin]['scriptSig']['hex'] = self::_apply_sig_pubkeyhash(self::encode_signature($sign), $key_info['public_key']);
}
$req_sigs++;
}
}
}
$new_raw = self::encode($decode);
// If the transaction isn't fully signed, return false.
// If it's fully signed, perform signature verification, return true if valid, or invalid if signatures are incorrect.
$complete = $req_sigs - $sign_count == 0 ? self::validate_signed_transaction($new_raw, $inputs, $magic_byte) == TRUE ? 'true' : 'false' : 'false';
return array('hex' => $new_raw, 'complete' => $complete);
}
/**
* Generate a new private key
*
* @author Jacob Bruce
* @return string
* @access public
*/
public static function getNewPrivKey()
{
$g = SECcurve::generator_secp256k1();
$n = $g->getOrder();
do {
if (extension_loaded('gmp') && USE_EXT == 'GMP') {
$privKey = gmp_Utils::gmp_random($n);
} else {
if (extension_loaded('bcmath') && USE_EXT == 'BCMATH') {
$privKey = bcmath_Utils::bcrand(1, $n);
}
}
$privKeyHex = self::encodeHex($privKey);
} while ($privKey < 1 || strlen($privKeyHex) > 64);
return str_pad($privKeyHex, 64, '0', STR_PAD_LEFT);
}
/**
* Validate WIF
*
* This function validates that a WIFs checksum validates, and that
* the private key is a valid number within the range 1 - n
*
* $ver is unused at the moment.
*
* @param string $wif
* @param string $ver
* @return boolean
*/
public static function validate_WIF($wif, $ver = null)
{
$hex = self::base58_decode($wif);
// Learn checksum
$crc = substr($hex, -8);
$hex = substr($hex, 0, -8);
// Learn version
$version = substr($hex, 0, 2);
$hex = substr($hex, 2);
if ($ver !== NULL && $ver !== $version) {
return FALSE;
}
// Determine if pubkey is compressed
$compressed = FALSE;
if (strlen($hex) == 66 && substr($hex, 64, 2) == '01') {
$compressed = TRUE;
$hex = substr($hex, 0, 64);
}
// Check private key within limit.
$g = \SECcurve::generator_secp256k1();
$n = $g->getOrder();
if (gmp_strval(gmp_init($hex, 16), 10) >= $n) {
return FALSE;
}
// Calculate checksum for what we have, see if it matches.
$checksum = self::hash256($version . $hex . ($compressed ? '01' : ''));
$checksum = substr($checksum, 0, 8);
return $checksum == $crc;
}
public function decompress_public_key($key)
{
// Initialize
$y_byte = substr($key, 0, 2);
$x_coordinate = substr($key, 2);
// Set variables
$x = gmp_strval(gmp_init($x_coordinate, 16), 10);
$curve = SECcurve::curve_secp256k1();
$generator = SECcurve::generator_secp256k1();
// Decode
try {
$x3 = NumberTheory::modular_exp($x, 3, $curve->getPrime());
$y2 = gmp_add($x3, $curve->getB());
$y0 = NumberTheory::square_root_mod_prime(gmp_strval($y2, 10), $curve->getPrime());
if ($y0 === false) {
return false;
}
$y1 = gmp_strval(gmp_sub($curve->getPrime(), $y0), 10);
$y_coordinate = $y_byte == '02' ? gmp_Utils::gmp_mod2(gmp_init($y0, 10), 2) == '0' ? $y0 : $y1 : (gmp_Utils::gmp_mod2(gmp_init($y0, 10), 2) !== '0' ? $y0 : $y1);
$y_coordinate = str_pad(gmp_strval($y_coordinate, 16), 64, '0', STR_PAD_LEFT);
$point = new Point($curve, gmp_strval(gmp_init($x_coordinate, 16), 10), gmp_strval(gmp_init($y_coordinate, 16), 10), $generator->getOrder());
} catch (Exception $e) {
return false;
}
// Return
return array('x' => $x_coordinate, 'y' => $y_coordinate, 'point' => $point, 'public_key' => '04' . $x_coordinate . $y_coordinate);
}
/**
* Public Key From MPK
*
* This function is used to generate a public key from the supplied
* $mpk - the master public key, and an $iteration indicating which
* address in the sequence should be generated.
*
* @param string $mpk
* @param int $iteration
* @return string
*/
public static function public_key_from_mpk($mpk, $iteration, $change = 0, $compressed = FALSE)
{
$change = $change == 0 ? '0' : '1';
// Generate the curve, and the generator point.
$curve = \SECcurve::curve_secp256k1();
$gen = \SECcurve::generator_secp256k1();
// Prepare the input values, by converting the MPK to X and Y coordinates
$x = gmp_init(substr($mpk, 0, 64), 16);
$y = gmp_init(substr($mpk, 64, 64), 16);
// Generate a scalar from the $iteration and $mpk
$z = gmp_init(hash('sha256', hash('sha256', "{$iteration}:{$change}:" . pack('H*', $mpk), TRUE)), 16);
try {
// Add the Point defined by $x and $y, to the result of EC multiplication of $z by $gen
$pt = \Point::add(new \Point($curve, $x, $y), \Point::mul($z, $gen));
// Generate the uncompressed public key.
$keystr = '04' . str_pad(gmp_strval($pt->x, 16), 64, '0', STR_PAD_LEFT) . str_pad(gmp_strval($pt->y, 16), 64, '0', STR_PAD_LEFT);
} catch (Exception $e) {
throw new ErrorException($e->getMessage());
}
return $compressed == TRUE ? BitcoinLib::compress_public_key($keystr) : $keystr;
}
/**
* Check Valid HMAC Key
*
* This function checks that the generated private keys meet the standard
* for private keys, as imposed by the secp256k1 curve. The key can't
* be zero, nor can it >= $n, which is the order of the secp256k1
* curve. Returning false trigger an error, or cause the program to
* increase the address number and rerun the CKD function.
*
* @param string $key
* @return boolean
*/
public static function check_valid_hmac_key($key)
{
$g = \SECcurve::generator_secp256k1();
$n = $g->getOrder();
// initialize the key as a base 16 number.
$g_l = gmp_init($key, 16);
// compare it to zero
$_equal_zero = gmp_cmp($g_l, gmp_init(0, 10));
// compare it to the order of the curve
$_GE_n = gmp_cmp($g_l, $n);
if ($_equal_zero == 0 || $_GE_n == 1 || $_GE_n == 0) {
return FALSE;
}
// Check for invalid data // Exception?
return TRUE;
}
public function validate_signature($sig, $hash, $key)
{
// Initialize
$signature = $this->decode_signature($sig);
$test_signature = new Signature(gmp_init($signature['r'], 16), gmp_init($signature['s'], 16));
$generator = SECcurve::generator_secp256k1();
$curve = $generator->getCurve();
// Check key
if (strlen($key) == '66') {
$client = new BIP32();
$decompress = $client->decompress_public_key($key);
$public_key_point = $decompress['point'];
} else {
$x = gmp_strval(gmp_init(substr($key, 2, 64), 16), 10);
$y = gmp_strval(gmp_init(substr($key, 66, 64), 16), 10);
$public_key_point = new Point($curve, $x, $y, $generator->getOrder());
}
// Get hash
$public_key = new PublicKey($generator, $public_key_point);
$hash = gmp_init($hash, 16);
// Return
return $public_key->verifies($hash, $test_signature) === true;
}
