RubyGems - block_io - Versions diffs - 2.0.0 → 3.0.3 - Mend

block_io 2.0.0 → 3.0.3

Files changed (115) hide show

data/lib/block_io/helper.rb CHANGED Viewed

@@ -2,61 +2,215 @@ module BlockIo
   class Helper
-    def self.signData(inputs, keys)
-      # sign the given data with the given keys
+    LEGACY_DECRYPTION_ALGORITHM = {
+      :pbkdf2_salt => "",
+      :pbkdf2_iterations => 2048,
+      :pbkdf2_hash_function => "SHA256",
+      :pbkdf2_phase1_key_length => 16,
+      :pbkdf2_phase2_key_length => 32,
+      :aes_iv => nil,
+      :aes_cipher => "AES-256-ECB",
+      :aes_auth_tag => nil,
+      :aes_auth_data => nil
+    }
+    def self.allSignaturesPresent?(tx, inputs, signatures, input_address_data)
+      # returns true if transaction has all signatures present
+      all_signatures_present = false
-      raise Exception.new("Keys object must be a hash or array containing the appropriate keys.") unless keys.size >= 1
+      inputs.each do |input|
+        # check if each input has its required signatures
+        spending_address = input['spending_address']
+        current_input_address_data = input_address_data.detect{|x| x['address'] == spending_address}
+        required_signatures = current_input_address_data['required_signatures']
+        public_keys = current_input_address_data['public_keys']
-      signatures_added = false
-      # create a dictionary of keys we have
-      # saves the next loop from being O(n^3)
-      hkeys = (keys.is_a?(Hash) ? keys : keys.inject({}){|h,v| h[v.public_key] = v; h})
-      odata = []
+        signatures_present = signatures.map{|x| x if x['input_index'] == input['input_index']}.compact.inject({}){|h,v| h[v['public_key']] = v['signature']; h}
+        # break the loop if all signatures are not present for this input
+        all_signatures_present = (signatures_present.keys.size >= required_signatures)
+        break unless all_signatures_present
+      end
+      all_signatures_present
-      # saves the next loop from being O(n^2)
-      inputs.each{|input| odata << input["data_to_sign"]; odata << input["signatures_needed"]; odata.push(*input["signers"])}
+    end
+    def self.isSegwitAddressType?(address_type)
-      data_to_sign = nil
-      signatures_needed = nil
+      case address_type
+      when /^P2WPKH(-over-P2SH)?$/
+        true
+      when /^P2WSH(-over-P2SH)?$/
+        true
+      when /^WITNESS_V(\d)$/
+        true
+      else
+        false
+      end
+    end
+    def self.finalizeTransaction(tx, inputs, signatures, input_address_data)
+      # append signatures to the transaction and return its hexadecimal representation
-      while !(cdata = odata.shift).nil? do
-        # O(n)
+      inputs.each do |input|
+        # for each input
+        signatures_present = signatures.map{|x| x if x['input_index'] == input['input_index']}.compact.inject({}){|h,v| h[v['public_key']] = v['signature']; h}
+        address_data = input_address_data.detect{|x| x['address'] == input['spending_address']} # contains public keys (ordered) and the address type
+        input_index = input['input_index']
+        is_segwit = isSegwitAddressType?(address_data['address_type'])
+        script_stack = (is_segwit ? tx.in[input_index].script_witness.stack : tx.in[input_index].script_sig)
-        if cdata.is_a?(String) then
-          # this is data to sign
+        if ['P2PKH', 'P2WPKH', 'P2WPKH-over-P2SH'].include?(address_data['address_type']) then
+          # P2PKH will use script_sig as script_stack
+          # P2WPKH input, or P2WPKH-over-P2SH input will use script_witness.stack as script_stack
-          # make a copy of this
-          data_to_sign = '' << cdata
+          current_public_key = address_data['public_keys'][0]
+          current_signature = signatures_present[current_public_key]
-          # number of signatures needed
-          signatures_needed = 0 + odata.shift
+          # no blank push necessary for P2PKH, P2WPKH, P2WPKH-over-P2SH
+          script_stack << ([current_signature].pack("H*") + [Bitcoin::SIGHASH_TYPE[:all]].pack('C'))
+          script_stack << [current_public_key].pack("H*")
-        else
-          # add signatures if necessary
-          # dTrust required signatures may be lower than number of keys provided
-          if hkeys.key?(cdata["signer_public_key"]) and signatures_needed > 0 and cdata["signed_data"].nil? then
-            cdata["signed_data"] = hkeys[cdata["signer_public_key"]].sign(data_to_sign)
-            signatures_needed -= 1
-            signatures_added ||= true
+          # P2WPKH-over-P2SH required script_sig still
+          tx.in[input_index].script_sig << (
+            Bitcoin::Script.to_p2wpkh(
+              Bitcoin::Key.new(:pubkey => current_public_key, :key_type => Bitcoin::Key::TYPES[:compressed]).hash160 # hash160 of the compressed pubkey
+            ).to_payload
+          ) if address_data['address_type'] == "P2WPKH-over-P2SH"
+        elsif ['P2SH', 'WITNESS_V0', 'P2WSH-over-P2SH'].include?(address_data['address_type']) then
+          # P2SH will use script_sig as script_stack
+          # P2WSH or P2WSH-over-P2SH input will use script_witness.stack as script_stack
+          script = Bitcoin::Script.to_p2sh_multisig_script(address_data['required_signatures'], address_data['public_keys'])
+          script_stack << '' # blank push for scripthash always
+          signatures_added = 0
+          address_data['public_keys'].each do |public_key|
+            next unless signatures_present.key?(public_key)
+            # append signatures, no sighash needed, in correct order of public keys
+            current_signature = signatures_present[public_key]
+            script_stack << ([current_signature].pack("H*") + [Bitcoin::SIGHASH_TYPE[:all]].pack('C'))
+            signatures_added += 1
+            # required signatures added? break loop and move on
+            break if signatures_added == address_data['required_signatures']
           end
+          script_stack << script.last.to_payload
+          # P2WSH-over-P2SH needs script_sig populated still
+          tx.in[input_index].script_sig << Bitcoin::Script.to_p2wsh(script.last).to_payload if address_data['address_type'] == "P2WSH-over-P2SH"
+        else
+          raise "Unrecognized input address: #{address_data['address_type']}"
         end
+      end
+      tx.to_hex
+    end
+    def self.getSigHashForInput(tx, input_index, input_data, input_address_data)
+      # returns the sighash for the given input in bytes
+      address_type = input_address_data["address_type"]
+      input_value = (BigDecimal(input_data['input_value']) * BigDecimal(100000000)).to_i # in sats
+      sighash = nil
+      if address_type == "P2SH" then
+        # P2SH addresses
+        script = Bitcoin::Script.to_p2sh_multisig_script(input_address_data["required_signatures"], input_address_data["public_keys"])
+        sighash = tx.sighash_for_input(input_index, script.last)
+      elsif address_type == "P2WSH-over-P2SH" or address_type == "WITNESS_V0" then
+        # P2WSH-over-P2SH addresses
+        # WITNESS_V0 addresses
+        script = Bitcoin::Script.to_p2sh_multisig_script(input_address_data["required_signatures"], input_address_data["public_keys"])
+        sighash = tx.sighash_for_input(input_index, script.last, amount: input_value, sig_version: :witness_v0)
+      elsif address_type == "P2WPKH-over-P2SH" or address_type == "P2WPKH" then
+        # P2WPKH-over-P2SH addresses
+        # P2WPKH addresses
+        pub_key = Bitcoin::Key.new(:pubkey => input_address_data['public_keys'].first, :key_type => Bitcoin::Key::TYPES[:compressed]) # compressed
+        script = Bitcoin::Script.to_p2wpkh(pub_key.hash160)
+        sighash = tx.sighash_for_input(input_index, script, amount: input_value, sig_version: :witness_v0)
+      elsif address_type == "P2PKH" then
+        # P2PKH addresses
+        pub_key = Bitcoin::Key.new(:pubkey => input_address_data['public_keys'].first, :key_type => Bitcoin::Key::TYPES[:compressed]) # compressed
+        script = Bitcoin::Script.to_p2pkh(pub_key.hash160)
+        sighash = tx.sighash_for_input(input_index, script)
+      else
+        raise "Unrecognize address type: #{address_type}"
       end
-      signatures_added
+      sighash
     end
-    def self.extractKey(encrypted_data, b64_enc_key, use_low_r = true)
+    def self.getDecryptionAlgorithm(user_key_algorithm = nil)
+      # mainly used so existing unit tests do not break
+      algorithm = ({}).merge(LEGACY_DECRYPTION_ALGORITHM)
+      if !user_key_algorithm.nil? then
+        algorithm[:pbkdf2_salt] = user_key_algorithm['pbkdf2_salt']
+        algorithm[:pbkdf2_iterations] = user_key_algorithm['pbkdf2_iterations']
+        algorithm[:pbkdf2_hash_function] = user_key_algorithm['pbkdf2_hash_function']
+        algorithm[:pbkdf2_phase1_key_length] = user_key_algorithm['pbkdf2_phase1_key_length']
+        algorithm[:pbkdf2_phase2_key_length] = user_key_algorithm['pbkdf2_phase2_key_length']
+        algorithm[:aes_iv] = user_key_algorithm['aes_iv']
+        algorithm[:aes_cipher] = user_key_algorithm['aes_cipher']
+        algorithm[:aes_auth_tag] = user_key_algorithm['aes_auth_tag']
+        algorithm[:aes_auth_data] = user_key_algorithm['aes_auth_data']
+      end
+      algorithm
+    end
+    def self.dynamicExtractKey(user_key, pin)
+      # user_key object contains the encrypted user key and decryption algorithm
+      algorithm = self.getDecryptionAlgorithm(user_key['algorithm'])
+      aes_key = self.pinToAesKey(pin, algorithm[:pbkdf2_iterations],
+                                 algorithm[:pbkdf2_salt],
+                                 algorithm[:pbkdf2_hash_function],
+                                 algorithm[:pbkdf2_phase1_key_length],
+                                 algorithm[:pbkdf2_phase2_key_length])
+      decrypted = self.decrypt(user_key['encrypted_passphrase'], aes_key, algorithm[:aes_iv], algorithm[:aes_cipher], algorithm[:aes_auth_tag], algorithm[:aes_auth_data])
+      Key.from_passphrase(decrypted)
+    end
+    def self.extractKey(encrypted_data, b64_enc_key)
       # passphrase is in plain text
       # encrypted_data is in base64, as it was stored on Block.io
       # returns the private key extracted from the given encrypted data
       decrypted = self.decrypt(encrypted_data, b64_enc_key)
-      Key.from_passphrase(decrypted, use_low_r)
+      Key.from_passphrase(decrypted)
     end
@@ -65,24 +219,25 @@ module BlockIo
       OpenSSL::Digest::SHA256.digest(value).unpack("H*")[0]
     end
-    def self.pinToAesKey(secret_pin, iterations = 2048)
+    def self.pinToAesKey(secret_pin, iterations = 2048, salt = "", hash_function = "SHA256", pbkdf2_phase1_key_length = 16, pbkdf2_phase2_key_length = 32)
       # converts the pincode string to PBKDF2
       # returns a base64 version of PBKDF2 pincode
-      salt = ""
+      raise Exception.new("Unknown hash function specified. Are you using current version of this library?") unless hash_function == "SHA256"
       part1 = OpenSSL::PKCS5.pbkdf2_hmac(
         secret_pin,
-        "",
-        1024,
-        128/8,
+        salt,
+        iterations/2,
+        pbkdf2_phase1_key_length,
         OpenSSL::Digest::SHA256.new
       ).unpack("H*")[0]
       part2 = OpenSSL::PKCS5.pbkdf2_hmac(
         part1,
-        "",
-        1024,
-        256/8,
+        salt,
+        iterations/2,
+        pbkdf2_phase2_key_length,
         OpenSSL::Digest::SHA256.new
       ) # binary
@@ -90,22 +245,20 @@ module BlockIo
     end
-    def self.low_r?(r)
-      # https://github.com/bitcoin/bitcoin/blob/v0.20.0/src/key.cpp#L207
-      h = r.scan(/../)
-      h[3].to_i(16) == 32 and h[4].to_i(16) < 0x80
-    end
     # Decrypts a block of data (encrypted_data) given an encryption key
-    def self.decrypt(encrypted_data, b64_enc_key, iv = nil, cipher_type = "AES-256-ECB")
+    def self.decrypt(encrypted_data, b64_enc_key, iv = nil, cipher_type = "AES-256-ECB", auth_tag = nil, auth_data = nil)
+      raise Exception.new("Auth tag must be 16 bytes exactly.") unless auth_tag.nil? or auth_tag.size == 32
       response = nil
       begin
-        aes = OpenSSL::Cipher.new(cipher_type)
+        aes = OpenSSL::Cipher.new(cipher_type.downcase)
         aes.decrypt
         aes.key = b64_enc_key.unpack("m0")[0]
-        aes.iv = iv unless iv.nil?
+        aes.iv = [iv].pack("H*") unless iv.nil?
+        aes.auth_tag = [auth_tag].pack("H*") unless auth_tag.nil?
+        aes.auth_data = [auth_data].pack("H*") unless auth_data.nil?
         response = aes.update(encrypted_data.unpack("m0")[0]) << aes.final
       rescue Exception => e
         # decryption failed, must be an invalid Secret PIN
@@ -116,12 +269,17 @@ module BlockIo
     end
     # Encrypts a block of data given an encryption key
-    def self.encrypt(data, b64_enc_key, iv = nil, cipher_type = "AES-256-ECB")
-      aes = OpenSSL::Cipher.new(cipher_type)
+    def self.encrypt(data, b64_enc_key, iv = nil, cipher_type = "AES-256-ECB", auth_data = nil)
+      aes = OpenSSL::Cipher.new(cipher_type.downcase)
       aes.encrypt
       aes.key = b64_enc_key.unpack("m0")[0]
-      aes.iv = iv unless iv.nil?
-      [aes.update(data) << aes.final].pack("m0")
+      aes.iv = [iv].pack("H*") unless iv.nil?
+      aes.auth_data = [auth_data].pack("H*") unless auth_data.nil?
+      result = [aes.update(data) << aes.final].pack("m0")
+      auth_tag = (cipher_type.end_with?("-GCM") ? aes.auth_tag.unpack("H*")[0] : nil)
+      {:aes_auth_tag => auth_tag, :aes_cipher_text => result, :aes_iv => iv, :aes_cipher => cipher_type, :aes_auth_data => auth_data}
     end
     # courtesy bitcoin-ruby

data/lib/block_io/key.rb CHANGED Viewed

@@ -2,67 +2,18 @@ module BlockIo
   class Key
-    def initialize(privkey = nil, use_low_r = true, compressed = true)
-      # the privkey must be in hex if at all provided
-      @group = ECDSA::Group::Secp256k1
-      @private_key = (privkey.nil? ? (1 + SecureRandom.random_number(@group.order - 1)) : privkey.to_i(16))
-      @public_key = @group.generator.multiply_by_scalar(@private_key)
-      @compressed = compressed
-      @use_low_r = use_low_r
-    end
-    def private_key
-      # returns private key in hex form
-      @private_key.to_s(16)
-    end
-    def public_key
-      # returns the compressed form of the public key to save network fees (shorter scripts)
-      # hex form
-      ECDSA::Format::PointOctetString.encode(@public_key, compression: @compressed).unpack("H*")[0]
+    def self.generate
+      # returns a new key
+      Bitcoin::Key.generate(Bitcoin::Key::TYPES[:compressed]) # compressed
     end
-    def sign(data)
-      # sign the given hexadecimal string
-      counter = 0
-      signature = nil
-      loop do
-        # first this we get K, it's without extra entropy
-        # second time onwards, with extra entropy
-        nonce = Key.deterministicGenerateK([data].pack("H*"), @private_key, counter) # RFC6979
-        signature = ECDSA.sign(@group, @private_key, data.to_i(16), nonce)
-        r, s = signature.components
-        # BIP0062 -- use lower S values only
-        over_two = @group.order >> 1 # half of what it was
-        s = @group.order - s if (s > over_two)
-        signature = ECDSA::Signature.new(r, s)
-        # DER encode this, and return it in hex form
-        signature = ECDSA::Format::SignatureDerString.encode(signature).unpack("H*")[0]
-        break if !@use_low_r or Helper.low_r?(signature)
-        counter += 1
-      end
-      signature
-    end
-    def valid_signature?(signature, data)
-      ECDSA.valid_signature?(@public_key, [data].pack("H*"), ECDSA::Format::SignatureDerString.decode([signature].pack("H*")))
+    def self.from_private_key_hex(priv_key_hex)
+      # returns Bitcoin::Key (compressed)
+      # quirky behavior from bitcoinrb 0.7.0: use IntegerOctetString.encode on private key (integer) first
+      Bitcoin::Key.new(:priv_key => ECDSA::Format::IntegerOctetString.encode(priv_key_hex.to_i(16), 32).bth, :key_type => Bitcoin::Key::TYPES[:compressed])
     end
-    def self.from_passphrase(passphrase, use_low_r = true)
+    def self.from_passphrase(passphrase)
       # ATTENTION: use BlockIo::Key.new to generate new private keys. Using passphrases is not recommended due to lack of / low entropy.
       # create a private/public key pair from a given passphrase
       # use a long, random passphrase. your security depends on the passphrase's entropy.
@@ -72,78 +23,14 @@ module BlockIo
       hashed_key = Helper.sha256([passphrase].pack("H*")) # must pass bytes to sha256
       # modding is for backward compatibility with legacy bitcoinjs
-      Key.new((hashed_key.to_i(16) % ECDSA::Group::Secp256k1.order).to_s(16), use_low_r)
+      BlockIo::Key.from_private_key_hex((hashed_key.to_i(16) % ECDSA::Group::Secp256k1.order).to_s(16))
     end
-    def self.from_wif(wif, use_low_r = true)
+    def self.from_wif(wif)
       # returns a new key extracted from the Wallet Import Format provided
-      # TODO check against checksum
-      hexkey = Helper.decode_base58(wif)
-      actual_key = hexkey[2...66]
-      compressed = hexkey[2..hexkey.length].length-8 > 64 and hexkey[2..hexkey.length][64...66] == "01"
-      Key.new(actual_key, use_low_r, compressed)
-    end
-    private
-    def self.isPositive(i)
-      sig = "!+-"[i <=> 0]
-      sig.eql?("+")
-    end
-    def self.deterministicGenerateK(data, privkey, extra_entropy = nil, group = ECDSA::Group::Secp256k1)
-      # returns a deterministic K  -- RFC6979
-      hash = data.bytes.to_a
-      x = [privkey.to_s(16)].pack("H*").bytes.to_a
-      k = [0] * 32
-      v = [1] * 32
-      e = (extra_entropy.to_i <= 0 ? [] : [extra_entropy.to_s(16).rjust(64,"0").scan(/../).reverse.join].pack("H*").bytes.to_a)
-      # step D
-      k_data = [v, [0], x, hash, e]
-      k_data.flatten!
-      k = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), k.pack("C*"), k_data.pack("C*")).bytes.to_a
-      # step E
-      v = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), k.pack("C*"), v.pack("C*")).bytes.to_a
-      # step F
-      k_data = [v, [1], x, hash, e]
-      k_data.flatten!
-      k = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), k.pack("C*"), k_data.pack("C*")).bytes.to_a
-      # step G
-      v = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), k.pack("C*"), v.pack("C*")).bytes.to_a
-      # step H2b (Step H1/H2a ignored)
-      v = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), k.pack("C*"), v.pack("C*")).bytes.to_a
-      h2b = v.pack("C*").unpack("H*")[0]
-      tNum = h2b.to_i(16)
-      # step H3
-      while (!isPositive(tNum) or tNum >= group.order) do
-        # k = crypto.HmacSHA256(Buffer.concat([v, new Buffer([0])]), k)
-        k_data = [v, [0]]
-        k_data.flatten!
-        k = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), k.pack("C*"), k_data.pack("C*")).bytes.to_a
-        # v = crypto.HmacSHA256(v, k)
-        v = OpenSSL::HMAC.digest(OpenSSL::Digest.new('sha256'), k.pack("C*"), v.pack("C*")).bytes.to_a
-        # T = BigInteger.fromBuffer(v)
-        tNum = v.pack("C*").unpack("H*")[0].to_i(16)
-      end
+      Bitcoin::Key.from_wif(wif)
-      tNum
     end
   end

data/lib/block_io/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module BlockIo
-  VERSION = "2.0.0"
+  VERSION = "3.0.3"
 end

data/lib/block_io.rb CHANGED Viewed

@@ -1,15 +1,16 @@
 require "http"
 require "oj"
-require "ecdsa"
+require "bitcoin"
 require "openssl"
 require "securerandom"
 require "connection_pool"
 require_relative "block_io/version"
-require_relative "block_io/constants"
 require_relative "block_io/helper"
 require_relative "block_io/key"
 require_relative "block_io/client"
+require_relative "block_io/api_exception"
+require_relative "block_io/extended_bitcoinrb"
 module BlockIo

data/spec/client_misc_spec.rb ADDED Viewed

@@ -0,0 +1,76 @@
+require 'securerandom'
+describe "Client" do
+  before(:each) do
+    @api_key = "0000-0000-0000-0000"
+    @req_params = {:to_address => "QTLcyTFrH7T6kqUsi1VV2mJVXmX3AmwUNH", :amounts => "0.248"}
+    @headers = {
+      'Accept' => 'application/json',
+      'Connection' => 'Keep-Alive',
+      'Content-Type' => 'application/json; charset=UTF-8',
+      'Host' => 'block.io',
+      'User-Agent' => "gem:block_io:#{BlockIo::VERSION}"
+    }
+    @prepare_transaction_response = File.new("spec/test-cases/json/prepare_transaction_response_with_blockio_fee_and_expected_unsigned_txid.json").read
+    @stub1 = stub_request(:post, "https://block.io/api/v2/prepare_transaction").
+               with(
+                 body: @req_params.merge({:api_key => @api_key}).to_json,
+                 headers: @headers).
+               to_return(status: 200, body: @prepare_transaction_response, headers: {})
+    @create_and_sign_transaction_response = File.new("spec/test-cases/json/create_and_sign_transaction_response_with_blockio_fee_and_expected_unsigned_txid.json").read
+    @summarize_prepared_transaction_response = File.new("spec/test-cases/json/summarize_prepared_transaction_response_with_blockio_fee_and_expected_unsigned_txid.json").read
+    @insecure_pin_valid = "d1650160bd8d2bb32bebd139d0063eb6063ffa2f9e4501ad" # still insecure, don't use this!
+    @insecure_pin_invalid = "blockiotestpininsecure"
+  end
+  context "summarize_prepare_transaction" do
+    before(:each) do
+      @blockio = BlockIo::Client.new(:api_key => @api_key, :pin => @insecure_pin_valid)
+    end
+    it "success" do
+      @blockio.prepare_transaction(@req_params)
+      expect(@stub1).to have_been_requested.times(1)
+      expect(@blockio.summarize_prepared_transaction(Oj.safe_load(@prepare_transaction_response))).to eq(Oj.safe_load(@summarize_prepared_transaction_response))
+      expect(@blockio.create_and_sign_transaction(Oj.safe_load(@prepare_transaction_response))).to eq(Oj.safe_load(@create_and_sign_transaction_response))
+    end
+  end
+  context "create_and_sign_transaction_with_invalid_expected_unsigned_txid" do
+    before(:each) do
+      @blockio = BlockIo::Client.new(:api_key => @api_key, :pin => @insecure_pin_valid)
+    end
+    it "fails" do
+      @blockio.prepare_transaction(@req_params)
+      expect(@stub1).to have_been_requested.times(1)
+      @bad_response = Oj.safe_load(@prepare_transaction_response)
+      @bad_response['data']['expected_unsigned_txid'] = SecureRandom.hex(32)
+      expect{@blockio.create_and_sign_transaction(@bad_response)}.to raise_error(Exception, "Expected unsigned transaction ID mismatch. Please report this error to support@block.io.")
+    end
+  end
+end