money-tree-openssl 1.1

data/lib/money-tree/networks.rb

@@ -0,0 +1,35 @@
+module MoneyTree
+  NETWORKS =
+    begin
+      hsh = Hash.new do |_, key|
+        raise "#{key} is not a valid network!"
+      end.merge(
+        bitcoin: {
+          address_version: '00',
+          p2sh_version: '05',
+          p2sh_char: '3',
+          privkey_version: '80',
+          privkey_compression_flag: '01',
+          extended_privkey_version: "0488ade4",
+          extended_pubkey_version: "0488b21e",
+          compressed_wif_chars: %w(K L),
+          uncompressed_wif_chars: %w(5),
+          protocol_version: 70001
+        },
+        bitcoin_testnet: {
+          address_version: '6f',
+          p2sh_version: 'c4',
+          p2sh_char: '2',
+          privkey_version: 'ef',
+          privkey_compression_flag: '01',
+          extended_privkey_version: "04358394",
+          extended_pubkey_version: "043587cf",
+          compressed_wif_chars: %w(c),
+          uncompressed_wif_chars: %w(9),
+          protocol_version: 70001
+        }
+      )
+      hsh[:testnet3] = hsh[:bitcoin_testnet]
+      hsh
+    end
+end

data/lib/money-tree/node.rb

@@ -0,0 +1,302 @@
+module MoneyTree
+  class Node
+    include Support
+    extend Support
+    attr_reader :private_key, :public_key, :chain_code,
+      :is_private, :depth, :index, :parent
+
+    class PublicDerivationFailure < StandardError; end
+    class InvalidKeyForIndex < StandardError; end
+    class ImportError < StandardError; end
+    class PrivatePublicMismatch < StandardError; end
+
+    def initialize(opts = {})
+      opts.each { |k, v| instance_variable_set "@#{k}", v }
+    end
+
+    def self.from_bip32(address, has_version: true)
+      hex = from_serialized_base58 address
+      hex.slice!(0..7) if has_version
+      self.new({
+        depth: hex.slice!(0..1).to_i(16),
+        parent_fingerprint: hex.slice!(0..7),
+        index: hex.slice!(0..7).to_i(16),
+        chain_code: hex.slice!(0..63).to_i(16)
+      }.merge(parse_out_key(hex)))
+    end
+
+    def self.from_serialized_address(address)
+      puts 'Node.from_serialized_address is DEPRECATED. Please use .from_bip32 instead.'
+      from_bip32(address)
+    end
+
+    def self.parse_out_key(hex)
+      if hex.slice(0..1) == '00'
+        private_key = MoneyTree::PrivateKey.new(key: hex.slice(2..-1))
+        {
+          private_key: private_key,
+          public_key: MoneyTree::PublicKey.new(private_key)
+        }
+      elsif %w(02 03).include? hex.slice(0..1)
+        { public_key: MoneyTree::PublicKey.new(hex) }
+      else
+        raise ImportError, 'Public or private key data does not match version type'
+      end
+    end
+
+    def is_private?
+      index >= 0x80000000 || index < 0
+    end
+
+    def index_hex(i = index)
+      if i < 0
+        [i].pack('l>').unpack('H*').first
+      else
+        i.to_s(16).rjust(8, "0")
+      end
+    end
+
+    def depth_hex(depth)
+      depth.to_s(16).rjust(2, "0")
+    end
+
+    def private_derivation_message(i)
+      "\x00" + private_key.to_bytes + i_as_bytes(i)
+    end
+
+    def public_derivation_message(i)
+      public_key.to_bytes << i_as_bytes(i)
+    end
+
+    def i_as_bytes(i)
+      [i].pack('N')
+    end
+
+    def derive_private_key(i = 0)
+      message = i >= 0x80000000 || i < 0 ? private_derivation_message(i) : public_derivation_message(i)
+      hash = hmac_sha512 hex_to_bytes(chain_code_hex), message
+      left_int = left_from_hash(hash)
+      raise InvalidKeyForIndex, 'greater than or equal to order' if left_int >= MoneyTree::Key::ORDER # very low probability
+      child_private_key = (left_int + private_key.to_i) % MoneyTree::Key::ORDER
+      raise InvalidKeyForIndex, 'equal to zero' if child_private_key == 0 # very low probability
+      child_chain_code = right_from_hash(hash)
+      return child_private_key, child_chain_code
+    end
+
+    def derive_public_key(i = 0)
+      raise PrivatePublicMismatch if i >= 0x80000000
+      message = public_derivation_message(i)
+      hash = hmac_sha512 hex_to_bytes(chain_code_hex), message
+      left_int = left_from_hash(hash)
+      raise InvalidKeyForIndex, 'greater than or equal to order' if left_int >= MoneyTree::Key::ORDER # very low probability
+      factor = BN.new left_int.to_s
+
+      gen_point = public_key.uncompressed.group.generator.mul(factor)
+
+      sum_point_hex = MoneyTree::OpenSSLExtensions.add(gen_point, public_key.uncompressed.point)
+      child_public_key = OpenSSL::PKey::EC::Point.new(public_key.group, OpenSSL::BN.new(sum_point_hex, 16)).to_bn.to_i
+
+      raise InvalidKeyForIndex, 'at infinity' if child_public_key == 1/0.0 # very low probability
+      child_chain_code = right_from_hash(hash)
+      return child_public_key, child_chain_code
+    end
+
+    def left_from_hash(hash)
+      bytes_to_int hash.bytes.to_a[0..31]
+    end
+
+    def right_from_hash(hash)
+      bytes_to_int hash.bytes.to_a[32..-1]
+    end
+
+    def to_serialized_hex(type = :public, network: :bitcoin)
+      raise PrivatePublicMismatch if type.to_sym == :private && private_key.nil?
+      version_key = type.to_sym == :private ? :extended_privkey_version : :extended_pubkey_version
+      hex = NETWORKS[network][version_key] # version (4 bytes)
+      hex += depth_hex(depth) # depth (1 byte)
+      hex += parent_fingerprint # fingerprint of key (4 bytes)
+      hex += index_hex(index) # child number i (4 bytes)
+      hex += chain_code_hex
+      hex += type.to_sym == :private ? "00#{private_key.to_hex}" : public_key.compressed.to_hex
+    end
+
+    def to_bip32(type = :public, network: :bitcoin)
+      raise PrivatePublicMismatch if type.to_sym == :private && private_key.nil?
+      to_serialized_base58 to_serialized_hex(type, network: network)
+    end
+
+    def to_serialized_address(type = :public, network: :bitcoin)
+      puts 'Node.to_serialized_address is DEPRECATED. Please use .to_bip32.'
+      to_bip32(type, network: network)
+    end
+
+    def to_identifier(compressed=true)
+      key = compressed ? public_key.compressed : public_key.uncompressed
+      key.to_ripemd160
+    end
+
+    def to_fingerprint
+      public_key.compressed.to_fingerprint
+    end
+
+    def parent_fingerprint
+      if @parent_fingerprint
+        @parent_fingerprint
+      else
+        depth.zero? ? '00000000' : parent.to_fingerprint
+      end
+    end
+
+    def to_address(compressed=true, network: :bitcoin)
+      address = NETWORKS[network][:address_version] + to_identifier(compressed)
+      to_serialized_base58 address
+    end
+
+    def subnode(i = 0, opts = {})
+      if private_key.nil?
+        child_public_key, child_chain_code = derive_public_key(i)
+        child_public_key = MoneyTree::PublicKey.new child_public_key
+      else
+        child_private_key, child_chain_code = derive_private_key(i)
+        child_private_key = MoneyTree::PrivateKey.new key: child_private_key
+        child_public_key = MoneyTree::PublicKey.new child_private_key
+      end
+
+      MoneyTree::Node.new( depth: depth+1,
+                          index: i,
+                          private_key: private_key.nil? ? nil : child_private_key,
+                          public_key: child_public_key,
+                          chain_code: child_chain_code,
+                          parent: self)
+    end
+
+    # path: a path of subkeys denoted by numbers and slashes. Use
+    #     p or i<0 for private key derivation. End with .pub to force
+    #     the key public.
+    #
+    # Examples:
+    #     1p/-5/2/1 would call subkey(i=1, is_prime=True).subkey(i=-5).
+    #         subkey(i=2).subkey(i=1) and then yield the private key
+    #     0/0/458.pub would call subkey(i=0).subkey(i=0).subkey(i=458) and
+    #         then yield the public key
+    #
+    # You should choose either the p or the negative number convention for private key derivation.
+    def node_for_path(path)
+      force_public = path[-4..-1] == '.pub'
+      path = path[0..-5] if force_public
+      parts = path.split('/')
+      nodes = []
+      parts.each_with_index do |part, depth|
+        if part =~ /m/i
+          nodes << self
+        else
+          i = parse_index(part)
+          node = nodes.last || self
+          nodes << node.subnode(i)
+        end
+      end
+      if force_public or parts.first == 'M'
+        node = nodes.last
+        node.strip_private_info!
+        node
+      else
+        nodes.last
+      end
+    end
+
+    def parse_index(path_part)
+      is_prime = %w(p ').include? path_part[-1]
+      i = path_part.to_i
+
+      i = if i < 0
+        i
+      elsif is_prime
+        i | 0x80000000
+      else
+        i & 0x7fffffff
+      end
+    end
+
+    def strip_private_info!
+      @private_key = nil
+    end
+
+    def chain_code_hex
+      int_to_hex chain_code, 64
+    end
+  end
+
+  class Master < Node
+    module SeedGeneration
+      class Failure < Exception; end
+      class RNGFailure < Failure; end
+      class LengthFailure < Failure; end
+      class ValidityError < Failure; end
+      class ImportError < Failure; end
+      class TooManyAttempts < Failure; end
+    end
+
+    HD_WALLET_BASE_KEY = "Bitcoin seed"
+    RANDOM_SEED_SIZE = 32
+
+    attr_reader :seed, :seed_hash
+
+    def initialize(opts = {})
+      @depth = 0
+      @index = 0
+      opts[:seed] = [opts[:seed_hex]].pack("H*") if opts[:seed_hex]
+      if opts[:seed]
+        @seed = opts[:seed]
+        @seed_hash = generate_seed_hash(@seed)
+        raise SeedGeneration::ImportError unless seed_valid?(@seed_hash)
+        set_seeded_keys
+      elsif opts[:private_key] || opts[:public_key]
+        raise ImportError, 'chain code required' unless opts[:chain_code]
+        @chain_code = opts[:chain_code]
+        if opts[:private_key]
+          @private_key = opts[:private_key]
+          @public_key = MoneyTree::PublicKey.new @private_key
+        else opts[:public_key]
+          @public_key = if opts[:public_key].is_a?(MoneyTree::PublicKey)
+            opts[:public_key]
+          else
+            MoneyTree::PublicKey.new(opts[:public_key])
+          end
+        end
+      else
+        generate_seed
+        set_seeded_keys
+      end
+    end
+
+    def is_private?
+      true
+    end
+
+    def generate_seed
+      @seed = OpenSSL::Random.random_bytes(32)
+      @seed_hash = generate_seed_hash(@seed)
+      raise SeedGeneration::ValidityError unless seed_valid?(@seed_hash)
+    end
+
+    def generate_seed_hash(seed)
+      hmac_sha512 HD_WALLET_BASE_KEY, seed
+    end
+
+    def seed_valid?(seed_hash)
+      return false unless seed_hash.bytesize == 64
+      master_key = left_from_hash(seed_hash)
+      !master_key.zero? && master_key < MoneyTree::Key::ORDER
+    end
+
+    def set_seeded_keys
+      @private_key = MoneyTree::PrivateKey.new key: left_from_hash(seed_hash)
+      @chain_code = right_from_hash(seed_hash)
+      @public_key = MoneyTree::PublicKey.new @private_key
+    end
+
+    def seed_hex
+      bytes_to_hex(seed)
+    end
+  end
+end

data/lib/money-tree/support.rb

@@ -0,0 +1,127 @@
+require 'openssl'
+require 'base64'
+
+module MoneyTree
+  module Support
+    include OpenSSL
+    
+    INT32_MAX = 256 ** [1].pack("L*").size
+    INT64_MAX = 256 ** [1].pack("Q*").size
+    BASE58_CHARS = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"
+    
+    def int_to_base58(int_val, leading_zero_bytes=0)
+      base58_val, base = '', BASE58_CHARS.size
+      while int_val > 0
+        int_val, remainder = int_val.divmod(base)
+        base58_val = BASE58_CHARS[remainder] + base58_val
+      end
+      base58_val
+    end
+
+    def base58_to_int(base58_val)
+      int_val, base = 0, BASE58_CHARS.size
+      base58_val.reverse.each_char.with_index do |char,index|
+        raise ArgumentError, 'Value not a valid Base58 String.' unless char_index = BASE58_CHARS.index(char)
+        int_val += char_index*(base**index)
+      end
+      int_val
+    end
+
+    def encode_base58(hex)
+      leading_zero_bytes  = (hex.match(/^([0]+)/) ? $1 : '').size / 2
+      ("1"*leading_zero_bytes) + int_to_base58( hex.to_i(16) )
+    end
+
+    def decode_base58(base58_val)
+      s = base58_to_int(base58_val).to_s(16); s = (s.bytesize.odd? ? '0'+s : s)
+      s = '' if s == '00'
+      leading_zero_bytes = (base58_val.match(/^([1]+)/) ? $1 : '').size
+      s = ("00"*leading_zero_bytes) + s  if leading_zero_bytes > 0
+      s
+    end
+    alias_method :base58_to_hex, :decode_base58
+    
+    def to_serialized_base58(hex)
+      hash = sha256 hex
+      hash = sha256 hash
+      checksum = hash.slice(0..7)
+      address = hex + checksum
+      encode_base58 address
+    end
+    
+    def from_serialized_base58(base58)
+      hex = decode_base58 base58
+      checksum = hex.slice!(-8..-1)
+      compare_checksum = sha256(sha256(hex)).slice(0..7)
+      raise EncodingError unless checksum == compare_checksum
+      hex
+    end
+    
+    def digestify(digest_type, source, opts = {})
+      source = [source].pack("H*") unless opts[:ascii]
+      bytes_to_hex Digest.digest(digest_type, source)
+    end
+    
+    def sha256(source, opts = {})
+      digestify('SHA256', source, opts)
+    end
+    
+    def ripemd160(source, opts = {})
+      digestify('RIPEMD160', source, opts)
+    end
+    
+    def encode_base64(hex)
+      Base64.encode64([hex].pack("H*")).chomp
+    end
+    
+    def decode_base64(base64)
+      Base64.decode64(base64).unpack("H*")[0]
+    end
+    
+    def hmac_sha512(key, message)
+      digest = Digest::SHA512.new
+      HMAC.digest digest, key, message
+    end
+    
+    def hmac_sha512_hex(key, message)
+      md = hmac_sha512(key, message)
+      md.unpack("H*").first.rjust(64, '0')
+    end
+    
+    def bytes_to_int(bytes, base = 16)
+      if bytes.is_a?(Array)
+        bytes = bytes.pack("C*")
+      end
+      bytes.unpack("H*")[0].to_i(16)
+    end
+    
+    def int_to_hex(i, size=nil)
+      hex = i.to_s(16).downcase
+      if (hex.size % 2) != 0
+        hex = "#{0}#{hex}"
+      end
+
+      if size
+        hex.rjust(size, "0")
+      else
+        hex
+      end
+    end
+        
+    def int_to_bytes(i)
+      [int_to_hex(i)].pack("H*")
+    end
+    
+    def bytes_to_hex(bytes)
+      bytes.unpack("H*")[0].downcase
+    end
+    
+    def hex_to_bytes(hex)
+      [hex].pack("H*")
+    end
+    
+    def hex_to_int(hex)
+      hex.to_i(16)
+    end
+  end
+end

data/lib/money-tree/version.rb

@@ -0,0 +1,3 @@
+module MoneyTree
+  VERSION = "1.1"
+end

data/lib/money-tree.rb

@@ -0,0 +1,12 @@
+require "openssl_extensions"
+require "money-tree/version"
+require "money-tree/support"
+require "money-tree/networks"
+require "money-tree/key"
+require "money-tree/address"
+require "money-tree/networks"
+require "money-tree/node"
+
+module MoneyTree
+  
+end

data/lib/openssl_extensions.rb

@@ -0,0 +1,33 @@
+# encoding: ascii-8bit
+
+require 'openssl'
+
+module MoneyTree
+  module OpenSSLExtensions
+    def self.add(point_0, point_1)
+      validate_points(point_0, point_1)
+
+      group = OpenSSL::PKey::EC::Group.new('secp256k1')
+      
+      point_0_hex = point_0.to_bn.to_s(16)
+      point_0_pt = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(point_0_hex, 16))
+      point_1_hex = point_1.to_bn.to_s(16)
+      point_1_pt = OpenSSL::PKey::EC::Point.new(group, OpenSSL::BN.new(point_1_hex, 16))
+
+      sum_point = point_0_pt.add(point_1_pt)
+
+      sum_point.to_bn.to_s(16)
+    end
+
+    def self.validate_points(*points)
+      points.each do |point|
+        if !point.is_a?(OpenSSL::PKey::EC::Point)
+          raise ArgumentError, "point must be an OpenSSL::PKey::EC::Point object" 
+        elsif point.infinity?
+          raise ArgumentError, "point must not be infinity" 
+        end
+      end
+    end
+  end
+end
+

data/money-tree.gemspec

@@ -0,0 +1,38 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'money-tree/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = "money-tree-openssl"
+  spec.version       = MoneyTree::VERSION
+  spec.authors       = ["Micah Winkelspecht"]
+  spec.email         = ["winkelspecht@gmail.com"]
+  spec.description   = %q{A Ruby Gem implementation of Bitcoin HD Wallets (forked to remove ffi)}
+  spec.summary       = %q{Bitcoin Hierarchical Deterministic Wallets in Ruby! (Bitcoin standard BIP0032)}
+  spec.homepage      = "https://github.com/cte/money-tree"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ["lib"]
+
+  # used with gem install ... -P HighSecurity
+  # spec.cert_chain  = ["certs/mattatgemco.pem"]
+
+  # # Sign gem when evaluating spec with `gem` command
+  # #  unless ENV has set a SKIP_GEM_SIGNING
+  # if ($0 =~ /gem\z/) and not ENV.include?("SKIP_GEM_SIGNING")
+  #   spec.signing_key = File.join(Gem.user_home, ".ssh", "gem-private_key.pem")
+  # end
+
+  spec.add_dependency 'openssl', '>= 2.2'
+
+  spec.add_development_dependency "bundler"
+  spec.add_development_dependency "rake"
+  spec.add_development_dependency "rspec"
+  spec.add_development_dependency "simplecov"
+  spec.add_development_dependency "coveralls"
+  spec.add_development_dependency "pry"
+end

data/spec/lib/money-tree/address_spec.rb

@@ -0,0 +1,62 @@
+require 'spec_helper'
+
+describe MoneyTree::Address do
+  describe "initialize" do
+    it "generates a private key by default" do
+      address = MoneyTree::Address.new
+      expect(address.private_key.key.length).to eql(64)
+    end
+    
+    it "generates a public key by default" do
+      address = MoneyTree::Address.new
+      expect(address.public_key.key.length).to eql(66)
+    end
+        
+    it "imports a private key in hex form" do
+      address = MoneyTree::Address.new private_key: "5eae5375fb5f7a0ea650566363befa2830ef441bdcb19198adf318faee86d64b"
+      expect(address.private_key.key).to eql("5eae5375fb5f7a0ea650566363befa2830ef441bdcb19198adf318faee86d64b")
+      expect(address.public_key.key).to eql("022dfc2557a007c93092c2915f11e8aa70c4f399a6753e2e908330014091580e4b")
+      expect(address.to_s).to eql("13uVqa35BMo4mYq9LiZrXVzoz9EFZ6aoXe")
+      expect(address.private_key.to_s).to eql("KzPkwAXJ4wtXHnbamTaJqoMrzwCUUJaqhUxnqYhnZvZH6KhgmDPK")
+      expect(address.public_key.to_s).to eql("13uVqa35BMo4mYq9LiZrXVzoz9EFZ6aoXe")
+    end
+    
+    it "imports a private key in compressed wif format" do
+      address = MoneyTree::Address.new private_key: "KzPkwAXJ4wtXHnbamTaJqoMrzwCUUJaqhUxnqYhnZvZH6KhgmDPK"
+      expect(address.private_key.key).to eql("5eae5375fb5f7a0ea650566363befa2830ef441bdcb19198adf318faee86d64b")
+      expect(address.public_key.key).to eql("022dfc2557a007c93092c2915f11e8aa70c4f399a6753e2e908330014091580e4b")
+      expect(address.to_s).to eql("13uVqa35BMo4mYq9LiZrXVzoz9EFZ6aoXe")
+    end
+    
+    it "imports a private key in uncompressed wif format" do
+      address = MoneyTree::Address.new private_key: "5JXz5ZyFk31oHVTQxqce7yitCmTAPxBqeGQ4b7H3Aj3L45wUhoa"
+      expect(address.private_key.key).to eql("5eae5375fb5f7a0ea650566363befa2830ef441bdcb19198adf318faee86d64b")
+      expect(address.public_key.key).to eql("022dfc2557a007c93092c2915f11e8aa70c4f399a6753e2e908330014091580e4b")
+    end
+  end
+  
+  describe "to_s" do
+    before do
+      @address = MoneyTree::Address.new private_key: "5eae5375fb5f7a0ea650566363befa2830ef441bdcb19198adf318faee86d64b"
+    end
+    
+    it "returns compressed base58 public key" do
+      expect(@address.to_s).to eql("13uVqa35BMo4mYq9LiZrXVzoz9EFZ6aoXe")
+      expect(@address.public_key.to_s).to eql("13uVqa35BMo4mYq9LiZrXVzoz9EFZ6aoXe")
+    end
+    
+    it "returns compressed WIF private key" do
+      expect(@address.private_key.to_s).to eql("KzPkwAXJ4wtXHnbamTaJqoMrzwCUUJaqhUxnqYhnZvZH6KhgmDPK")
+    end
+  end
+
+  context "testnet3" do
+    before do
+      @address = MoneyTree::Address.new network: :bitcoin_testnet
+    end
+
+    it "returns a testnet address" do
+      expect(%w(m n)).to include(@address.to_s(network: :bitcoin_testnet)[0])
+    end
+  end
+end