secp256k1-ruby 0.4.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 9daded734687b356d4147443cafec3ebd9ce34389b359ada33187985126bda24
+  data.tar.gz: e47abb0c23075e7ab2e9cf49123fbf615ab8565761fba0cde772b8c199c475f4
+SHA512:
+  metadata.gz: 748ae0fe478678a849aee8884f19e8e8ba493fee30e3d8cd60c65479120718d30f4ff0a22134dec67fbf8487f199a9ad8edbe63da3604e55337e9fe1c3530f33
+  data.tar.gz: 26eacdf649584978df4433eb103eb6a35f512e4ccd31e52403f7baf741275f0218d2a32dfff00fcb7037b95ed9c736b65bffba9c5088e0e649c50b199d0adbb9

data/.gitignore

@@ -0,0 +1,9 @@
+/.bundle/
+/.yardoc
+/Gemfile.lock
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/

data/.gitmodules

@@ -0,0 +1,3 @@
+[submodule "secp256k1"]
+	path = secp256k1
+	url = https://github.com/bitcoin-core/secp256k1.git

data/.ruby-version

@@ -0,0 +1 @@
+2.5.0

data/Gemfile

@@ -0,0 +1,2 @@
+source 'https://rubygems.org'
+gemspec

data/LICENSE

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2016 Jan Xie
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

data/README.md

@@ -0,0 +1,28 @@
+# secp256k1-ruby
+
+## Prerequiste
+
+In order to use this gem, [libsecp256k1](https://github.com/bitcoin/secp256k1) with recovery module enabled must be in place.
+
+If you have cloned the project and in project root:
+
+```
+git submodule update --init --recursive
+./install_lib.sh
+```
+
+## Install
+
+```
+gem i secp256k1-ruby
+```
+
+Then `require 'secp256k1'` in your source code.
+
+## Usage
+
+Check [test](test) for examples.
+
+## LICENSE
+
+[MIT License](LICENSE)

data/Rakefile

@@ -0,0 +1,11 @@
+require 'rake/testtask'
+
+require 'bundler/gem_tasks'
+
+Rake::TestTask.new do |t|
+  t.libs += %w(lib test)
+  t.test_files = FileList['test/**/*_test.rb']
+  t.verbose = true
+end
+
+task default: [:test]

data/install_lib.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+pushd secp256k1
+./autogen.sh
+./configure --enable-module-recovery --enable-experimental --enable-module-ecdh
+make && sudo make install
+popd

data/lib/secp256k1.rb

@@ -0,0 +1,20 @@
+# -*- encoding : ascii-8bit -*-
+require 'secp256k1/version'
+require 'secp256k1/c'
+require 'secp256k1/utils'
+require 'secp256k1/ecdsa'
+require 'secp256k1/key'
+
+module Secp256k1
+
+  EC_COMPRESSED = C::Constants['SECP256K1_EC_COMPRESSED'].to_i
+  EC_UNCOMPRESSED = C::Constants['SECP256K1_EC_UNCOMPRESSED'].to_i
+
+  FLAG_SIGN = C::Constants['SECP256K1_CONTEXT_SIGN'].to_i
+  FLAG_VERIFY = C::Constants['SECP256K1_CONTEXT_VERIFY'].to_i
+  NO_FLAGS = C::Constants['SECP256K1_CONTEXT_NONE'].to_i
+  ALL_FLAGS = FLAG_SIGN | FLAG_VERIFY
+
+  class AssertError < StandardError; end
+
+end

data/lib/secp256k1/c.rb

@@ -0,0 +1,91 @@
+# -*- encoding : ascii-8bit -*-
+require 'ffi'
+require 'ffi/tools/const_generator'
+
+module Secp256k1
+  module C
+    extend FFI::Library
+
+    ffi_lib (ENV['LIBSECP256K1'] || 'libsecp256k1')
+
+    Constants = FFI::ConstGenerator.new('Secp256k1', required: true) do |gen|
+      gen.include 'secp256k1.h'
+
+      gen.const(:SECP256K1_EC_COMPRESSED)
+      gen.const(:SECP256K1_EC_UNCOMPRESSED)
+
+      gen.const(:SECP256K1_CONTEXT_SIGN)
+      gen.const(:SECP256K1_CONTEXT_VERIFY)
+      gen.const(:SECP256K1_CONTEXT_NONE)
+    end
+
+    class Pubkey < FFI::Struct
+      layout :data, [:uchar, 64]
+    end
+
+    class ECDSASignature < FFI::Struct
+      layout :data, [:uchar, 64]
+    end
+
+    class ECDSARecoverableSignature < FFI::Struct
+      layout :data, [:uchar, 65]
+    end
+
+    # secp256k1_context* secp256k1_context_create(unsigned int flags)
+    attach_function :secp256k1_context_create, [:uint], :pointer
+
+    # void secp256k1_context_destroy(secp256k1_context* ctx)
+    attach_function :secp256k1_context_destroy, [:pointer], :void
+
+    # int secp256k1_ec_pubkey_parse(const secp256k1_context* ctx, secp256k1_pubkey* pubkey, const unsigned char *input, size_t inputlen)
+    attach_function :secp256k1_ec_pubkey_parse, [:pointer, :pointer, :pointer, :size_t], :int
+
+    # int secp256k1_ec_pubkey_create(const secp256k1_context* ctx, secp256k1_pubkey *pubkey, const unsigned char *seckey)
+    attach_function :secp256k1_ec_pubkey_create, [:pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ec_pubkey_serialize(const secp256k1_context* ctx, unsigned char *output, size_t *outputlen, const secp256k1_pubkey *pubkey, unsigned int flags)
+    attach_function :secp256k1_ec_pubkey_serialize, [:pointer, :pointer, :pointer, :pointer, :uint], :int
+
+    # int secp256k1_ec_seckey_verify(const secp256k1_context* ctx, const unsigned char *seckey)
+    attach_function :secp256k1_ec_seckey_verify, [:pointer, :pointer], :int
+
+    # int secp256k1_ecdsa_signature_serialize_der(const secp256k1_context* ctx, unsigned char *output, size_t *outputlen, const secp256k1_ecdsa_signature* sig)
+    attach_function :secp256k1_ecdsa_signature_serialize_der, [:pointer, :pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ecdsa_signature_serialize_compact(const secp256k1_context* ctx, unsigned char *output64, const secp256k1_ecdsa_signature* sig)
+    attach_function :secp256k1_ecdsa_signature_serialize_compact, [:pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ecdsa_signature_parse_der(const secp256k1_context* ctx, secp256k1_ecdsa_signature* sig, const unsigned char *input, size_t inputlen)
+    attach_function :secp256k1_ecdsa_signature_parse_der, [:pointer, :pointer, :pointer, :size_t], :int
+
+    # int secp256k1_ecdsa_signature_parse_compact(const secp256k1_context* ctx, secp256k1_ecdsa_signature* sig, const unsigned char *input64)
+    attach_function :secp256k1_ecdsa_signature_parse_compact, [:pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ecdsa_sign(const secp256k1_context* ctx, secp256k1_ecdsa_signature *sig, const unsigned char *msg32, const unsigned char *seckey, secp256k1_nonce_function noncefp, const void *ndata)
+    attach_function :secp256k1_ecdsa_sign, [:pointer, :pointer, :pointer, :pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ecdsa_sign_recoverable(const secp256k1_context* ctx, secp256k1_ecdsa_recoverable_signature *sig, const unsigned char *msg32, const unsigned char *seckey, secp256k1_nonce_function noncefp, const void *ndata)
+    attach_function :secp256k1_ecdsa_sign_recoverable, [:pointer, :pointer, :pointer, :pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ecdsa_recover(const secp256k1_context* ctx, secp256k1_pubkey* pubkey, secp256k1_ecdsa_recoverable_signature *sig, const unsigned char *msg32)
+    attach_function :secp256k1_ecdsa_recover, [:pointer, :pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ecdsa_verify(const secp256k1_context *ctx, const secp256k1_ecdsa_signature *sig, const unsigned char *msg32, const secp256k1_pubkey *pubkey)
+    attach_function :secp256k1_ecdsa_verify, [:pointer, :pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ecdsa_signature_normalize(const secp256k1_context *ctx, const secp256k1_ecdsa_signature *sigout, const secp256k1_ecdsa_signature *sigin)
+    attach_function :secp256k1_ecdsa_signature_normalize, [:pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ecdsa_recoverable_signature_serialize_compact(const secp256k1_context *ctx, unsigned char *output64, int *recid, const secp256k1_ecdsa_recoverable_signature *sig)
+    attach_function :secp256k1_ecdsa_recoverable_signature_serialize_compact, [:pointer, :pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ecdsa_recoverable_signature_parse_compact(const secp256k1_context *ctx, secp256k1_ecdsa_recoverable_signature *sig, const unsigned char *input64, int recid)
+    attach_function :secp256k1_ecdsa_recoverable_signature_parse_compact, [:pointer, :pointer, :pointer, :int], :int
+
+    # int secp256k1_ecdsa_recoverable_signature_convert(const secp256k1_context *ctx, secp256k1_ecdsa_signature *sig, const secp256k1_ecdsa_recoverable_signature *sigin)
+    attach_function :secp256k1_ecdsa_recoverable_signature_convert, [:pointer, :pointer, :pointer], :int
+
+    # int secp256k1_ecdh(const secp256k1_context* ctx, unsigned char *result, const secp256k1_pubkey *point, const unsigned char *scalar)
+    attach_function :secp256k1_ecdh, [:pointer, :pointer, :pointer, :pointer], :int
+  end
+end

data/lib/secp256k1/ecdsa.rb

@@ -0,0 +1,102 @@
+# -*- encoding : ascii-8bit -*-
+module Secp256k1
+  module ECDSA
+
+    SIZE_SERIALIZED = 74
+    SIZE_COMPACT = 64
+
+    def ecdsa_serialize(raw_sig)
+      output = FFI::MemoryPointer.new(:uchar, SIZE_SERIALIZED)
+      outputlen = FFI::MemoryPointer.new(:size_t).put_uint(0, SIZE_SERIALIZED)
+
+      res = C.secp256k1_ecdsa_signature_serialize_der(@ctx, output, outputlen, raw_sig)
+      raise AssertError, "failed to seriazlie signature" unless res == 1
+
+      output.read_bytes(outputlen.read_uint)
+    end
+
+    def ecdsa_deserialize(ser_sig)
+      raw_sig = C::ECDSASignature.new.pointer
+
+      res = C.secp256k1_ecdsa_signature_parse_der(@ctx, raw_sig, ser_sig, ser_sig.size)
+      raise AssertError, "raw signature parse failed" unless res == 1
+
+      raw_sig
+    end
+
+    def ecdsa_serialize_compact(raw_sig)
+      output = FFI::MemoryPointer.new(:uchar, SIZE_COMPACT)
+
+      res = C.secp256k1_ecdsa_signature_serialize_compact(@ctx, output, raw_sig)
+      raise AssertError, "failed to seriazlie compact signature" unless res == 1
+
+      output.read_bytes(SIZE_COMPACT)
+    end
+
+    def ecdsa_deserialize_compact(ser_sig)
+      raise ArgumentError, 'invalid signature length' unless ser_sig.size == 64
+
+      raw_sig = C::ECDSASignature.new.pointer
+
+      res = C.secp256k1_ecdsa_signature_parse_compact(@ctx, raw_sig, ser_sig)
+      raise AssertError, "failed to deserialize compact signature" unless res == 1
+
+      raw_sig
+    end
+
+    ##
+    # Check and optionally convert a signature to a normalized lower-S form. If
+    # check_only is `true` then the normalized signature is not returned.
+    #
+    # This function always return a tuple containing a boolean (`true` if not
+    # previously normalized or `false` if signature was already normalized),
+    # and the normalized signature. When check_only is `true`, the normalized
+    # signature returned is always `nil`.
+    #
+    def ecdsa_signature_normalize(raw_sig, check_only: false)
+      sigout = check_only ? nil : C::ECDSASignature.new.pointer
+      res = C.secp256k1_ecdsa_signature_normalize(@ctx, sigout, raw_sig)
+      [res == 1, sigout]
+    end
+
+    def ecdsa_recover(msg, recover_sig, raw: false, digest: Digest::SHA256)
+      raise AssertError, 'instance not configured for ecdsa recover' if (@flags & ALL_FLAGS) != ALL_FLAGS
+
+      msg32 = hash32 msg, raw, digest
+      pubkey = C::Pubkey.new.pointer
+
+      res = C.secp256k1_ecdsa_recover(@ctx, pubkey, recover_sig, msg32)
+      raise AssertError, 'failed to recover ECDSA public key' unless res == 1
+
+      pubkey
+    end
+
+    def ecdsa_recoverable_serialize(recover_sig)
+      output = FFI::MemoryPointer.new :uchar, SIZE_COMPACT
+      recid = FFI::MemoryPointer.new :int
+
+      C.secp256k1_ecdsa_recoverable_signature_serialize_compact(@ctx, output, recid, recover_sig)
+
+      [output.read_bytes(SIZE_COMPACT), recid.read_int]
+    end
+
+    def ecdsa_recoverable_deserialize(ser_sig, rec_id)
+      raise ArgumentError, 'invalid rec_id' if rec_id < 0 || rec_id > 3
+      raise ArgumentError, 'invalid signature length' if ser_sig.size != 64
+
+      recover_sig = C::ECDSARecoverableSignature.new.pointer
+
+      res = C.secp256k1_ecdsa_recoverable_signature_parse_compact(@ctx, recover_sig, ser_sig, rec_id)
+      raise AssertError, 'failed to parse ECDSA compact sig' unless res == 1
+
+      recover_sig
+    end
+
+    def ecdsa_recoverable_convert(recover_sig)
+      normal_sig = C::ECDSASignature.new.pointer
+      C.secp256k1_ecdsa_recoverable_signature_convert(@ctx, normal_sig, recover_sig)
+      normal_sig
+    end
+
+  end
+end

data/lib/secp256k1/key.rb

@@ -0,0 +1,250 @@
+# -*- encoding : ascii-8bit -*-
+require 'digest'
+require 'securerandom'
+
+module Secp256k1
+
+  class BaseKey
+    def initialize(ctx, flags)
+      @destroy = false
+
+      unless ctx
+        raise ArgumentError, "invalid flags" unless [NO_FLAGS, FLAG_SIGN, FLAG_VERIFY, ALL_FLAGS].include?(flags)
+        ctx = FFI::AutoPointer.new C.secp256k1_context_create(flags), C.method(:secp256k1_context_destroy)
+        @destroy = true
+      end
+
+      @flags = flags
+      @ctx = ctx
+    end
+  end
+
+  class PublicKey < BaseKey
+    include ECDSA, Utils
+
+    attr_accessor :public_key
+
+    def initialize(pubkey: nil, raw: false, flags: FLAG_VERIFY, ctx: nil)
+      super(ctx, flags)
+
+      if pubkey
+        if raw
+          raise ArgumentError, 'raw pubkey must be bytes' unless pubkey.instance_of?(String)
+          @public_key = deserialize pubkey
+        else
+          #raise ArgumentError, 'pubkey must be an internal object' unless pubkey.instance_of?(String)
+          @public_key = pubkey
+        end
+      else
+        @public_key = nil
+      end
+    end
+
+    def serialize(compressed: true)
+      raise AssertError, 'No public key defined' unless @public_key
+
+      len_compressed = compressed ? 33 : 65
+      res_compressed = FFI::MemoryPointer.new :char, len_compressed
+      outlen = FFI::MemoryPointer.new(:size_t).write_uint(len_compressed)
+      compflag = compressed ? EC_COMPRESSED : EC_UNCOMPRESSED
+
+      res = C.secp256k1_ec_pubkey_serialize(@ctx, res_compressed, outlen, @public_key, compflag)
+      raise AssertError, 'pubkey serialization failed' unless res == 1
+
+      res_compressed.read_bytes(len_compressed)
+    end
+
+    def deserialize(pubkey_ser)
+      raise ArgumentError, 'unknown public key size (expected 33 or 65)' unless [33,65].include?(pubkey_ser.size)
+
+      pubkey = C::Pubkey.new.pointer
+
+      res = C.secp256k1_ec_pubkey_parse(@ctx, pubkey, pubkey_ser, pubkey_ser.size)
+      raise AssertError, 'invalid public key' unless res == 1
+
+      @public_key = pubkey
+      pubkey
+    end
+
+    ##
+    # Add a number of public keys together.
+    #
+    def combine(pubkeys)
+      raise ArgumentError, 'must give at least 1 pubkey' if pubkeys.empty?
+
+      outpub = FFI::Pubkey.new.pointer
+      #pubkeys.each {|item| }
+
+      res = C.secp256k1_ec_pubkey_combine(@ctx, outpub, pubkeys, pubkeys.size)
+      raise AssertError, 'failed to combine public keys' unless res == 1
+
+      @public_key = outpub
+      outpub
+    end
+
+    ##
+    # Tweak the current public key by adding a 32 byte scalar times the
+    # generator to it and return a new PublicKey instance.
+    #
+    def tweak_add(scalar)
+      tweak_public :secp256k1_ec_pubkey_tweak_add, scalar
+    end
+
+    ##
+    # Tweak the current public key by multiplying it by a 32 byte scalar and
+    # return a new PublicKey instance.
+    #
+    def tweak_mul(scalar)
+      tweak_public :secp256k1_ec_pubkey_tweak_mul, scalar
+    end
+
+    def ecdsa_verify(msg, raw_sig, raw: false, digest: Digest::SHA256)
+      raise AssertError, 'No public key defined' unless @public_key
+      raise AssertError, 'instance not configured for sig verification' if (@flags & FLAG_VERIFY) != FLAG_VERIFY
+
+      msg32 = hash32 msg, raw, digest
+
+      !!C.secp256k1_ecdsa_verify(@ctx, raw_sig, msg32, @public_key)
+    end
+
+    def ecdh(scalar)
+      raise AssertError, 'No public key defined' unless @public_key
+      raise ArgumentError, 'scalar must be composed of 32 bytes' unless scalar.instance_of?(String) && scalar.size == 32
+
+      result = FFI::MemoryPointer.new :char, 32
+
+      res = C.secp256k1_ecdh @ctx, result, @public_key, scalar
+      raise AssertError, "invalid scalar (#{scalar})" unless res == 1
+
+      result.read_bytes(32)
+    end
+
+    private
+
+    def tweak_public(meth, scalar)
+      raise ArgumentError, 'scalar must be composed of 32 bytes' unless scalar.instance_of?(String) && scalar.size == 32
+      raise AssertError, 'No public key defined.' unless @public_key
+
+      newpub = self.class.new serialize, raw: true
+
+      res = C.send meth, newpub.public_key, scalar
+      raise AssertError, 'Tweak is out of range' unless res == 1
+
+      newpub
+    end
+
+  end
+
+  class PrivateKey < BaseKey
+    include ECDSA, Utils
+
+    attr :pubkey
+
+    def initialize(privkey: nil, raw: true, flags: ALL_FLAGS, ctx: nil)
+      raise AssertError, "invalid flags" unless [ALL_FLAGS, FLAG_SIGN].include?(flags)
+
+      super(ctx, flags)
+
+      @pubkey = nil
+      @private_key = nil
+
+      if privkey
+        if raw
+          raise ArgumentError, "privkey must be composed of 32 bytes" unless privkey.instance_of?(String) && privkey.size == 32
+          set_raw_privkey privkey
+        else
+          deserialize privkey
+        end
+      else
+        set_raw_privkey generate_private_key
+      end
+    end
+
+    def ecdsa_sign(msg, raw: false, digest: Digest::SHA256)
+      msg32 = hash32 msg, raw, digest
+      raw_sig = C::ECDSASignature.new.pointer
+
+      res = C.secp256k1_ecdsa_sign @ctx, raw_sig, msg32, @private_key, nil, nil
+      raise AssertError, "failed to sign" unless res == 1
+
+      raw_sig
+    end
+
+    def ecdsa_sign_recoverable(msg, raw: false, digest: Digest::SHA256)
+      msg32 = hash32 msg, raw, digest
+      raw_sig = C::ECDSARecoverableSignature.new.pointer
+
+      res = C.secp256k1_ecdsa_sign_recoverable @ctx, raw_sig, msg32, @private_key, nil, nil
+      raise AssertError, "failed to sign" unless res == 1
+
+      raw_sig
+    end
+
+    def set_raw_privkey(privkey)
+      raise ArgumentError, "invalid private key" unless C.secp256k1_ec_seckey_verify(@ctx, privkey)
+      @private_key = privkey
+      update_public_key
+    end
+
+    ##
+    # Tweak the current private key by adding a 32 bytes scalar to it and
+    # return a new raw private key composed of 32 bytes.
+    #
+    def tweak_add(scalar)
+      tweak_private :secp256k1_ec_privkey_tweak_add, scalar
+    end
+
+    ##
+    # Tweak the current private key by multiplying it by a 32 byte scalar and
+    # return a new raw private key composed of 32 bytes.
+    #
+    def tweak_mul(scalar)
+      tweak_private :secp256k1_ec_pubkey_tweak_mul, scalar
+    end
+
+    private
+
+    def tweak_private(meth, scalar)
+      raise ArgumentError, "scalar must be composed of 32 bytes" unless scalar.instance_of?(String) && scalar.size == 32
+
+      key = FFI::MemoryPointer.new(:uchar, 32).put_string(@private_key)
+
+      C.send meth, @ctx, key, scalar
+      raise AssertError, "Tweak is out of range" unless res == 1
+
+      key.read_string(32)
+    end
+
+    def update_public_key
+      public_key = generate_public_key @private_key
+      @pubkey = PublicKey.new pubkey: public_key, raw: false, ctx: @ctx, flags: @flags
+    end
+
+    def generate_public_key(privkey)
+      pubkey_ptr = C::Pubkey.new.pointer
+
+      res = C.secp256k1_ec_pubkey_create @ctx, pubkey_ptr, privkey
+      raise AssertError, "failed to generate public key" unless res == 1
+
+      pubkey_ptr
+    end
+
+    def generate_private_key
+      SecureRandom.random_bytes(32)
+    end
+
+    def serialize
+      encode_hex @private_key
+    end
+
+    def deserialize(privkey_serialized)
+      raise ArgumentError, "invalid private key" unless privkey_serialized.size == 64
+
+      rawkey = decode_hex privkey_serialized
+      set_raw_privkey rawkey
+
+      @private_key
+    end
+
+  end
+end