tornado-packages/ethers.js
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
a74b9a557c
ethers.js/src.ts/crypto/signing-key.ts
Richard Moore a74b9a557c docs: added more jsdocs
2022-12-02 21:23:13 -05:00

186 lines
6.4 KiB
TypeScript
Raw Blame History

import * as secp256k1 from "@noble/secp256k1";
import {
concat, dataLength, getBytes, getBytesCopy, hexlify, toHex,
assertArgument
} from "../utils/index.js";
import { computeHmac } from "./hmac.js";
import { Signature } from "./signature.js";
import type { BytesLike } from "../utils/index.js";
import type { SignatureLike } from "./index.js";
//const N = BigInt("0xfffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
// Make noble-secp256k1 sync
secp256k1.utils.hmacSha256Sync = function(key: Uint8Array, ...messages: Array<Uint8Array>): Uint8Array {
return getBytes(computeHmac("sha256", key, concat(messages)));
}
/**
* A **SigningKey** provides high-level access to the elliptic curve
* cryptography (ECC) operations and key management.
*/
export class SigningKey {
#privateKey: string;
/**
* Creates a new **SigningKey** for %%privateKey%%.
*/
constructor(privateKey: BytesLike) {
assertArgument(dataLength(privateKey) === 32, "invalid private key", "privateKey", "[REDACTED]");
this.#privateKey = hexlify(privateKey);
}
/**
* The private key.
*/
get privateKey(): string { return this.#privateKey; }
/**
* The uncompressed public key.
*
* This will always begin with the prefix ``0x04`` and be 132
* characters long (the ``0x`` prefix and 130 hexadecimal nibbles).
*/
get publicKey(): string { return SigningKey.computePublicKey(this.#privateKey); }
/**
* The compressed public key.
*
* This will always begin with either the prefix ``0x02`` or ``0x03``
* and be 68 characters long (the ``0x`` prefix and 33 hexadecimal
* nibbles)
*/
get compressedPublicKey(): string { return SigningKey.computePublicKey(this.#privateKey, true); }
/**
* Return the signature of the signed %%digest%%.
*/
sign(digest: BytesLike): Signature {
assertArgument(dataLength(digest) === 32, "invalid digest length", "digest", digest);
const [ sigDer, recid ] = secp256k1.signSync(getBytesCopy(digest), getBytesCopy(this.#privateKey), {
recovered: true,
canonical: true
});
const sig = secp256k1.Signature.fromHex(sigDer);
return Signature.from({
r: toHex("0x" + sig.r.toString(16), 32),
s: toHex("0x" + sig.s.toString(16), 32),
v: (recid ? 0x1c: 0x1b)
});
}
/**
* Returns the [[link-wiki-ecdh]] shared secret between this
* private key and the %%other%% key.
*
* The %%other%% key may be any type of key, a raw public key,
* a compressed/uncompressed pubic key or aprivate key.
*
* Best practice is usually to use a cryptographic hash on the
* returned value before using it as a symetric secret.
*/
computeShardSecret(other: BytesLike): string {
const pubKey = SigningKey.computePublicKey(other);
return hexlify(secp256k1.getSharedSecret(getBytesCopy(this.#privateKey), pubKey));
}
/**
* Compute the public key for %%key%%, optionally %%compressed%%.
*
* The %%key%% may be any type of key, a raw public key, a
* compressed/uncompressed public key or private key.
*/
static computePublicKey(key: BytesLike, compressed?: boolean): string {
let bytes = getBytes(key, "key");
if (bytes.length === 32) {
const pubKey = secp256k1.getPublicKey(bytes, !!compressed);
return hexlify(pubKey);
}
if (bytes.length === 64) {
const pub = new Uint8Array(65);
pub[0] = 0x04;
pub.set(bytes, 1);
bytes = pub;
}
const point = secp256k1.Point.fromHex(bytes);
return hexlify(point.toRawBytes(compressed));
}
/**
* Returns the public key for the private key which produced the
* %%signature%% for the given %%digest%%.
*/
static recoverPublicKey(digest: BytesLike, signature: SignatureLike): string {
assertArgument(dataLength(digest) === 32, "invalid digest length", "digest", digest);
const sig = Signature.from(signature);
const der = secp256k1.Signature.fromCompact(getBytesCopy(concat([ sig.r, sig.s ]))).toDERRawBytes();
const pubKey = secp256k1.recoverPublicKey(getBytesCopy(digest), der, sig.yParity);
if (pubKey != null) { return hexlify(pubKey); }
assertArgument(false, "invalid signautre for digest", "signature", signature);
}
/**
* Returns the point resulting from adding the ellipic curve points
* %%p0%% and %%p1%%.
*
* This is not a common function most developers should require, but
* can be useful for certain privacy-specific techniques.
*
* For example, it is used by [[HDNodeWallet]] to compute child
* addresses from parent public keys and chain codes.
*/
static addPoints(p0: BytesLike, p1: BytesLike, compressed?: boolean): string {
const pub0 = secp256k1.Point.fromHex(SigningKey.computePublicKey(p0).substring(2));
const pub1 = secp256k1.Point.fromHex(SigningKey.computePublicKey(p1).substring(2));
return "0x" + pub0.add(pub1).toHex(!!compressed)
}
}
/*
const key = new SigningKey("0x1234567890123456789012345678901234567890123456789012345678901234");
console.log(key);
console.log(key.sign("0x1234567890123456789012345678901234567890123456789012345678901234"));
{
const privKey = "0x1234567812345678123456781234567812345678123456781234567812345678";
const signingKey = new SigningKey(privKey);
console.log("0", signingKey, signingKey.publicKey, signingKey.publicKeyCompressed);
let pubKey = SigningKey.computePublicKey(privKey);
let pubKeyComp = SigningKey.computePublicKey(privKey, true);
let pubKeyRaw = "0x" + SigningKey.computePublicKey(privKey).substring(4);
console.log("A", pubKey, pubKeyComp);
let a = SigningKey.computePublicKey(pubKey);
let b = SigningKey.computePublicKey(pubKey, true);
console.log("B", a, b);
a = SigningKey.computePublicKey(pubKeyComp);
b = SigningKey.computePublicKey(pubKeyComp, true);
console.log("C", a, b);
a = SigningKey.computePublicKey(pubKeyRaw);
b = SigningKey.computePublicKey(pubKeyRaw, true);
console.log("D", a, b);
const digest = "0x1122334411223344112233441122334411223344112233441122334411223344";
const sig = signingKey.sign(digest);
console.log("SS", sig, sig.r, sig.s, sig.yParity);
console.log("R", SigningKey.recoverPublicKey(digest, sig));
}
*/
Reference in New Issue View Git Blame Copy Permalink