Python ecdsa.numbertheory.square_root_mod_prime() Examples
The following are 6
code examples of ecdsa.numbertheory.square_root_mod_prime().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
ecdsa.numbertheory
, or try the search function
.
.
Example #1
| Source File: ecies.py From ontology-python-sdk with GNU Lesser General Public License v3.0 | 6 votes |
|
def __uncompress_public_key(public_key: bytes) -> bytes:
"""
Uncompress the compressed public key.
:param public_key: compressed public key
:return: uncompressed public key
"""
is_even = public_key.startswith(b'\x02')
x = string_to_number(public_key[1:])
curve = NIST256p.curve
order = NIST256p.order
p = curve.p()
alpha = (pow(x, 3, p) + (curve.a() * x) + curve.b()) % p
beta = square_root_mod_prime(alpha, p)
if is_even == bool(beta & 1):
y = p - beta
else:
y = beta
point = Point(curve, x, y, order)
return b''.join([number_to_string(point.x(), order), number_to_string(point.y(), order)])
Example #2
| Source File: hd_public_key.py From ontology-python-sdk with GNU Lesser General Public License v3.0 | 5 votes |
|
def from_bytes(cls, data: bytes):
""" Generates either a HDPublicKey from the underlying bytes.
The serialization must conform to the description in:
https://github.com/bitcoin/bips/blob/master/bip-0032.mediawiki#serialization-format
"""
if len(data) < 78:
raise ValueError("b must be at least 78 bytes long.")
version = int.from_bytes(data[:4], 'big')
depth = data[4]
parent_fingerprint = data[5:9]
index = int.from_bytes(data[9:13], 'big')
chain_code = data[13:45]
key_bytes = data[45:78]
if version != HDPublicKey.__VERSION:
raise ValueError('invalid HD Public Key.')
if key_bytes[0] != 0x02 and key_bytes[0] != 0x03:
raise ValueError("First byte of public key must be 0x02 or 0x03!")
# The curve of points satisfying y^2 = x^3 + a*x + b (mod p).
curve = ecdsa.curve_256
x = util.string_to_number(key_bytes[1:])
y = (x * x * x + curve.a() * x + curve.b()) % curve.p()
y = numbertheory.square_root_mod_prime(y, curve.p())
if (key_bytes[0] == 0x03 and y % 2 == 0) or (key_bytes[0] == 0x02 and y % 2 != 0):
y = (y * -1) % curve.p()
order = curves.NIST256p.order
s_key = util.number_to_string(x, order) + util.number_to_string(y, order)
public_key = VerifyingKey.from_string(string=s_key, curve=curves.NIST256p)
rv = cls(
public_key=public_key,
chain_code=chain_code,
index=index,
depth=depth,
parent_fingerprint=parent_fingerprint)
return rv
Example #3
| Source File: keys.py From multimerchant-python with MIT License | 4 votes |
|
def from_hex_key(cls, key, network=BitcoinMainNet):
"""Load the PublicKey from a compressed or uncompressed hex key.
This format is defined in PublicKey.get_key()
"""
if len(key) == 130 or len(key) == 66:
# It might be a hexlified byte array
try:
key = unhexlify(key)
except TypeError:
pass
key = ensure_bytes(key)
compressed = False
id_byte = key[0]
if not isinstance(id_byte, six.integer_types):
id_byte = ord(id_byte)
if id_byte == 4:
# Uncompressed public point
# 1B ID + 32B x coord + 32B y coord = 65 B
if len(key) != 65:
raise KeyParseError("Invalid key length")
public_pair = PublicPair(
long_or_int(hexlify(key[1:33]), 16),
long_or_int(hexlify(key[33:]), 16))
elif id_byte in [2, 3]:
# Compressed public point!
compressed = True
if len(key) != 33:
raise KeyParseError("Invalid key length")
y_odd = bool(id_byte & 0x01) # 0 even, 1 odd
x = long_or_int(hexlify(key[1:]), 16)
# The following x-to-pair algorithm was lifted from pycoin
# I still need to sit down an understand it. It is also described
# in http://www.secg.org/collateral/sec1_final.pdf
curve = SECP256k1.curve
p = curve.p()
# For SECP256k1, curve.a() is 0 and curve.b() is 7, so this is
# effectively (x ** 3 + 7) % p, but the full equation is kept
# for just-in-case-the-curve-is-broken future-proofing
alpha = (pow(x, 3, p) + curve.a() * x + curve.b()) % p
beta = square_root_mod_prime(alpha, p)
y_even = not y_odd
if y_even == bool(beta & 1):
public_pair = PublicPair(x, p - beta)
else:
public_pair = PublicPair(x, beta)
else:
raise KeyParseError("The given key is not in a known format.")
return cls.from_public_pair(public_pair, network=network,
compressed=compressed)
Example #4
| Source File: keys.py From bitmerchant with MIT License | 4 votes |
|
def from_hex_key(cls, key, network=BitcoinMainNet):
"""Load the PublicKey from a compressed or uncompressed hex key.
This format is defined in PublicKey.get_key()
"""
if len(key) == 130 or len(key) == 66:
# It might be a hexlified byte array
try:
key = unhexlify(ensure_bytes(key))
except (TypeError, binascii.Error):
pass
key = ensure_bytes(key)
compressed = False
id_byte = key[0]
if not isinstance(id_byte, six.integer_types):
id_byte = ord(id_byte)
if id_byte == 4:
# Uncompressed public point
# 1B ID + 32B x coord + 32B y coord = 65 B
if len(key) != 65:
raise KeyParseError("Invalid key length")
public_pair = PublicPair(
long_or_int(hexlify(key[1:33]), 16),
long_or_int(hexlify(key[33:]), 16))
elif id_byte in [2, 3]:
# Compressed public point!
compressed = True
if len(key) != 33:
raise KeyParseError("Invalid key length")
y_odd = bool(id_byte & 0x01) # 0 even, 1 odd
x = long_or_int(hexlify(key[1:]), 16)
# The following x-to-pair algorithm was lifted from pycoin
# I still need to sit down an understand it. It is also described
# in http://www.secg.org/collateral/sec1_final.pdf
curve = SECP256k1.curve
p = curve.p()
# For SECP256k1, curve.a() is 0 and curve.b() is 7, so this is
# effectively (x ** 3 + 7) % p, but the full equation is kept
# for just-in-case-the-curve-is-broken future-proofing
alpha = (pow(x, 3, p) + curve.a() * x + curve.b()) % p
beta = square_root_mod_prime(alpha, p)
y_even = not y_odd
if y_even == bool(beta & 1):
public_pair = PublicPair(x, p - beta)
else:
public_pair = PublicPair(x, beta)
else:
raise KeyParseError("The given key is not in a known format.")
return cls.from_public_pair(public_pair, network=network,
compressed=compressed)
Example #5
| Source File: keys.py From pywallet with MIT License | 4 votes |
|
def from_hex_key(cls, key, network=BitcoinMainNet):
"""Load the PublicKey from a compressed or uncompressed hex key.
This format is defined in PublicKey.get_key()
"""
if len(key) == 130 or len(key) == 66:
# It might be a hexlified byte array
try:
key = unhexlify(key)
except TypeError:
pass
key = ensure_bytes(key)
compressed = False
id_byte = key[0]
if not isinstance(id_byte, six.integer_types):
id_byte = ord(id_byte)
if id_byte == 4:
# Uncompressed public point
# 1B ID + 32B x coord + 32B y coord = 65 B
if len(key) != 65:
raise KeyParseError("Invalid key length")
public_pair = PublicPair(
long_or_int(hexlify(key[1:33]), 16),
long_or_int(hexlify(key[33:]), 16))
elif id_byte in [2, 3]:
# Compressed public point!
compressed = True
if len(key) != 33:
raise KeyParseError("Invalid key length")
y_odd = bool(id_byte & 0x01) # 0 even, 1 odd
x = long_or_int(hexlify(key[1:]), 16)
# The following x-to-pair algorithm was lifted from pycoin
# I still need to sit down an understand it. It is also described
# in http://www.secg.org/collateral/sec1_final.pdf
curve = SECP256k1.curve
p = curve.p()
# For SECP256k1, curve.a() is 0 and curve.b() is 7, so this is
# effectively (x ** 3 + 7) % p, but the full equation is kept
# for just-in-case-the-curve-is-broken future-proofing
alpha = (pow(x, 3, p) + curve.a() * x + curve.b()) % p
beta = square_root_mod_prime(alpha, p)
y_even = not y_odd
if y_even == bool(beta & 1):
public_pair = PublicPair(x, p - beta)
else:
public_pair = PublicPair(x, beta)
else:
raise KeyParseError("The given key is not in a known format.")
return cls.from_public_pair(public_pair, network=network,
compressed=compressed)
Example #6
| Source File: BIP32Key.py From bip32utils with MIT License | 4 votes |
|
def fromExtendedKey(xkey, public=False):
"""
Create a BIP32Key by importing from extended private or public key string
If public is True, return a public-only key regardless of input type.
"""
# Sanity checks
raw = Base58.check_decode(xkey)
if len(raw) != 78:
raise ValueError("extended key format wrong length")
# Verify address version/type
version = raw[:4]
if version == EX_MAIN_PRIVATE:
keytype = 'xprv'
elif version == EX_MAIN_PUBLIC:
keytype = 'xpub'
else:
raise ValueError("unknown extended key version")
# Extract remaining fields
depth = ord(raw[4])
fpr = raw[5:9]
child = struct.unpack(">L", raw[9:13])[0]
chain = raw[13:45]
secret = raw[45:78]
# Extract private key or public key point
if keytype == 'xprv':
secret = secret[1:]
else:
# Recover public curve point from compressed key
lsb = ord(secret[0]) & 1
x = string_to_int(secret[1:])
ys = (x**3+7) % FIELD_ORDER # y^2 = x^3 + 7 mod p
y = sqrt_mod(ys, FIELD_ORDER)
if y & 1 != lsb:
y = FIELD_ORDER-y
point = ecdsa.ellipticcurve.Point(SECP256k1.curve, x, y)
secret = ecdsa.VerifyingKey.from_public_point(point, curve=SECP256k1)
is_pubkey = (keytype == 'xpub')
key = BIP32Key(secret=secret, chain=chain, depth=depth, index=child, fpr=fpr, public=is_pubkey)
if not is_pubkey and public:
key = key.SetPublic()
return key
# Normal class initializer
