Revert "Switch to sslcrypto for cryptography tasks (#2338)"

This reverts commit fbc7b6fc4f.
2019-12-15 18:30:42 +01:00 · 2019-12-15 18:30:42 +01:00 · 958882c1c5
commit 958882c1c5
parent 2f7323043f
55 changed files with 7287 additions and 3748 deletions
--- a/src/Crypt/CryptBitcoin.py
+++ b/src/Crypt/CryptBitcoin.py
@ -1,22 +1,16 @@
 import logging
 import base64
-import binascii
 import time
-import hashlib

 from util import OpensslFindPatch
-from util.Electrum import dbl_format
+from lib import pybitcointools as btctools
 from Config import config

-lib_verify_best = "sslcrypto"
+lib_verify_best = "btctools"

-import sslcrypto
-sslcurve_native = sslcrypto.ecc.get_curve("secp256k1")
-sslcurve_fallback = sslcrypto.fallback.ecc.get_curve("secp256k1")
-sslcurve = sslcurve_native

 def loadLib(lib_name, silent=False):
-    global sslcurve, libsecp256k1message, lib_verify_best
+    global bitcoin, libsecp256k1message, lib_verify_best
    if lib_name == "libsecp256k1":
        s = time.time()
        from lib import libsecp256k1message
@ -27,10 +21,24 @@ def loadLib(lib_name, silent=False):
                "Libsecpk256k1 loaded: %s in %.3fs" %
                (type(coincurve._libsecp256k1.lib).__name__, time.time() - s)
            )
-    elif lib_name == "sslcrypto":
-        sslcurve = sslcurve_native
-    elif lib_name == "sslcrypto_fallback":
-        sslcurve = sslcurve_fallback
+    elif lib_name == "openssl":
+        s = time.time()
+        import bitcoin.signmessage
+        import bitcoin.core.key
+        import bitcoin.wallet
+
+        try:
+            # OpenSSL 1.1.0
+            ssl_version = bitcoin.core.key._ssl.SSLeay()
+        except AttributeError:
+            # OpenSSL 1.1.1+
+            ssl_version = bitcoin.core.key._ssl.OpenSSL_version_num()
+
+        if not silent:
+            logging.info(
+                "OpenSSL loaded: %s, version: %.9X in %.3fs" %
+                (bitcoin.core.key._ssl, ssl_version, time.time() - s)
+            )

 try:
    if not config.use_libsecp256k1:
@ -38,30 +46,35 @@ try:
    loadLib("libsecp256k1")
    lib_verify_best = "libsecp256k1"
 except Exception as err:
-    logging.info("Libsecp256k1 load failed: %s" % err)
+    logging.info("Libsecp256k1 load failed: %s, try to load OpenSSL" % err)
+    try:
+        if not config.use_openssl:
+            raise Exception("Disabled by config")
+        loadLib("openssl")
+        lib_verify_best = "openssl"
+    except Exception as err:
+        logging.info("OpenSSL load failed: %s, falling back to slow bitcoin verify" % err)


-def newPrivatekey():  # Return new private key
-    return sslcurve.private_to_wif(sslcurve.new_private_key()).decode()
+def newPrivatekey(uncompressed=True):  # Return new private key
+    privatekey = btctools.encode_privkey(btctools.random_key(), "wif")
+    return privatekey


 def newSeed():
-    return binascii.hexlify(sslcurve.new_private_key()).decode()
+    return btctools.random_key()


 def hdPrivatekey(seed, child):
-    # Too large child id could cause problems
-    privatekey_bin = sslcurve.derive_child(seed.encode(), child % 100000000)
-    return sslcurve.private_to_wif(privatekey_bin).decode()
+    masterkey = btctools.bip32_master_key(bytes(seed, "ascii"))
+    childkey = btctools.bip32_ckd(masterkey, child % 100000000)  # Too large child id could cause problems
+    key = btctools.bip32_extract_key(childkey)
+    return btctools.encode_privkey(key, "wif")


 def privatekeyToAddress(privatekey):  # Return address from private key
    try:
-        if len(privatekey) == 64:
-            privatekey_bin = bytes.fromhex(privatekey)
-        else:
-            privatekey_bin = sslcurve.wif_to_private(privatekey.encode())
-        return sslcurve.private_to_address(privatekey_bin, is_compressed=False).decode()
+        return btctools.privkey_to_address(privatekey)
    except Exception:  # Invalid privatekey
        return False

@ -69,13 +82,8 @@ def privatekeyToAddress(privatekey):  # Return address from private key
 def sign(data, privatekey):  # Return sign to data using private key
    if privatekey.startswith("23") and len(privatekey) > 52:
        return None  # Old style private key not supported
-    return base64.b64encode(sslcurve.sign(
-        data.encode(),
-        sslcurve.wif_to_private(privatekey.encode()),
-        is_compressed=False,
-        recoverable=True,
-        hash=dbl_format
-    )).decode()
+    sign = btctools.ecdsa_sign(data, privatekey)
+    return sign


 def verify(data, valid_address, sign, lib_verify=None):  # Verify data using address and sign
@ -87,9 +95,17 @@ def verify(data, valid_address, sign, lib_verify=None):  # Verify data using add

    if lib_verify == "libsecp256k1":
        sign_address = libsecp256k1message.recover_address(data.encode("utf8"), sign).decode("utf8")
-    elif lib_verify in ("sslcrypto", "sslcrypto_fallback"):
-        publickey = sslcurve.recover(base64.b64decode(sign), data.encode(), hash=dbl_format)
-        sign_address = sslcurve.public_to_address(publickey).decode()
+    elif lib_verify == "openssl":
+        sig = base64.b64decode(sign)
+        message = bitcoin.signmessage.BitcoinMessage(data)
+        hash = message.GetHash()
+
+        pubkey = bitcoin.core.key.CPubKey.recover_compact(hash, sig)
+
+        sign_address = str(bitcoin.wallet.P2PKHBitcoinAddress.from_pubkey(pubkey))
+    elif lib_verify == "btctools":  # Use pure-python
+        pub = btctools.ecdsa_recover(data, sign)
+        sign_address = btctools.pubtoaddr(pub)
    else:
        raise Exception("No library enabled for signature verification")