github.com/luckypickle/go-ethereum-vet@v1.14.2/crypto/secp256k1/libsecp256k1/contrib/lax_der_privatekey_parsing.c (about)

     1  /**********************************************************************
     2   * Copyright (c) 2014, 2015 Pieter Wuille                             *
     3   * Distributed under the MIT software license, see the accompanying   *
     4   * file COPYING or http://www.opensource.org/licenses/mit-license.php.*
     5   **********************************************************************/
     6  
     7  #include <string.h>
     8  #include <secp256k1.h>
     9  
    10  #include "lax_der_privatekey_parsing.h"
    11  
    12  int ec_privkey_import_der(const vet_secp256k1_context* ctx, unsigned char *out32, const unsigned char *privkey, size_t privkeylen) {
    13      const unsigned char *end = privkey + privkeylen;
    14      int lenb = 0;
    15      int len = 0;
    16      memset(out32, 0, 32);
    17      /* sequence header */
    18      if (end < privkey+1 || *privkey != 0x30) {
    19          return 0;
    20      }
    21      privkey++;
    22      /* sequence length constructor */
    23      if (end < privkey+1 || !(*privkey & 0x80)) {
    24          return 0;
    25      }
    26      lenb = *privkey & ~0x80; privkey++;
    27      if (lenb < 1 || lenb > 2) {
    28          return 0;
    29      }
    30      if (end < privkey+lenb) {
    31          return 0;
    32      }
    33      /* sequence length */
    34      len = privkey[lenb-1] | (lenb > 1 ? privkey[lenb-2] << 8 : 0);
    35      privkey += lenb;
    36      if (end < privkey+len) {
    37          return 0;
    38      }
    39      /* sequence element 0: version number (=1) */
    40      if (end < privkey+3 || privkey[0] != 0x02 || privkey[1] != 0x01 || privkey[2] != 0x01) {
    41          return 0;
    42      }
    43      privkey += 3;
    44      /* sequence element 1: octet string, up to 32 bytes */
    45      if (end < privkey+2 || privkey[0] != 0x04 || privkey[1] > 0x20 || end < privkey+2+privkey[1]) {
    46          return 0;
    47      }
    48      memcpy(out32 + 32 - privkey[1], privkey + 2, privkey[1]);
    49      if (!vet_secp256k1_ec_seckey_verify(ctx, out32)) {
    50          memset(out32, 0, 32);
    51          return 0;
    52      }
    53      return 1;
    54  }
    55  
    56  int ec_privkey_export_der(const vet_secp256k1_context *ctx, unsigned char *privkey, size_t *privkeylen, const unsigned char *key32, int compressed) {
    57      vet_secp256k1_pubkey pubkey;
    58      size_t pubkeylen = 0;
    59      if (!vet_secp256k1_ec_pubkey_create(ctx, &pubkey, key32)) {
    60          *privkeylen = 0;
    61          return 0;
    62      }
    63      if (compressed) {
    64          static const unsigned char begin[] = {
    65              0x30,0x81,0xD3,0x02,0x01,0x01,0x04,0x20
    66          };
    67          static const unsigned char middle[] = {
    68              0xA0,0x81,0x85,0x30,0x81,0x82,0x02,0x01,0x01,0x30,0x2C,0x06,0x07,0x2A,0x86,0x48,
    69              0xCE,0x3D,0x01,0x01,0x02,0x21,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    70              0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    71              0xFF,0xFF,0xFE,0xFF,0xFF,0xFC,0x2F,0x30,0x06,0x04,0x01,0x00,0x04,0x01,0x07,0x04,
    72              0x21,0x02,0x79,0xBE,0x66,0x7E,0xF9,0xDC,0xBB,0xAC,0x55,0xA0,0x62,0x95,0xCE,0x87,
    73              0x0B,0x07,0x02,0x9B,0xFC,0xDB,0x2D,0xCE,0x28,0xD9,0x59,0xF2,0x81,0x5B,0x16,0xF8,
    74              0x17,0x98,0x02,0x21,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    75              0xFF,0xFF,0xFF,0xFF,0xFE,0xBA,0xAE,0xDC,0xE6,0xAF,0x48,0xA0,0x3B,0xBF,0xD2,0x5E,
    76              0x8C,0xD0,0x36,0x41,0x41,0x02,0x01,0x01,0xA1,0x24,0x03,0x22,0x00
    77          };
    78          unsigned char *ptr = privkey;
    79          memcpy(ptr, begin, sizeof(begin)); ptr += sizeof(begin);
    80          memcpy(ptr, key32, 32); ptr += 32;
    81          memcpy(ptr, middle, sizeof(middle)); ptr += sizeof(middle);
    82          pubkeylen = 33;
    83          vet_secp256k1_ec_pubkey_serialize(ctx, ptr, &pubkeylen, &pubkey, SECP256K1_EC_COMPRESSED);
    84          ptr += pubkeylen;
    85          *privkeylen = ptr - privkey;
    86      } else {
    87          static const unsigned char begin[] = {
    88              0x30,0x82,0x01,0x13,0x02,0x01,0x01,0x04,0x20
    89          };
    90          static const unsigned char middle[] = {
    91              0xA0,0x81,0xA5,0x30,0x81,0xA2,0x02,0x01,0x01,0x30,0x2C,0x06,0x07,0x2A,0x86,0x48,
    92              0xCE,0x3D,0x01,0x01,0x02,0x21,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    93              0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
    94              0xFF,0xFF,0xFE,0xFF,0xFF,0xFC,0x2F,0x30,0x06,0x04,0x01,0x00,0x04,0x01,0x07,0x04,
    95              0x41,0x04,0x79,0xBE,0x66,0x7E,0xF9,0xDC,0xBB,0xAC,0x55,0xA0,0x62,0x95,0xCE,0x87,
    96              0x0B,0x07,0x02,0x9B,0xFC,0xDB,0x2D,0xCE,0x28,0xD9,0x59,0xF2,0x81,0x5B,0x16,0xF8,
    97              0x17,0x98,0x48,0x3A,0xDA,0x77,0x26,0xA3,0xC4,0x65,0x5D,0xA4,0xFB,0xFC,0x0E,0x11,
    98              0x08,0xA8,0xFD,0x17,0xB4,0x48,0xA6,0x85,0x54,0x19,0x9C,0x47,0xD0,0x8F,0xFB,0x10,
    99              0xD4,0xB8,0x02,0x21,0x00,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
   100              0xFF,0xFF,0xFF,0xFF,0xFE,0xBA,0xAE,0xDC,0xE6,0xAF,0x48,0xA0,0x3B,0xBF,0xD2,0x5E,
   101              0x8C,0xD0,0x36,0x41,0x41,0x02,0x01,0x01,0xA1,0x44,0x03,0x42,0x00
   102          };
   103          unsigned char *ptr = privkey;
   104          memcpy(ptr, begin, sizeof(begin)); ptr += sizeof(begin);
   105          memcpy(ptr, key32, 32); ptr += 32;
   106          memcpy(ptr, middle, sizeof(middle)); ptr += sizeof(middle);
   107          pubkeylen = 65;
   108          vet_secp256k1_ec_pubkey_serialize(ctx, ptr, &pubkeylen, &pubkey, SECP256K1_EC_UNCOMPRESSED);
   109          ptr += pubkeylen;
   110          *privkeylen = ptr - privkey;
   111      }
   112      return 1;
   113  }