[Core][RPC][Tests] Add HD Wallet support

CMakeLists.txt

@@ -448,6 +448,7 @@ set(COMMON_SOURCES
         ./src/amount.cpp
         ./src/base58.cpp
         ./src/bip38.cpp
+        ./src/bip39.cpp
         ./src/chainparams.cpp
         ./src/coins.cpp
         ./src/compressor.cpp
@@ -459,6 +460,7 @@ set(COMMON_SOURCES
         ./src/core_read.cpp
         ./src/core_write.cpp
         ./src/hash.cpp
+        ./src/hdchain.cpp
         ./src/invalid.cpp
         ./src/key.cpp
         ./src/keystore.cpp

src/Makefile.am

@@ -82,6 +82,8 @@ BITCOIN_CORE_H = \
   allocators.h \
   amount.h \
   base58.h \
+  bip39.h \
+  bip39_english.h \
   bip38.h \
   bloom.h \
   blocksignature.h \
@@ -111,6 +113,7 @@ BITCOIN_CORE_H = \
   obfuscation-relay.h \
   wallet/db.h \
   hash.h \
+  hdchain.h \
   httprpc.h \
   httpserver.h \
   init.h \
@@ -363,6 +366,7 @@ libbitcoin_common_a_SOURCES = \
   allocators.cpp \
   amount.cpp \
   base58.cpp \
+  bip39.cpp \
   bip38.cpp \
   chainparams.cpp \
   coins.cpp \
@@ -375,6 +379,7 @@ libbitcoin_common_a_SOURCES = \
   core_read.cpp \
   core_write.cpp \
   hash.cpp \
+  hdchain.cpp \
   invalid.cpp \
   key.cpp \
   keystore.cpp \

src/Makefile.test.include

@@ -13,6 +13,7 @@ JSON_TEST_FILES = \
   test/data/sig_noncanonical.json \
   test/data/base58_encode_decode.json \
   test/data/base58_keys_invalid.json \
+  test/data/bip39_vectors.json \
   test/data/script_invalid.json \
   test/data/tx_invalid.json \
   test/data/tx_valid.json \
@@ -39,6 +40,7 @@ BITCOIN_TESTS =\
   test/base32_tests.cpp \
   test/base58_tests.cpp \
   test/base64_tests.cpp \
+  test/bip39_tests.cpp \
   test/budget_tests.cpp \
   test/checkblock_tests.cpp \
   test/Checkpoints_tests.cpp \

src/allocators.h

@@ -260,7 +260,7 @@ struct zero_after_free_allocator : public std::allocator<T> {
 
 // This is exactly like std::string, but with a custom allocator.
 typedef std::basic_string<char, std::char_traits<char>, secure_allocator<char> > SecureString;
-
+typedef std::vector<unsigned char, secure_allocator<unsigned char> > SecureVector;
 // Byte-vector that clears its contents before deletion.
 typedef std::vector<char, zero_after_free_allocator<char> > CSerializeData;
 

src/bip39.cpp

@@ -0,0 +1,162 @@
+/**
+ * Copyright (c) 2013-2014 Tomas Dzetkulic
+ * Copyright (c) 2013-2014 Pavol Rusnak
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
+ * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+// Source:
+// https://github.com/trezor/trezor-crypto
+
+#include "bip39.h"
+#include "bip39_english.h"
+#include "crypto/sha256.h"
+#include "random.h"
+
+#include <openssl/evp.h>
+
+SecureString CMnemonic::Generate(int strength)
+{
+    if (strength % 32 || strength < 128 || strength > 256) {
+        return SecureString();
+    }
+    SecureVector data(32);
+    GetStrongRandBytes(&data[0], 32);
+    SecureString mnemonic = FromData(data, strength / 8);
+    return mnemonic;
+}
+
+// SecureString CMnemonic::FromData(const uint8_t *data, int len)
+SecureString CMnemonic::FromData(const SecureVector& data, int len)
+{
+    if (len % 4 || len < 16 || len > 32) {
+        return SecureString();
+    }
+
+    SecureVector checksum(32);
+    CSHA256().Write(&data[0], len).Finalize(&checksum[0]);
+
+    // data
+    SecureVector bits(len);
+    memcpy(&bits[0], &data[0], len);
+    // checksum
+    bits.push_back(checksum[0]);
+
+    int mlen = len * 3 / 4;
+    SecureString mnemonic;
+
+    int i, j, idx;
+    for (i = 0; i < mlen; i++) {
+        idx = 0;
+        for (j = 0; j < 11; j++) {
+            idx <<= 1;
+            idx += (bits[(i * 11 + j) / 8] & (1 << (7 - ((i * 11 + j) % 8)))) > 0;
+        }
+        mnemonic.append(wordlist[idx]);
+        if (i < mlen - 1) {
+            mnemonic += ' ';
+        }
+    }
+
+    return mnemonic;
+}
+
+bool CMnemonic::Check(SecureString mnemonic)
+{
+    if (mnemonic.empty()) {
+        return false;
+    }
+
+    uint32_t nWordCount{};
+
+    for (size_t i = 0; i < mnemonic.size(); ++i) {
+        if (mnemonic[i] == ' ') {
+            nWordCount++;
+        }
+    }
+    nWordCount++;
+    // check number of words
+    if (nWordCount != 12 && nWordCount != 18 && nWordCount != 24) {
+        return false;
+    }
+
+    SecureString ssCurrentWord;
+    SecureVector bits(32 + 1);
+
+    uint32_t nWordIndex, ki, nBitsCount{};
+
+    for (size_t i = 0; i < mnemonic.size(); ++i)
+    {
+        ssCurrentWord = "";
+        while (i + ssCurrentWord.size() < mnemonic.size() && mnemonic[i + ssCurrentWord.size()] != ' ') {
+            if (ssCurrentWord.size() >= 9) {
+                return false;
+            }
+            ssCurrentWord += mnemonic[i + ssCurrentWord.size()];
+        }
+        i += ssCurrentWord.size();
+        nWordIndex = 0;
+        for (;;) {
+            if (!wordlist[nWordIndex]) { // word not found
+                return false;
+            }
+            if (ssCurrentWord == wordlist[nWordIndex]) { // word found on index nWordIndex
+                for (ki = 0; ki < 11; ki++) {
+                    if (nWordIndex & (1 << (10 - ki))) {
+                        bits[nBitsCount / 8] |= 1 << (7 - (nBitsCount % 8));
+                    }
+                    nBitsCount++;
+                }
+                break;
+            }
+            nWordIndex++;
+        }
+    }
+    if (nBitsCount != nWordCount * 11) {
+        return false;
+    }
+    bits[32] = bits[nWordCount * 4 / 3];
+    CSHA256().Write(&bits[0], nWordCount * 4 / 3).Finalize(&bits[0]);
+
+    bool fResult = 0;
+    if (nWordCount == 12) {
+        fResult = (bits[0] & 0xF0) == (bits[32] & 0xF0); // compare first 4 bits
+    } else
+    if (nWordCount == 18) {
+        fResult = (bits[0] & 0xFC) == (bits[32] & 0xFC); // compare first 6 bits
+    } else
+    if (nWordCount == 24) {
+        fResult = bits[0] == bits[32]; // compare 8 bits
+    }
+
+    return fResult;
+}
+
+// passphrase must be at most 256 characters or code may crash
+void CMnemonic::ToSeed(SecureString mnemonic, SecureString passphrase, SecureVector& seedRet)
+{
+    SecureString ssSalt = SecureString("mnemonic") + passphrase;
+    SecureVector vchSalt(ssSalt.begin(), ssSalt.end());
+    seedRet.resize(64);
+    // int PKCS5_PBKDF2_HMAC(const char *pass, int passlen,
+    //                    const unsigned char *salt, int saltlen, int iter,
+    //                    const EVP_MD *digest,
+    //                    int keylen, unsigned char *out);
+    PKCS5_PBKDF2_HMAC(mnemonic.c_str(), mnemonic.size(), &vchSalt[0], vchSalt.size(), 2048, EVP_sha512(), 64, &seedRet[0]);
+}

src/bip39.h

@@ -0,0 +1,39 @@
+/**
+ * Copyright (c) 2013-2014 Tomas Dzetkulic
+ * Copyright (c) 2013-2014 Pavol Rusnak
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the "Software"),
+ * to deal in the Software without restriction, including without limitation
+ * the rights to use, copy, modify, merge, publish, distribute, sublicense,
+ * and/or sell copies of the Software, and to permit persons to whom the
+ * Software is furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included
+ * in all copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+ * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+ * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES
+ * OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
+ * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
+ * OTHER DEALINGS IN THE SOFTWARE.
+ */
+
+#ifndef PIVX_BIP39_H
+#define PIVX_BIP39_H
+
+#include "allocators.h"
+
+class CMnemonic
+{
+public:
+    static SecureString Generate(int strength);    // strength in bits
+    static SecureString FromData(const SecureVector& data, int len);
+    static bool Check(SecureString mnemonic);
+    // passphrase must be at most 256 characters or code may crash
+    static void ToSeed(SecureString mnemonic, SecureString passphrase, SecureVector& seedRet);
+};
+
+#endif