From 4a85b38916278100b921a64e409b78b71ba37690 Mon Sep 17 00:00:00 2001 From: MidnightLightning Date: Wed, 5 Mar 2014 17:04:00 -0500 Subject: Update bip-0038.mediawiki Fix some erroneous statements in the description of the math used for encryption/decryption of EC-Multiplied keys/addresses --- bip-0038.mediawiki | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'bip-0038.mediawiki') diff --git a/bip-0038.mediawiki b/bip-0038.mediawiki index 39f0632..f34a09b 100644 --- a/bip-0038.mediawiki +++ b/bip-0038.mediawiki @@ -121,7 +121,7 @@ Steps performed by ''owner'' to generate a single intermediate code, if lot and # Derive a key from the passphrase using scrypt #* Parameters: ''passphrase'' is the passphrase itself encoded in UTF-8. salt is ''ownersalt''. n=16384, r=8, p=8, length=32. #* Call the resulting 32 bytes ''prefactor''. -#* Take SHA256(SHA256(''prefactor'' + ''ownerentropy'')) and call this ''passfactor''. +#* Take SHA256(SHA256(''prefactor'' + ''ownerentropy'')) and call this ''passfactor''. The "+" operator is concatenation. # Compute the elliptic curve point G * ''passfactor'', and convert the result to compressed notation (33 bytes). Call this ''passpoint''. Compressed notation is used for this purpose regardless of whether the intent is to create Bitcoin addresses with or without compressed public keys. # Convey ''ownersalt'' and ''passpoint'' to the party generating the keys, along with a checksum to ensure integrity. #* The following Base58Check-encoded format is recommended for this purpose: magic bytes "2C E9 B3 E1 FF 39 E2 51" followed by ''ownerentropy'', and then ''passpoint''. The resulting string will start with the word "passphrase" due to the constant bytes, will be 72 characters in length, and encodes 49 bytes (8 bytes constant + 8 bytes ''ownersalt'' + 33 bytes ''passpoint''). The checksum is handled in the Base58Check encoding. The resulting string is called ''intermediate_passphrase_string''. @@ -164,8 +164,8 @@ A confirmation tool, given a passphrase and a confirmation code, can recalculate =====Decryption===== # Collect encrypted private key and passphrase from user. -# Derive ''passfactor'' using scrypt with ''ownerentropy'' and the user's passphrase and use it to recompute ''passpoint'' -# Derive decryption key for ''seedb'' using scrypt with ''passpoint'', ''addresshash'', and ''ownersalt'' +# Derive ''passfactor'' using scrypt with ''ownersalt'' and the user's passphrase and use it to recompute ''passpoint'' +# Derive decryption key for ''seedb'' using scrypt with ''passpoint'', ''addresshash'', and ''ownerentropy'' # Decrypt ''encryptedpart2'' using AES256Decrypt to yield the last 8 bytes of ''seedb'' and the last 8 bytes of ''encryptedpart1''. # Decrypt ''encryptedpart1'' to yield the remainder of ''seedb''. # Use ''seedb'' to compute ''factorb''. -- cgit v1.2.3 From a0d6bb343395abf46126c647771a556a32bd65c3 Mon Sep 17 00:00:00 2001 From: Brooks Boyd Date: Tue, 15 Apr 2014 16:31:01 -0500 Subject: Add test case for UTF8 NFC normalization --- bip-0038.mediawiki | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'bip-0038.mediawiki') diff --git a/bip-0038.mediawiki b/bip-0038.mediawiki index f34a09b..748cb9b 100644 --- a/bip-0038.mediawiki +++ b/bip-0038.mediawiki @@ -252,6 +252,12 @@ Test 2: *Unencrypted private key (WIF): 5KJ51SgxWaAYR13zd9ReMhJpwrcX47xTJh2D3fGPG9CM8vkv5sH *Unencrypted private key (hex): C2C8036DF268F498099350718C4A3EF3984D2BE84618C2650F5171DCC5EB660A +Test 3: +*Passphrase `\u03D2\u0301\u0000\U00010400\U0001F4A9`; [http://codepoints.net/U+03D2 GREEK UPSILON WITH HOOK], [http://codepoints.net/U+0301 COMBINING ACUTE ACCENT], [http://codepoints.net/U+0000 NULL], [http://codepoints.net/U+10400 DESERET CAPITAL LETTER LONG I], [http://codepoints.net/U+1F4A9 PILE OF POO] +*Encrypted key: 6PRW5o9FLp4gJDDVqJQKJFTpMvdsSGJxMYHtHaQBF3ooa8mwD69bapcDQn +*Bitcoin Address: 16ktGzmfrurhbhi6JGqsMWf7TyqK9HNAeF +*Unencrypted private key (WIF): 5Jajm8eQ22H3pGWLEVCXyvND8dQZhiQhoLJNKjYXk9roUFTMSZ4 + ===EC multiply, no compression, lot/sequence numbers=== Test 1: @@ -273,4 +279,3 @@ Test 2: *Unencrypted private key (hex): CA2759AA4ADB0F96C414F36ABEB8DB59342985BE9FA50FAAC228C8E7D90E3006 *Confirmation code: cfrm38V8G4qq2ywYEFfWLD5Cc6msj9UwsG2Mj4Z6QdGJAFQpdatZLavkgRd1i4iBMdRngDqDs51 *Lot/Sequence: 806938/1 - -- cgit v1.2.3 From ab85705d40b3a229020c3c511e66c03cf0f379b7 Mon Sep 17 00:00:00 2001 From: Brooks Boyd Date: Tue, 15 Apr 2014 16:38:37 -0500 Subject: Add normalization note on test case --- bip-0038.mediawiki | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'bip-0038.mediawiki') diff --git a/bip-0038.mediawiki b/bip-0038.mediawiki index 748cb9b..29075ad 100644 --- a/bip-0038.mediawiki +++ b/bip-0038.mediawiki @@ -253,10 +253,11 @@ Test 2: *Unencrypted private key (hex): C2C8036DF268F498099350718C4A3EF3984D2BE84618C2650F5171DCC5EB660A Test 3: -*Passphrase `\u03D2\u0301\u0000\U00010400\U0001F4A9`; [http://codepoints.net/U+03D2 GREEK UPSILON WITH HOOK], [http://codepoints.net/U+0301 COMBINING ACUTE ACCENT], [http://codepoints.net/U+0000 NULL], [http://codepoints.net/U+10400 DESERET CAPITAL LETTER LONG I], [http://codepoints.net/U+1F4A9 PILE OF POO] +*Passphrase \u03D2\u0301\u0000\U00010400\U0001F4A9; [http://codepoints.net/U+03D2 GREEK UPSILON WITH HOOK], [http://codepoints.net/U+0301 COMBINING ACUTE ACCENT], [http://codepoints.net/U+0000 NULL], [http://codepoints.net/U+10400 DESERET CAPITAL LETTER LONG I], [http://codepoints.net/U+1F4A9 PILE OF POO] *Encrypted key: 6PRW5o9FLp4gJDDVqJQKJFTpMvdsSGJxMYHtHaQBF3ooa8mwD69bapcDQn *Bitcoin Address: 16ktGzmfrurhbhi6JGqsMWf7TyqK9HNAeF *Unencrypted private key (WIF): 5Jajm8eQ22H3pGWLEVCXyvND8dQZhiQhoLJNKjYXk9roUFTMSZ4 +* ''Note:'' The non-standard UTF-8 characters in this passphrase should be NFC normalized to result in a passphrase of 0xcf9300f0909080f09f92a9 before further processing ===EC multiply, no compression, lot/sequence numbers=== -- cgit v1.2.3 From d69abd64e13dd118ba011b348e0194315d748320 Mon Sep 17 00:00:00 2001 From: Brooks Boyd Date: Tue, 15 Apr 2014 16:45:03 -0500 Subject: Attempt to put the actual characters in the source file --- bip-0038.mediawiki | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'bip-0038.mediawiki') diff --git a/bip-0038.mediawiki b/bip-0038.mediawiki index 29075ad..1fd9d91 100644 --- a/bip-0038.mediawiki +++ b/bip-0038.mediawiki @@ -243,7 +243,7 @@ Test 1: *Bitcoin address: 1PE6TQi6HTVNz5DLwB1LcpMBALubfuN2z2 *Unencrypted private key (WIF): 5K4caxezwjGCGfnoPTZ8tMcJBLB7Jvyjv4xxeacadhq8nLisLR2 *Unencrypted private key (hex): A43A940577F4E97F5C4D39EB14FF083A98187C64EA7C99EF7CE460833959A519 - + Test 2: *Passphrase: Satoshi *Passphrase code: passphraseoRDGAXTWzbp72eVbtUDdn1rwpgPUGjNZEc6CGBo8i5EC1FPW8wcnLdq4ThKzAS @@ -253,7 +253,7 @@ Test 2: *Unencrypted private key (hex): C2C8036DF268F498099350718C4A3EF3984D2BE84618C2650F5171DCC5EB660A Test 3: -*Passphrase \u03D2\u0301\u0000\U00010400\U0001F4A9; [http://codepoints.net/U+03D2 GREEK UPSILON WITH HOOK], [http://codepoints.net/U+0301 COMBINING ACUTE ACCENT], [http://codepoints.net/U+0000 NULL], [http://codepoints.net/U+10400 DESERET CAPITAL LETTER LONG I], [http://codepoints.net/U+1F4A9 PILE OF POO] +*Passphrase ϓ␀𐐀💩 (\u03D2\u0301\u0000\U00010400\U0001F4A9; [http://codepoints.net/U+03D2 GREEK UPSILON WITH HOOK], [http://codepoints.net/U+0301 COMBINING ACUTE ACCENT], [http://codepoints.net/U+0000 NULL], [http://codepoints.net/U+10400 DESERET CAPITAL LETTER LONG I], [http://codepoints.net/U+1F4A9 PILE OF POO]) *Encrypted key: 6PRW5o9FLp4gJDDVqJQKJFTpMvdsSGJxMYHtHaQBF3ooa8mwD69bapcDQn *Bitcoin Address: 16ktGzmfrurhbhi6JGqsMWf7TyqK9HNAeF *Unencrypted private key (WIF): 5Jajm8eQ22H3pGWLEVCXyvND8dQZhiQhoLJNKjYXk9roUFTMSZ4 -- cgit v1.2.3