mirror of
https://github.com/bitcoin/bips.git
synced 2024-11-19 01:40:05 +01:00
BIP-352: use own ripemd160 for reference implementation (#1616)
On some operating systems, Python doesn't provide the expected ripemd160 implementation anymore, so the reference implementation fails to start. E.g. in Ubuntu 22.04: ---------------------------------------------------------------------------------------------- $ ./reference.py send_and_receive_test_vectors.json Simple send: two inputs Traceback (most recent call last): File "/usr/lib/python3.10/hashlib.py", line 160, in __hash_new return _hashlib.new(name, data, **kwargs) ValueError: [digital envelope routines] unsupported During handling of the above exception, another exception occurred: Traceback (most recent call last): File "/home/thestack/bips/bip-0352/./reference.py", line 228, in <module> pubkey = get_pubkey_from_input(vin) File "/home/thestack/bips/bip-0352/./reference.py", line 46, in get_pubkey_from_input pubkey_hash = hash160(pubkey_bytes) File "/home/thestack/bips/bip-0352/bitcoin_utils.py", line 130, in hash160 return hashlib.new("ripemd160", hashlib.sha256(s).digest()).digest() File "/usr/lib/python3.10/hashlib.py", line 166, in __hash_new return __get_builtin_constructor(name)(data) File "/usr/lib/python3.10/hashlib.py", line 123, in __get_builtin_constructor raise ValueError('unsupported hash type ' + name) ValueError: unsupported hash type ripemd160 ---------------------------------------------------------------------------------------------- Fix this by providing a manual implementation, taken from the functional test framework of Bitcoin Core. See corresponding issue https://github.com/bitcoin/bitcoin/issues/23710 and PR https://github.com/bitcoin/bitcoin/pull/23716
This commit is contained in:
parent
3b99594660
commit
2a99b8f925
@ -1,6 +1,7 @@
|
||||
import hashlib
|
||||
import struct
|
||||
from io import BytesIO
|
||||
from ripemd160 import ripemd160
|
||||
from secp256k1 import ECKey
|
||||
from typing import Union
|
||||
|
||||
@ -127,7 +128,7 @@ class CTxInWitness:
|
||||
|
||||
|
||||
def hash160(s: Union[bytes, bytearray]) -> bytes:
|
||||
return hashlib.new("ripemd160", hashlib.sha256(s).digest()).digest()
|
||||
return ripemd160(hashlib.sha256(s).digest())
|
||||
|
||||
|
||||
def is_p2tr(spk: bytes) -> bool:
|
||||
|
130
bip-0352/ripemd160.py
Normal file
130
bip-0352/ripemd160.py
Normal file
@ -0,0 +1,130 @@
|
||||
# Copyright (c) 2021 Pieter Wuille
|
||||
# Distributed under the MIT software license, see the accompanying
|
||||
# file COPYING or http://www.opensource.org/licenses/mit-license.php.
|
||||
"""Test-only pure Python RIPEMD160 implementation."""
|
||||
|
||||
import unittest
|
||||
|
||||
# Message schedule indexes for the left path.
|
||||
ML = [
|
||||
0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
|
||||
7, 4, 13, 1, 10, 6, 15, 3, 12, 0, 9, 5, 2, 14, 11, 8,
|
||||
3, 10, 14, 4, 9, 15, 8, 1, 2, 7, 0, 6, 13, 11, 5, 12,
|
||||
1, 9, 11, 10, 0, 8, 12, 4, 13, 3, 7, 15, 14, 5, 6, 2,
|
||||
4, 0, 5, 9, 7, 12, 2, 10, 14, 1, 3, 8, 11, 6, 15, 13
|
||||
]
|
||||
|
||||
# Message schedule indexes for the right path.
|
||||
MR = [
|
||||
5, 14, 7, 0, 9, 2, 11, 4, 13, 6, 15, 8, 1, 10, 3, 12,
|
||||
6, 11, 3, 7, 0, 13, 5, 10, 14, 15, 8, 12, 4, 9, 1, 2,
|
||||
15, 5, 1, 3, 7, 14, 6, 9, 11, 8, 12, 2, 10, 0, 4, 13,
|
||||
8, 6, 4, 1, 3, 11, 15, 0, 5, 12, 2, 13, 9, 7, 10, 14,
|
||||
12, 15, 10, 4, 1, 5, 8, 7, 6, 2, 13, 14, 0, 3, 9, 11
|
||||
]
|
||||
|
||||
# Rotation counts for the left path.
|
||||
RL = [
|
||||
11, 14, 15, 12, 5, 8, 7, 9, 11, 13, 14, 15, 6, 7, 9, 8,
|
||||
7, 6, 8, 13, 11, 9, 7, 15, 7, 12, 15, 9, 11, 7, 13, 12,
|
||||
11, 13, 6, 7, 14, 9, 13, 15, 14, 8, 13, 6, 5, 12, 7, 5,
|
||||
11, 12, 14, 15, 14, 15, 9, 8, 9, 14, 5, 6, 8, 6, 5, 12,
|
||||
9, 15, 5, 11, 6, 8, 13, 12, 5, 12, 13, 14, 11, 8, 5, 6
|
||||
]
|
||||
|
||||
# Rotation counts for the right path.
|
||||
RR = [
|
||||
8, 9, 9, 11, 13, 15, 15, 5, 7, 7, 8, 11, 14, 14, 12, 6,
|
||||
9, 13, 15, 7, 12, 8, 9, 11, 7, 7, 12, 7, 6, 15, 13, 11,
|
||||
9, 7, 15, 11, 8, 6, 6, 14, 12, 13, 5, 14, 13, 13, 7, 5,
|
||||
15, 5, 8, 11, 14, 14, 6, 14, 6, 9, 12, 9, 12, 5, 15, 8,
|
||||
8, 5, 12, 9, 12, 5, 14, 6, 8, 13, 6, 5, 15, 13, 11, 11
|
||||
]
|
||||
|
||||
# K constants for the left path.
|
||||
KL = [0, 0x5a827999, 0x6ed9eba1, 0x8f1bbcdc, 0xa953fd4e]
|
||||
|
||||
# K constants for the right path.
|
||||
KR = [0x50a28be6, 0x5c4dd124, 0x6d703ef3, 0x7a6d76e9, 0]
|
||||
|
||||
|
||||
def fi(x, y, z, i):
|
||||
"""The f1, f2, f3, f4, and f5 functions from the specification."""
|
||||
if i == 0:
|
||||
return x ^ y ^ z
|
||||
elif i == 1:
|
||||
return (x & y) | (~x & z)
|
||||
elif i == 2:
|
||||
return (x | ~y) ^ z
|
||||
elif i == 3:
|
||||
return (x & z) | (y & ~z)
|
||||
elif i == 4:
|
||||
return x ^ (y | ~z)
|
||||
else:
|
||||
assert False
|
||||
|
||||
|
||||
def rol(x, i):
|
||||
"""Rotate the bottom 32 bits of x left by i bits."""
|
||||
return ((x << i) | ((x & 0xffffffff) >> (32 - i))) & 0xffffffff
|
||||
|
||||
|
||||
def compress(h0, h1, h2, h3, h4, block):
|
||||
"""Compress state (h0, h1, h2, h3, h4) with block."""
|
||||
# Left path variables.
|
||||
al, bl, cl, dl, el = h0, h1, h2, h3, h4
|
||||
# Right path variables.
|
||||
ar, br, cr, dr, er = h0, h1, h2, h3, h4
|
||||
# Message variables.
|
||||
x = [int.from_bytes(block[4*i:4*(i+1)], 'little') for i in range(16)]
|
||||
|
||||
# Iterate over the 80 rounds of the compression.
|
||||
for j in range(80):
|
||||
rnd = j >> 4
|
||||
# Perform left side of the transformation.
|
||||
al = rol(al + fi(bl, cl, dl, rnd) + x[ML[j]] + KL[rnd], RL[j]) + el
|
||||
al, bl, cl, dl, el = el, al, bl, rol(cl, 10), dl
|
||||
# Perform right side of the transformation.
|
||||
ar = rol(ar + fi(br, cr, dr, 4 - rnd) + x[MR[j]] + KR[rnd], RR[j]) + er
|
||||
ar, br, cr, dr, er = er, ar, br, rol(cr, 10), dr
|
||||
|
||||
# Compose old state, left transform, and right transform into new state.
|
||||
return h1 + cl + dr, h2 + dl + er, h3 + el + ar, h4 + al + br, h0 + bl + cr
|
||||
|
||||
|
||||
def ripemd160(data):
|
||||
"""Compute the RIPEMD-160 hash of data."""
|
||||
# Initialize state.
|
||||
state = (0x67452301, 0xefcdab89, 0x98badcfe, 0x10325476, 0xc3d2e1f0)
|
||||
# Process full 64-byte blocks in the input.
|
||||
for b in range(len(data) >> 6):
|
||||
state = compress(*state, data[64*b:64*(b+1)])
|
||||
# Construct final blocks (with padding and size).
|
||||
pad = b"\x80" + b"\x00" * ((119 - len(data)) & 63)
|
||||
fin = data[len(data) & ~63:] + pad + (8 * len(data)).to_bytes(8, 'little')
|
||||
# Process final blocks.
|
||||
for b in range(len(fin) >> 6):
|
||||
state = compress(*state, fin[64*b:64*(b+1)])
|
||||
# Produce output.
|
||||
return b"".join((h & 0xffffffff).to_bytes(4, 'little') for h in state)
|
||||
|
||||
|
||||
class TestFrameworkKey(unittest.TestCase):
|
||||
def test_ripemd160(self):
|
||||
"""RIPEMD-160 test vectors."""
|
||||
# See https://homes.esat.kuleuven.be/~bosselae/ripemd160.html
|
||||
for msg, hexout in [
|
||||
(b"", "9c1185a5c5e9fc54612808977ee8f548b2258d31"),
|
||||
(b"a", "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe"),
|
||||
(b"abc", "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc"),
|
||||
(b"message digest", "5d0689ef49d2fae572b881b123a85ffa21595f36"),
|
||||
(b"abcdefghijklmnopqrstuvwxyz",
|
||||
"f71c27109c692c1b56bbdceb5b9d2865b3708dbc"),
|
||||
(b"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
|
||||
"12a053384a9c0c88e405a06c27dcf49ada62eb2b"),
|
||||
(b"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
|
||||
"b0e20b6e3116640286ed3a87a5713079b21f5189"),
|
||||
(b"1234567890" * 8, "9b752e45573d4b39f4dbd3323cab82bf63326bfb"),
|
||||
(b"a" * 1000000, "52783243c1697bdbe16d37f97f68f08325dc1528")
|
||||
]:
|
||||
self.assertEqual(ripemd160(msg).hex(), hexout)
|
Loading…
Reference in New Issue
Block a user