Home Explore Help
Sign In
mmgen
/
mmgen-wallet
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 514c1100ee
Branches Tags
mmgen-wallet
/
mmgen
/
sha256.py

sha256.py 4.1 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142 
  1. #!/usr/bin/env python3
    2. 

  2. #
    3. 

  3. # mmgen = Multi-Mode GENerator, command-line Bitcoin cold storage solution
    4. 

  4. # Copyright (C)2013-2019 The MMGen Project <mmgen@tuta.io>
    5. 

  5. #
    6. 

  6. # This program is free software: you can redistribute it and/or modify
    7. 

  7. # it under the terms of the GNU General Public License as published by
    8. 

  8. # the Free Software Foundation, either version 3 of the License, or
    9. 

  9. # (at your option) any later version.
    10. 

  10. #
    11. 

  11. # This program is distributed in the hope that it will be useful,
    12. 

  12. # but WITHOUT ANY WARRANTY; without even the implied warranty of
    13. 

  13. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14. 

  14. # GNU General Public License for more details.
    15. 

  15. #
    16. 

  16. # You should have received a copy of the GNU General Public License
    17. 

  17. # along with this program.  If not, see <http://www.gnu.org/licenses/>.
    18. 

  18. 

  19. """
    20. 

  20. sha256.py: custom sha256 implementation for Zcash
    21. 

  21. """
    22. 

  22. 

  23. # Sha256 code ported from JavaScript, originally here:
    24. 

  24. #   CryptoJS v3.1.2 code.google.com/p/crypto-js
    25. 

  25. #   (c) 2009-2013 by Jeff Mott. All rights reserved.
    26. 

  26. #   code.google.com/p/crypto-js/wiki/License
    27. 

  27. # via here:
    28. 

  28. #   https://www.npmjs.com/package/sha256
    29. 

  29. # and here:
    30. 

  30. #   https://github.com/howardwu/zaddr
    31. 

  31. 

  32. from binascii import hexlify
    33. 

  33. 

  34. class Sha256(object):
    35. 

  35. 

  36. 	def initConstants():
    37. 

  37. 		import math
    38. 

  38. 		def isPrime(n):
    39. 

  39. 			for factor in range(2,int(math.sqrt(n))+1):
    40. 

  40. 				if not (n % factor): return False
    41. 

  41. 			return True
    42. 

  42. 

  43. 		def getFractionalBits(n):
    44. 

  44. 			return int((n - int(n)) * 0x100000000)
    45. 

  45. 

  46. 		k = [0] * 64
    47. 

  47. 		n,nPrime = 2,0
    48. 

  48. 		while nPrime < 64:
    49. 

  49. 			if isPrime(n):
    50. 

  50. 				k[nPrime] = getFractionalBits(math.pow(n, 1 / 3))
    51. 

  51. 				nPrime += 1
    52. 

  52. 			n += 1
    53. 

  53. 

  54. 		return k
    55. 

  55. 

  56. 	K = initConstants()
    57. 

  57. 

  58. 	# preprocess: True=Sha256(), False=Sha256Compress()
    59. 

  59. 	def __init__(self,message,preprocess=True):
    60. 

  60. 		self.H = [0x6A09E667,0xBB67AE85,0x3C6EF372,0xA54FF53A,0x510E527F,0x9B05688C,0x1F83D9AB,0x5BE0CD19]
    61. 

  61. 		self.M = message
    62. 

  62. 		self.W = [0] * 64
    63. 

  63. 		(self.bytesToWords,self.preprocessBlock)[preprocess]()
    64. 

  64. #		self.initConstants()
    65. 

  65. 		self.compute()
    66. 

  66. 

  67. 	def digest(self):
    68. 

  68. 		self.M = self.H
    69. 

  69. 		self.wordsToBytes()
    70. 

  70. 		return self.M
    71. 

  71. 

  72. 	def hexdigest(self):
    73. 

  73. 		return hexlify(self.digest())
    74. 

  74. 

  75. 	def bytesToWords(self):
    76. 

  76. 		assert type(self.M) in (bytes,bytearray,list)
    77. 

  77. 		words = [0] * (len(self.M) // 4 + len(self.M) % 4)
    78. 

  78. 		b = 0
    79. 

  79. 		for i in range(len(self.M)):
    80. 

  80. 			words[b >> 5] |= self.M[i] << (24 - b % 32)
    81. 

  81. 			b += 8
    82. 

  82. 		self.M = words
    83. 

  83. 

  84. 	def wordsToBytes(self):
    85. 

  85. 		assert type(self.M) == list and len(self.M) == 8
    86. 

  86. 		self.M = bytes([(self.M[b >> 5] >> (24 - b % 32) & 0xff) for b in range(0,len(self.M)*32,8)])
    87. 

  87. 

  88. 	def preprocessBlock(self):
    89. 

  89. 		def lshift(a,b): return (a << b) & 0xffffffff
    90. 

  90. 		assert type(self.M) in (bytes,bytearray)
    91. 

  91. 		l = len(self.M) * 8
    92. 

  92. 		self.bytesToWords()
    93. 

  93. 		last_idx = lshift((l + 64 >> 9),4) + 15
    94. 

  94. 		self.M.extend([0] * (last_idx - len(self.M) + 1))
    95. 

  95. 		self.M[l >> 5] |= lshift(0x80, (24 - l % 32))
    96. 

  96. 		self.M[last_idx] = l
    97. 

  97. 

  98. 	def compute(self):
    99. 

  99. 		assert type(self.M) == list
    100. 

  100. 		for i in range(0,len(self.M),16):
    101. 

  101. 			self.processBlock(i)
    102. 

  102. 

  103. 	def processBlock(self,offset):
    104. 

  104. 		def lshift(a,b): return (a << b) & 0xffffffff
    105. 

  105. 		def sumr(a,b):   return (a + b) & 0xffffffff
    106. 

  106. 		a,b,c,d,e,f,g,h = [self.H[i] for i in range(8)] # Working variables
    107. 

  107. 

  108. 		for i in range(64):
    109. 

  109. 			if i < 16:
    110. 

  110. 				self.W[i] = self.M[offset + i]
    111. 

  111. 			else:
    112. 

  112. 				gamma0x = self.W[i - 15]
    113. 

  113. 				gamma0 = ( (lshift(gamma0x,25) | (gamma0x >> 7)) ^
    114. 

  114. 							(lshift(gamma0x,14) | (gamma0x >> 18)) ^
    115. 

  115. 							(gamma0x >> 3) )
    116. 

  116. 				gamma1x = self.W[i - 2]
    117. 

  117. 				gamma1 = ( (lshift(gamma1x,15) | (gamma1x >> 17)) ^
    118. 

  118. 							(lshift(gamma1x,13) | (gamma1x >> 19)) ^
    119. 

  119. 							(gamma1x >> 10) )
    120. 

  120. 				self.W[i] = sumr(sumr(sumr(gamma0,self.W[i - 7]),gamma1),self.W[i - 16])
    121. 

  121. 

  122. 			ch = (e & f) ^ (~e & g)
    123. 

  123. 			maj = (a & b) ^ (a & c) ^ (b & c)
    124. 

  124. 

  125. 			sigma0 = (lshift(a,30) | (a >> 2)) ^ (lshift(a,19) | (a >> 13)) ^ (lshift(a,10) | (a >> 22))
    126. 

  126. 			sigma1 = (lshift(e,26) | (e >> 6)) ^ (lshift(e,21) | (e >> 11)) ^ (lshift(e,7) | (e >> 25))
    127. 

  127. 

  128. 			t1 = sumr(sumr(sumr(sumr(h,sigma1),ch),self.K[i]),self.W[i])
    129. 

  129. 			t2 = sumr(sigma0,maj)
    130. 

  130. 

  131. 			h = g
    132. 

  132. 			g = f
    133. 

  133. 			f = e
    134. 

  134. 			e = sumr(d,t1)
    135. 

  135. 			d = c
    136. 

  136. 			c = b
    137. 

  137. 			b = a
    138. 

  138. 			a = sumr(t1,t2)
    139. 

  139. 

  140. 		# Intermediate hash value
    141. 

  141. 		for n,v in enumerate([a,b,c,d,e,f,g,h]):
    142. 

  142. 			self.H[n] = sumr(self.H[n],v)
    143.