webankblockchain / governance-key Goto Github PK

/Governance-Key/key-core/src/main/java/com/webank/keygen/hd/bip32/ExtendedPrivateKey.java 的
public ExtendedPrivateKey deriveChild(int childIdx) 方法中pubKey只支持33字节的pubkey

else {
            indexBuffer.put(this.eccOperations.compress(publicKey.getPublicKey()));
        }
// =>

// Governance-Key/key-core/src/main/java/com/webank/keygen/crypto/EccOperations.java
// 这里的decodePoint的参数point 只支持33字节的压缩形式。
public byte[] compress(byte[] point) {
        ECPoint ecPoint = CURVE.getCurve().decodePoint(point);
        return ecPoint.getEncoded(true);
}

因为现在大部分情况pubKey都是64字节无压缩形式，官网的那些例子也都生成64字节的无压缩形式。
因此官方文档的例子的

//私钥派生子私钥
ExtendedPrivateKey subPrivKey = rootKey.deriveChild(2);

这部分报错,
https://governance-doc.readthedocs.io/zh-cn/latest/docs/WeBankBlockchain-Governance-Key/corequickstart.html#id8

感觉加个判断 64字节和33字节分别处理会好点~

使用mnemonicService.generatePrivateKeyByMnemonic方法创建PkeyInfo对象后，
pkeyInfo.getPublicKey().getAddress()会获得错误的address
因为 PubKeyInfo的getAddress方法没有判断前缀直接截取的publicKey所以SDK 3.0版本获得的Address是错误的。

public String getAddress(){
    EccTypeEnums eccTypeEnums = EccTypeEnums.getEccByName(eccName);
    CryptoKeyPair cryptoKeyPair = KeyUtils.getCryptKeyPair(eccTypeEnums);
    return Numeric.toHexString(cryptoKeyPair.getAddress(Arrays.copyOfRange(publicKey,1,publicKey.length))); //这里直接截取了
}

//添加了PubKey的长度判断
==>
public String getAddress(){
    EccTypeEnums eccTypeEnums = EccTypeEnums.getEccByName(eccName);
    CryptoKeyPair cryptoKeyPair = KeyUtils.getCryptKeyPair(eccTypeEnums);
    if (Numeric.toHexString(publicKey).length() == CryptoKeyPair.PUBLIC_KEY_LENGTH_IN_HEX){
        return Numeric.toHexString(cryptoKeyPair.getAddress(publicKey));
    } else {
        return Numeric.toHexString(cryptoKeyPair.getAddress(Arrays.copyOfRange(publicKey,1,publicKey.length)));
    }
}

后端代码：
String gmMsg = "HelloGM";
String gmPrivateKey = org.web3j.utils.Numeric.cleanHexPrefix(KeyPresenter.asString(gmPkey.getPrivateKey()));
String gmPublicKey = org.web3j.utils.Numeric.cleanHexPrefix(KeyPresenter.asString(gmPkey.getPublicKey().getPublicKey()));
System.out.println("gmPrivateKey = " + gmPrivateKey);
System.out.println("gmPublicKey = " + gmPublicKey);
SM2SignService sm2SignService = new SM2SignService();
String gmSignature = sm2SignService.sign(gmMsg, gmPrivateKey);
System.out.println("gm signature:" + gmSignature);
boolean gmVerifyResult = sm2SignService.verify(gmMsg, gmSignature, gmPublicKey);
System.out.println("gm verify result:" + gmVerifyResult);

前端代码：
const sm2 = require('sm-crypto').sm2;
const msg = 'HelloGM'
const publicKey = '048bcaaccc295247e3807a6bec6fc8f8354a4ff1bb386dab9c8d3ce12aa2c8e03725b1d33357c29692062c22ab515fb3417b70788f99911209b56575f0dc72a774' // 公钥
const privateKey = '26d740a3bc50161e4af05d809381f1ba126051f490e4f1ce2052b8359fb616c3' // 私钥
const verifyData=sm2.doSignature(msg, privateKey, { hash:true, der:true });
console.log(verifyData)

//这里的vsign是java生成的
const vSign = 'c5076deddf7cb5465d6788ad9903dd73cb61c1e1deaeedea586d2628a8d6ac5244af8d637914f2ea096fd37e36697f23040542f864541ef72c5d71083deaeba1'
const ver2 = sm2.doVerifySignature(msg, vSign, publicKey,{ hash:true, der:true } )
console.log(ver2)