How to sign bitcoin transactions using JCE primitives?
23 views
Skip to first unread message
Антон Долгополов
Jun 27, 2019, 10:15:04 AM6/27/19
to bitcoinj
Our company decided to use cloud HSM solutions instead of storing private keys in wallet files. That means that could HSM will generate keys and sign any data without compromising private keys. This HSM has JCE interface with its own provider. I found out how to create Bitcoin MultiSig addresses with it, but I cannot sign anything. Could you please take a look? Here is my code on Gist. Code is very simple, just 70 lines. Here is my output:
My signature s 15049647728136903136242197185843868386816894587707341569093673434251201365745 r 47232836412607535604858149488636859024055618718700726365263254587236051549984 canonical true
Verify my true
Bitcoinj signature s 50964035744498486600571392716871069156607582951343374442588735702293676462513 r 2242289704784843488107710601209509865833798320147928897700948751610583470176 canonical true
Verify Bitcoinj false
These signatures are completely different, even though I used the same private keys for both. What is wrong with my code? Could you please help me?
Andreas Schildbach
Jul 2, 2019, 6:00:04 PM7/2/19
to bitc...@googlegroups.com
There is no built-in support for signing via HSM. You could try to
implement a org.bitcoinj.signers.TransactionSigner.
On 27/06/2019 16.15, Антон Долгополов wrote:
> Our company decided to use cloud HSM solutions instead of storing
> private keys in wallet files. That means that could HSM will generate
> keys and sign any data without compromising private keys. This HSM has
> JCE interface with its own provider. I found out how to create Bitcoin
> MultiSig addresses with it, but I cannot sign anything. Could you please
> take a look? Here is my code on Gist
> <https://gist.github.com/dolgopolovwork/7d1373fbe1a041c4fa33ea8b8a534f1d>.
> You received this message because you are subscribed to the Google
> Groups "bitcoinj" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to bitcoinj+u...@googlegroups.com
> <mailto:bitcoinj+u...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/bitcoinj/a323cf8a-8c2c-421d-a4e4-081dab94efa0%40googlegroups.com
> <https://groups.google.com/d/msgid/bitcoinj/a323cf8a-8c2c-421d-a4e4-081dab94efa0%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
implement a org.bitcoinj.signers.TransactionSigner.
On 27/06/2019 16.15, Антон Долгополов wrote:
> Our company decided to use cloud HSM solutions instead of storing
> private keys in wallet files. That means that could HSM will generate
> keys and sign any data without compromising private keys. This HSM has
> JCE interface with its own provider. I found out how to create Bitcoin
> MultiSig addresses with it, but I cannot sign anything. Could you please
> take a look? Here is my code on Gist
> Code is very simple, just 70 lines. Here is my output:
>
> My signature s
> 15049647728136903136242197185843868386816894587707341569093673434251201365745
> r
> 47232836412607535604858149488636859024055618718700726365263254587236051549984
> canonical true
> Verify my true
> Bitcoinj signature s
> 50964035744498486600571392716871069156607582951343374442588735702293676462513
> r
> 2242289704784843488107710601209509865833798320147928897700948751610583470176
> canonical true
> Verify Bitcoinj false
>
> These signatures are completely different, even though I used the same
> private keys for both. What is wrong with my code? Could you please help
> me?
>
> --
>
> My signature s
> 15049647728136903136242197185843868386816894587707341569093673434251201365745
> r
> 47232836412607535604858149488636859024055618718700726365263254587236051549984
> canonical true
> Verify my true
> Bitcoinj signature s
> 50964035744498486600571392716871069156607582951343374442588735702293676462513
> r
> 2242289704784843488107710601209509865833798320147928897700948751610583470176
> canonical true
> Verify Bitcoinj false
>
> These signatures are completely different, even though I used the same
> private keys for both. What is wrong with my code? Could you please help
> me?
>
> You received this message because you are subscribed to the Google
> Groups "bitcoinj" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to bitcoinj+u...@googlegroups.com
> <mailto:bitcoinj+u...@googlegroups.com>.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/bitcoinj/a323cf8a-8c2c-421d-a4e4-081dab94efa0%40googlegroups.com
> <https://groups.google.com/d/msgid/bitcoinj/a323cf8a-8c2c-421d-a4e4-081dab94efa0%40googlegroups.com?utm_medium=email&utm_source=footer>.
> For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages