commit 40ff04496aa7f4ecc39fec5fb6bec3fcee40f31d
parent b71c03bf56aaffbbc3f6c677ce7feb6b45a4e00d
Author: Jared Tobin <jared@jtobin.io>
Date: Sat, 10 Jan 2026 22:30:21 +0400
lib: use updated hmac api
Diffstat:
4 files changed, 45 insertions(+), 37 deletions(-)
diff --git a/flake.lock b/flake.lock
@@ -88,11 +88,11 @@
]
},
"locked": {
- "lastModified": 1767898767,
- "narHash": "sha256-PAhxa5UvbGJn3vpPUvwlohV5KUTWAz112At/Z386tBc=",
+ "lastModified": 1768067273,
+ "narHash": "sha256-W5K8Q9KUGlKD5Ky0hOclThFHLzd7Ybike9Yr8yubTNA=",
"ref": "master",
- "rev": "08cb6bf5b24a730e8101110e4cbbc8a95788751e",
- "revCount": 33,
+ "rev": "1babbd97abf0a6163657676396b8eedf4fdf4105",
+ "revCount": 34,
"type": "git",
"url": "git://git.ppad.tech/base58.git"
},
@@ -136,40 +136,34 @@
"ppad-hmac-drbg": {
"inputs": {
"flake-utils": [
- "ppad-secp256k1",
"ppad-hmac-drbg",
"ppad-nixpkgs",
"flake-utils"
],
"nixpkgs": [
- "ppad-secp256k1",
"ppad-hmac-drbg",
"ppad-nixpkgs",
"nixpkgs"
],
"ppad-base16": [
- "ppad-secp256k1",
"ppad-base16"
],
"ppad-nixpkgs": [
- "ppad-secp256k1",
"ppad-nixpkgs"
],
"ppad-sha256": [
- "ppad-secp256k1",
"ppad-sha256"
],
"ppad-sha512": [
- "ppad-secp256k1",
"ppad-sha512"
]
},
"locked": {
- "lastModified": 1767897885,
- "narHash": "sha256-DLSpSE5sV94K6I2Hj05SlkEIoU46dfi7AT6dmoiIaVA=",
+ "lastModified": 1768057958,
+ "narHash": "sha256-Csrv+J0WnGankFhvEMQsHnLd3h8zVpmTKV5WaHD5LoM=",
"ref": "master",
- "rev": "c754b88c59d0a3f759368a99b949400f08e16b79",
- "revCount": 56,
+ "rev": "c6487458ef620c4f83bdbc7494f5f48c989133b6",
+ "revCount": 62,
"type": "git",
"url": "git://git.ppad.tech/hmac-drbg.git"
},
@@ -251,7 +245,9 @@
"ppad-fixed": [
"ppad-fixed"
],
- "ppad-hmac-drbg": "ppad-hmac-drbg",
+ "ppad-hmac-drbg": [
+ "ppad-hmac-drbg"
+ ],
"ppad-nixpkgs": [
"ppad-nixpkgs"
],
@@ -263,11 +259,11 @@
]
},
"locked": {
- "lastModified": 1767898470,
- "narHash": "sha256-/BG30iSsiAKFW8edGrEBd34BcR+s1ab8XqrwWC9wHVs=",
+ "lastModified": 1768069596,
+ "narHash": "sha256-S98vYYeuLkLLfUozc/YraIEBX4uWrIS5V14hkN2xyk0=",
"ref": "master",
- "rev": "10254053c384b05b4a528c7c4884705e046ce331",
- "revCount": 239,
+ "rev": "ee40b39f69f79e77ce50ca9be31e0e4679839b8a",
+ "revCount": 243,
"type": "git",
"url": "git://git.ppad.tech/secp256k1.git"
},
@@ -297,11 +293,11 @@
]
},
"locked": {
- "lastModified": 1767897559,
- "narHash": "sha256-UabcPqE4O+h1HHv02LjanjuorRS91OODqk0ek55VrmQ=",
+ "lastModified": 1768045644,
+ "narHash": "sha256-8+jLaYRN8iX6NmyotE7DvjfjUIT8I0KOchgcP7uq7Vo=",
"ref": "master",
- "rev": "528d9cf07ca756fb5422cab174849fe0708620d0",
- "revCount": 111,
+ "rev": "4716cd5b4e673e9cb66e4e5e427e5464a7c10977",
+ "revCount": 116,
"type": "git",
"url": "git://git.ppad.tech/sha256.git"
},
@@ -331,11 +327,11 @@
]
},
"locked": {
- "lastModified": 1767897585,
- "narHash": "sha256-QxLlHu8+tGKZ9aOKFnVOqNwEn+LCuNF27kY2dxOCYxo=",
+ "lastModified": 1768045869,
+ "narHash": "sha256-ySqv5fQRz+/9X54yXCuck2QnGyuIqRLpRzanh+Ehl88=",
"ref": "master",
- "rev": "428e2e09c345a0cb255d9aab432606308872c014",
- "revCount": 38,
+ "rev": "0fbaba3c091692622744d30016e36ca6b726a819",
+ "revCount": 42,
"type": "git",
"url": "git://git.ppad.tech/sha512.git"
},
@@ -358,6 +354,7 @@
"ppad-base16": "ppad-base16",
"ppad-base58": "ppad-base58",
"ppad-fixed": "ppad-fixed",
+ "ppad-hmac-drbg": "ppad-hmac-drbg",
"ppad-nixpkgs": "ppad-nixpkgs",
"ppad-ripemd160": "ppad-ripemd160",
"ppad-secp256k1": "ppad-secp256k1",
diff --git a/flake.nix b/flake.nix
@@ -48,6 +48,15 @@
inputs.ppad-nixpkgs.follows = "ppad-nixpkgs";
inputs.ppad-base16.follows = "ppad-base16";
};
+ ppad-hmac-drbg = {
+ type = "git";
+ url = "git://git.ppad.tech/hmac-drbg.git";
+ ref = "master";
+ inputs.ppad-sha256.follows = "ppad-sha256";
+ inputs.ppad-sha512.follows = "ppad-sha512";
+ inputs.ppad-base16.follows = "ppad-base16";
+ inputs.ppad-nixpkgs.follows = "ppad-nixpkgs";
+ };
ppad-secp256k1 = {
type = "git";
url = "git://git.ppad.tech/secp256k1.git";
@@ -55,6 +64,7 @@
inputs.ppad-nixpkgs.follows = "ppad-nixpkgs";
inputs.ppad-base16.follows = "ppad-base16";
inputs.ppad-fixed.follows = "ppad-fixed";
+ inputs.ppad-hmac-drbg.follows = "ppad-hmac-drbg";
inputs.ppad-sha256.follows = "ppad-sha256";
inputs.ppad-sha512.follows = "ppad-sha512";
};
@@ -66,6 +76,7 @@
, ppad-fixed
, ppad-sha256, ppad-sha512, ppad-ripemd160
, ppad-base16, ppad-base58
+ , ppad-hmac-drbg
, ppad-secp256k1 }:
flake-utils.lib.eachDefaultSystem (system:
let
diff --git a/lib/Crypto/HDKey/BIP32.hs b/lib/Crypto/HDKey/BIP32.hs
@@ -318,7 +318,7 @@ _master seed@(BI.PS _ _ l)
| l < 16 = Nothing
| l > 64 = Nothing
| otherwise = do
- let i = SHA512.hmac "Bitcoin seed" seed
+ let SHA512.MAC i = SHA512.hmac "Bitcoin seed" seed
(il, c) = BS.splitAt 32 i
s = unsafe_roll32 il -- safe due to 512-bit hmac
pure $! (XPrv (X s c))
@@ -326,7 +326,7 @@ _master seed@(BI.PS _ _ l)
-- private parent key -> private child key
ckd_priv :: XPrv -> Word32 -> XPrv
ckd_priv _xprv@(XPrv (X sec cod)) i =
- let l = SHA512.hmac cod dat
+ let SHA512.MAC l = SHA512.hmac cod dat
(il, ci) = BS.splitAt 32 l
pil = unsafe_roll32 il -- safe due to 512-bit hmac
ki = S.from (S.to pil + S.to sec)
@@ -347,7 +347,7 @@ ckd_pub _xpub@(XPub (X pub cod)) i
| hardened i = Nothing
| otherwise = do
let dat = Secp256k1.serialize_point pub <> ser32 i
- l = SHA512.hmac cod dat
+ SHA512.MAC l = SHA512.hmac cod dat
(il, ci) = BS.splitAt 32 l
pil = unsafe_roll32 il -- safe due to 512-bit hmac
pt <- Secp256k1.mul_vartime Secp256k1._CURVE_G pil
@@ -369,7 +369,7 @@ n (XPrv (X sec cod)) = case Secp256k1.mul Secp256k1._CURVE_G sec of
-- calculations.
ckd_priv' :: Context -> XPrv -> Word32 -> XPrv
ckd_priv' ctx _xprv@(XPrv (X sec cod)) i =
- let l = SHA512.hmac cod dat
+ let SHA512.MAC l = SHA512.hmac cod dat
(il, ci) = BS.splitAt 32 l
pil = unsafe_roll32 il -- safe due to 512-bit hmac
ki = S.from (S.to pil + S.to sec)
@@ -391,7 +391,7 @@ ckd_pub' ctx _xpub@(XPub (X pub cod)) i
| hardened i = Nothing
| otherwise = do
let dat = Secp256k1.serialize_point pub <> ser32 i
- l = SHA512.hmac cod dat
+ SHA512.MAC l = SHA512.hmac cod dat
(il, ci) = BS.splitAt 32 l
pil = unsafe_roll32 il -- safe due to 512-bit hmac
pt <- Secp256k1.mul_wnaf ctx pil
diff --git a/ppad-bip32.cabal b/ppad-bip32.cabal
@@ -1,6 +1,6 @@
cabal-version: 3.0
name: ppad-bip32
-version: 0.3.2
+version: 0.3.3
synopsis: BIP32 hierarchical deterministic wallets.
license: MIT
license-file: LICENSE
@@ -36,12 +36,12 @@ library
build-depends:
base >= 4.9 && < 5
, bytestring >= 0.9 && < 0.13
- , ppad-base58 >= 0.2.2 && < 0.3
+ , ppad-base58 >= 0.2.3 && < 0.3
, ppad-fixed >= 0.1.3 && < 0.2
, ppad-ripemd160 >= 0.1.4 && < 0.2
- , ppad-secp256k1 >= 0.5.2 && < 0.6
- , ppad-sha256 >= 0.2.4 && < 0.3
- , ppad-sha512 >= 0.1.4 && < 0.2
+ , ppad-secp256k1 >= 0.5.3 && < 0.6
+ , ppad-sha256 >= 0.3 && < 0.4
+ , ppad-sha512 >= 0.2 && < 0.3
test-suite bip32-tests
type: exitcode-stdio-1.0
