以太坊系列:OpenSSL生成以太坊账户

原文链接:https://www.jianshu.com/p/9ebeabd55d30

经常和密码打交道的人估计都用过一款神器:openssl(介绍opessl的安装和使用类的资料很多,这里略过)。刚好这几天在网上看到一篇文章介绍如何用openssl创建以太坊账户,而不是用geth命令创建。文章写得挺好,有点长,又是英文,所以我在这里用自己的话简单重述其操作步骤并给予适当的补充说明。

原文链接:https://kobl.one/blog/create-full-ethereum-keypair-and-address,

也请参考:https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations

通常来说Linux系统发行版都有md5sum、shasum等哈希工具安装包,但是sha3和keccak哈希工具比较新,就得通过源码编译安装了,步骤如下:

git clonehttps://github.com/maandree/libkeccak

cd libkeccak

make

make install

ldconfig

git clonehttps://github.com/maandree/sha3sum.git

cd sha3sum

make

make install

ldconfig

运行openssl ecparam -list_curves命令可以查看其支持的曲线类型集合,以太坊和比特币都是采用secp256k1曲线,生成椭圆曲线密钥对的命令如下:

openssl ecparam-name secp256k1 -genkey -noout | openssl ec -text -noout

输出:

read EC key

Private-Key: (256bit)

priv:

   00:8f:93:e9:e3:32:02:42:6f:9d:0d:b3:a5:d2:59:

   22:60:33:30:e2:d5:a2:42:d5:21:22:ee:f0:9a:da:

   a8:7a:70

pub:

   04:29:14:c6:39:87:99:3d:e5:38:e5:e4:47:83:3a:

   21:bc:2f:d0:a7:df:fb:6f:40:ab:ad:2f:56:7e:b5:

   99:dc:fa:c6:95:36:fe:be:ad:25:05:98:41:84:40:

   6b:40:8e:a4:68:f4:68:ea:a8:64:4e:33:21:da:02:

   19:cf:1b:b2:e3

ASN1 OID:secp256k1

私钥以00开头,公钥以04开头,做运算时,需要去掉00或04以及冒号,用awk,sed,tr等经典文本工具可以自动化去除,看操作者熟练程度了,若不熟悉这些工具命令的复杂选项,就手动复制到文本编辑器内去除,注意力集中在密码技术上,而不是文本处理技术,得到如下结果:

--私钥,32字节,表示成64 个字符--

8f93e9e33202426f9d0db3a5d25922603330e2d5a242d52122eef09adaa87a70

--公钥,64字节,表示成128个字符--

2914c63987993de538e5e447833a21bc2fd0a7dffb6f40abad2f567eb599dcfac69536febead2505984184406b408ea468f468eaa8644e3321da0219cf1bb2e3

执行如下命令,对公钥做keccak-256哈希运算导出账户地址:

echo -n "2914c63987993de538e5e447833a21bc2fd0a7dffb6f40abad2f567eb599dcfac69536febead2505984184406b408ea468f468eaa8644e3321da0219cf1bb2e3" | keccak-256sum -x -l | tr -d ' -' | tail -c 41

输出:

47dca4f48cf5f43fa359040afa57b548c92d4a5d

注意这个结果必须和geth导入私钥时的输出结果一致,否则肯定是在某个地方出现操作失误了,需重做实验。接下来执行geth命令导入私钥进行测试:

echo "8f93e9e33202426f9d0db3a5d25922603330e2d5a242d52122eef09adaa87a70" > priv

geth account import priv

输出:

Your new account is locked with a password.  Please give a password.  Do not forget this password.

Passphrase:

Repeat passphrase:

Address: {47dca4f48cf5f43fa359040afa57b548c92d4a5d}

查看一下生成的密钥keystore文件:

cat ~/.ethereum/keystore/UTC--2018-03-21T11-11-11.848269178Z--47dca4f48cf5f43fa359040afa57b548c92d4a5d

输出:

{"address":"47dca4f48cf5f43fa359040afa57b548c92d4a5d","crypto":{"cipher":"aes-128-ctr","ciphertext":"433cb3158778be8e5861acf245e4769b3e054c0d1e8be5bac9f979d6dcc7b16e","cipherparams":{"iv":"a64b76316e5d1a532d300b76f9171f9c"},"kdf":"scrypt","kdfparams":{"dklen":32,"n":262144,"p":1,"r":8,"salt":"2b1f5e2a011a4cc979c53b7ec575fbbeedc6b5940d96967c8872f9a5225e70ec"},"mac":"eceb8bdc070739c1659c5ccb73eac08364068f81f6c930b52ecdce1415d39c87"},"id":"aaa8d243-12fd-43f0-b24a-411b0ad6cddc","version":3}

进入Quorum控制台(Quorum和Geth相比,好处就是把gasPrice改为0了,这样在转账测试计算账户余额的时候,不用考虑矿工费问题),测试一下看看:

>eth.getBalance(eth.coinbase)

9.98796449e+26

>eth.getBalance("47dca4f48cf5f43fa359040afa57b548c92d4a5d")

0

>eth.sendTransaction({from: eth.coinbase, to:"47dca4f48cf5f43fa359040afa57b548c92d4a5d", value: web3.toWei(100,"ether")})

"0x9001c52ebcda139994d42757c01c96e7e82fec6ac0a853d9fc9be3b505235c08"

>eth.getBalance("47dca4f48cf5f43fa359040afa57b548c92d4a5d")

100000000000000000000

>personal.unlockAccount("47dca4f48cf5f43fa359040afa57b548c92d4a5d","123456", 5000)

true

>eth.sendTransaction({from:"47dca4f48cf5f43fa359040afa57b548c92d4a5d", to: eth.coinbase, value:web3.toWei(9, "ether")})

"0x5073419262b953a5cff8bf31ab3b195c471b4a69d1f18d2cd24dc960277d0be3"

>eth.getBalance("47dca4f48cf5f43fa359040afa57b548c92d4a5d")

91000000000000000000

>eth.getBalance(eth.coinbase)

9.98796358e+26

>

作者:吕庆浩

链接:https://www.jianshu.com/p/9ebeabd55d30

CAUTION! if your final address looks like *0xdcc703c0E500B653Ca82273B7BFAd8045D85a470* this means you have hashed an empty public key. Sending funds to this address will lock them forever! People made this mistake before as shown on etherscan.

你可能感兴趣的:(以太坊系列:OpenSSL生成以太坊账户)