bitmessage/Jabit
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Compare commits

base: bitmessage:2.0.0
Branches Tags
bitmessage:master bitmessage:feature/refactoring bitmessage:develop bitmessage:gh-pages
bitmessage:2.0.4 bitmessage:2.0.3 bitmessage:2.0.2 bitmessage:2.0.1 bitmessage:2.0.0 bitmessage:1.0.1 bitmessage:1.0.0 bitmessage:0.2.0
...
compare: bitmessage:2.0.2
Branches Tags
bitmessage:master bitmessage:feature/refactoring bitmessage:develop bitmessage:gh-pages
bitmessage:2.0.4 bitmessage:2.0.3 bitmessage:2.0.2 bitmessage:2.0.1 bitmessage:2.0.0 bitmessage:1.0.1 bitmessage:1.0.0 bitmessage:0.2.0

6 Commits
2.0.0 ... 2.0.2

Author SHA1 Message Date
Christian Basler
5cf6d308f2 Merge branch 'release/2.0.2' 2016-10-15 18:02:06 +02:00
Christian Basler
ad97cd0633 Fixed SecurityException for some Android versions. 
At the same time removed necessity to register a cryptography provider which means SpongyCryptography can be used on the Oracle JVM as well - but this is something vor Jabit 3.0.
 2016-10-15 18:01:08 +02:00
Christian Basler
5043e9ed03 Merge tag '2.0.1' into develop 
Version 2.0.1
 2016-10-07 22:10:16 +02:00
Christian Basler
15c6540e16 Merge branch 'release/2.0.1' 2016-10-07 22:10:00 +02:00
Christian Basler
784ed9ed4e Fixed importer exception on Android 2016-10-07 22:08:55 +02:00
Christian Basler
3a0555e6e9 Merge tag '2.0.0' into develop 
Version 2.0.0
 2016-10-02 23:26:20 +02:00
6 changed files with 211 additions and 63 deletions
Expand all files Collapse all files

8
core/src/main/java/ch/dissem/bitmessage/ports/AbstractCryptography.java
View File

@ -33,6 +33,7 @@ import java.io.IOException;
import java.math.BigInteger; import java.math.BigInteger;
import java.security.GeneralSecurityException; import java.security.GeneralSecurityException;
import java.security.MessageDigest; import java.security.MessageDigest;
import java.security.Provider;
import java.security.SecureRandom; import java.security.SecureRandom;
import static ch.dissem.bitmessage.InternalContext.NETWORK_EXTRA_BYTES; import static ch.dissem.bitmessage.InternalContext.NETWORK_EXTRA_BYTES;
@ -49,10 +50,10 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
private static final BigInteger TWO_POW_64 = TWO.pow(64); private static final BigInteger TWO_POW_64 = TWO.pow(64);
private static final BigInteger TWO_POW_16 = TWO.pow(16); private static final BigInteger TWO_POW_16 = TWO.pow(16);
private final String provider; protected final Provider provider;
private InternalContext context; private InternalContext context;
protected AbstractCryptography(String provider) { protected AbstractCryptography(Provider provider) {
this.provider = provider; this.provider = provider;
} }
@ -137,7 +138,6 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
if (extraBytes == 0) extraBytes = NETWORK_EXTRA_BYTES; if (extraBytes == 0) extraBytes = NETWORK_EXTRA_BYTES;
BigInteger TTL = BigInteger.valueOf(object.getExpiresTime() - UnixTime.now()); BigInteger TTL = BigInteger.valueOf(object.getExpiresTime() - UnixTime.now());
BigInteger numerator = TWO_POW_64;
BigInteger powLength = BigInteger.valueOf(object.getPayloadBytesWithoutNonce().length + extraBytes); BigInteger powLength = BigInteger.valueOf(object.getPayloadBytesWithoutNonce().length + extraBytes);
BigInteger denominator = BigInteger.valueOf(nonceTrialsPerByte) BigInteger denominator = BigInteger.valueOf(nonceTrialsPerByte)
.multiply( .multiply(
@ -145,7 +145,7 @@ public abstract class AbstractCryptography implements Cryptography, InternalCont
powLength.multiply(TTL).divide(TWO_POW_16) powLength.multiply(TTL).divide(TWO_POW_16)
) )
); );
return Bytes.expand(numerator.divide(denominator).toByteArray(), 8); return Bytes.expand(TWO_POW_64.divide(denominator).toByteArray(), 8);
} }
private byte[] hash(String algorithm, byte[]... data) { private byte[] hash(String algorithm, byte[]... data) {

45
cryptography-bc/src/main/java/ch/dissem/bitmessage/cryptography/bc/BouncyCryptography.java
View File

@ -52,21 +52,16 @@ import java.util.Arrays;
public class BouncyCryptography extends AbstractCryptography { public class BouncyCryptography extends AbstractCryptography {
private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1"); private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1");
private static final String ALGORITHM_ECDSA = "ECDSA"; private static final String ALGORITHM_ECDSA = "ECDSA";
private static final String PROVIDER = "BC";
static {
java.security.Security.addProvider(new BouncyCastleProvider());
}
public BouncyCryptography() { public BouncyCryptography() {
super(PROVIDER); super(new BouncyCastleProvider());
} }
@Override @Override
public byte[] crypt(boolean encrypt, byte[] data, byte[] key_e, byte[] initializationVector) { public byte[] crypt(boolean encrypt, byte[] data, byte[] key_e, byte[] initializationVector) {
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher( BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(
new CBCBlockCipher(new AESEngine()), new CBCBlockCipher(new AESEngine()),
new PKCS7Padding() new PKCS7Padding()
); );
CipherParameters params = new ParametersWithIV(new KeyParameter(key_e), initializationVector); CipherParameters params = new ParametersWithIV(new KeyParameter(key_e), initializationVector);
@ -100,18 +95,18 @@ public class BouncyCryptography extends AbstractCryptography {
public boolean isSignatureValid(byte[] data, byte[] signature, Pubkey pubkey) { public boolean isSignatureValid(byte[] data, byte[] signature, Pubkey pubkey) {
try { try {
ECParameterSpec spec = new ECParameterSpec( ECParameterSpec spec = new ECParameterSpec(
EC_CURVE_PARAMETERS.getCurve(), EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(), EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(), EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(), EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed() EC_CURVE_PARAMETERS.getSeed()
); );
ECPoint Q = keyToPoint(pubkey.getSigningKey()); ECPoint Q = keyToPoint(pubkey.getSigningKey());
KeySpec keySpec = new ECPublicKeySpec(Q, spec); KeySpec keySpec = new ECPublicKeySpec(Q, spec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER).generatePublic(keySpec); PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER); Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initVerify(publicKey); sig.initVerify(publicKey);
sig.update(data); sig.update(data);
return sig.verify(signature); return sig.verify(signature);
@ -124,19 +119,19 @@ public class BouncyCryptography extends AbstractCryptography {
public byte[] getSignature(byte[] data, PrivateKey privateKey) { public byte[] getSignature(byte[] data, PrivateKey privateKey) {
try { try {
ECParameterSpec spec = new ECParameterSpec( ECParameterSpec spec = new ECParameterSpec(
EC_CURVE_PARAMETERS.getCurve(), EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(), EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(), EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(), EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed() EC_CURVE_PARAMETERS.getSeed()
); );
BigInteger d = keyToBigInt(privateKey.getPrivateSigningKey()); BigInteger d = keyToBigInt(privateKey.getPrivateSigningKey());
KeySpec keySpec = new ECPrivateKeySpec(d, spec); KeySpec keySpec = new ECPrivateKeySpec(d, spec);
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER) java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider)
.generatePrivate(keySpec); .generatePrivate(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER); Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initSign(privKey); sig.initSign(privKey);
sig.update(data); sig.update(data);
return sig.sign(); return sig.sign();
@ -153,8 +148,8 @@ public class BouncyCryptography extends AbstractCryptography {
@Override @Override
public byte[] createPoint(byte[] x, byte[] y) { public byte[] createPoint(byte[] x, byte[] y) {
return EC_CURVE_PARAMETERS.getCurve().createPoint( return EC_CURVE_PARAMETERS.getCurve().createPoint(
new BigInteger(1, x), new BigInteger(1, x),
new BigInteger(1, y) new BigInteger(1, y)
).getEncoded(false); ).getEncoded(false);
} }
} }

1
cryptography-sc/build.gradle
View File

@ -14,4 +14,5 @@ dependencies {
compile project(':core') compile project(':core')
compile 'com.madgag.spongycastle:prov:1.52.0.0' compile 'com.madgag.spongycastle:prov:1.52.0.0'
testCompile 'junit:junit:4.12' testCompile 'junit:junit:4.12'
testCompile 'org.mockito:mockito-core:1.10.19'
} }

45
cryptography-sc/src/main/java/ch/dissem/bitmessage/cryptography/sc/SpongyCryptography.java
View File

@ -52,21 +52,16 @@ import java.util.Arrays;
public class SpongyCryptography extends AbstractCryptography { public class SpongyCryptography extends AbstractCryptography {
private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1"); private static final X9ECParameters EC_CURVE_PARAMETERS = CustomNamedCurves.getByName("secp256k1");
private static final String ALGORITHM_ECDSA = "ECDSA"; private static final String ALGORITHM_ECDSA = "ECDSA";
private static final String PROVIDER = "SC";
static {
java.security.Security.addProvider(new BouncyCastleProvider());
}
public SpongyCryptography() { public SpongyCryptography() {
super(PROVIDER); super(new BouncyCastleProvider());
} }
@Override @Override
public byte[] crypt(boolean encrypt, byte[] data, byte[] key_e, byte[] initializationVector) { public byte[] crypt(boolean encrypt, byte[] data, byte[] key_e, byte[] initializationVector) {
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher( BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(
new CBCBlockCipher(new AESEngine()), new CBCBlockCipher(new AESEngine()),
new PKCS7Padding() new PKCS7Padding()
); );
CipherParameters params = new ParametersWithIV(new KeyParameter(key_e), initializationVector); CipherParameters params = new ParametersWithIV(new KeyParameter(key_e), initializationVector);
@ -100,18 +95,18 @@ public class SpongyCryptography extends AbstractCryptography {
public boolean isSignatureValid(byte[] data, byte[] signature, Pubkey pubkey) { public boolean isSignatureValid(byte[] data, byte[] signature, Pubkey pubkey) {
try { try {
ECParameterSpec spec = new ECParameterSpec( ECParameterSpec spec = new ECParameterSpec(
EC_CURVE_PARAMETERS.getCurve(), EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(), EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(), EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(), EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed() EC_CURVE_PARAMETERS.getSeed()
); );
ECPoint Q = keyToPoint(pubkey.getSigningKey()); ECPoint Q = keyToPoint(pubkey.getSigningKey());
KeySpec keySpec = new ECPublicKeySpec(Q, spec); KeySpec keySpec = new ECPublicKeySpec(Q, spec);
PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER).generatePublic(keySpec); PublicKey publicKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider).generatePublic(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER); Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initVerify(publicKey); sig.initVerify(publicKey);
sig.update(data); sig.update(data);
return sig.verify(signature); return sig.verify(signature);
@ -124,19 +119,19 @@ public class SpongyCryptography extends AbstractCryptography {
public byte[] getSignature(byte[] data, PrivateKey privateKey) { public byte[] getSignature(byte[] data, PrivateKey privateKey) {
try { try {
ECParameterSpec spec = new ECParameterSpec( ECParameterSpec spec = new ECParameterSpec(
EC_CURVE_PARAMETERS.getCurve(), EC_CURVE_PARAMETERS.getCurve(),
EC_CURVE_PARAMETERS.getG(), EC_CURVE_PARAMETERS.getG(),
EC_CURVE_PARAMETERS.getN(), EC_CURVE_PARAMETERS.getN(),
EC_CURVE_PARAMETERS.getH(), EC_CURVE_PARAMETERS.getH(),
EC_CURVE_PARAMETERS.getSeed() EC_CURVE_PARAMETERS.getSeed()
); );
BigInteger d = keyToBigInt(privateKey.getPrivateSigningKey()); BigInteger d = keyToBigInt(privateKey.getPrivateSigningKey());
KeySpec keySpec = new ECPrivateKeySpec(d, spec); KeySpec keySpec = new ECPrivateKeySpec(d, spec);
java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, PROVIDER) java.security.PrivateKey privKey = KeyFactory.getInstance(ALGORITHM_ECDSA, provider)
.generatePrivate(keySpec); .generatePrivate(keySpec);
Signature sig = Signature.getInstance(ALGORITHM_ECDSA, PROVIDER); Signature sig = Signature.getInstance(ALGORITHM_ECDSA, provider);
sig.initSign(privKey); sig.initSign(privKey);
sig.update(data); sig.update(data);
return sig.sign(); return sig.sign();
@ -153,8 +148,8 @@ public class SpongyCryptography extends AbstractCryptography {
@Override @Override
public byte[] createPoint(byte[] x, byte[] y) { public byte[] createPoint(byte[] x, byte[] y) {
return EC_CURVE_PARAMETERS.getCurve().createPoint( return EC_CURVE_PARAMETERS.getCurve().createPoint(
new BigInteger(1, x), new BigInteger(1, x),
new BigInteger(1, y) new BigInteger(1, y)
).getEncoded(false); ).getEncoded(false);
} }
} }

157
cryptography-sc/src/test/java/ch/dissem/bitmessage/security/CryptographyTest.java Normal file
View File

@ -0,0 +1,157 @@
package ch.dissem.bitmessage.security;
import ch.dissem.bitmessage.InternalContext;
import ch.dissem.bitmessage.cryptography.sc.SpongyCryptography;
import ch.dissem.bitmessage.entity.ObjectMessage;
import ch.dissem.bitmessage.entity.payload.GenericPayload;
import ch.dissem.bitmessage.entity.valueobject.PrivateKey;
import ch.dissem.bitmessage.exception.InsufficientProofOfWorkException;
import ch.dissem.bitmessage.ports.MultiThreadedPOWEngine;
import ch.dissem.bitmessage.ports.ProofOfWorkEngine;
import ch.dissem.bitmessage.utils.CallbackWaiter;
import ch.dissem.bitmessage.utils.Singleton;
import ch.dissem.bitmessage.utils.UnixTime;
import org.junit.BeforeClass;
import org.junit.Test;
import javax.xml.bind.DatatypeConverter;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import static ch.dissem.bitmessage.utils.UnixTime.DAY;
import static ch.dissem.bitmessage.utils.UnixTime.MINUTE;
import static org.hamcrest.CoreMatchers.is;
import static org.junit.Assert.*;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
/**
* @author Christian Basler
*/
public class CryptographyTest {
public static final byte[] TEST_VALUE = "teststring".getBytes();
public static final byte[] TEST_SHA1 = DatatypeConverter.parseHexBinary(""
+ "b8473b86d4c2072ca9b08bd28e373e8253e865c4");
public static final byte[] TEST_SHA512 = DatatypeConverter.parseHexBinary(""
+ "6253b39071e5df8b5098f59202d414c37a17d6a38a875ef5f8c7d89b0212b028"
+ "692d3d2090ce03ae1de66c862fa8a561e57ed9eb7935ce627344f742c0931d72");
public static final byte[] TEST_RIPEMD160 = DatatypeConverter.parseHexBinary(""
+ "cd566972b5e50104011a92b59fa8e0b1234851ae");
private static SpongyCryptography crypto;
@BeforeClass
public static void setUp() {
crypto = new SpongyCryptography();
Singleton.initialize(crypto);
InternalContext ctx = mock(InternalContext.class);
when(ctx.getProofOfWorkEngine()).thenReturn(new MultiThreadedPOWEngine());
crypto.setContext(ctx);
}
@Test
public void testRipemd160() {
assertArrayEquals(TEST_RIPEMD160, crypto.ripemd160(TEST_VALUE));
}
@Test
public void testSha1() {
assertArrayEquals(TEST_SHA1, crypto.sha1(TEST_VALUE));
}
@Test
public void testSha512() {
assertArrayEquals(TEST_SHA512, crypto.sha512(TEST_VALUE));
}
@Test
public void testChaining() {
assertArrayEquals(TEST_SHA512, crypto.sha512("test".getBytes(), "string".getBytes()));
}
@Test
public void ensureDoubleHashYieldsSameResultAsHashOfHash() {
assertArrayEquals(crypto.sha512(TEST_SHA512), crypto.doubleSha512(TEST_VALUE));
}
@Test(expected = IOException.class)
public void ensureExceptionForInsufficientProofOfWork() throws IOException {
ObjectMessage objectMessage = new ObjectMessage.Builder()
.nonce(new byte[8])
.expiresTime(UnixTime.now(+28 * DAY))
.objectType(0)
.payload(GenericPayload.read(0, 1, new ByteArrayInputStream(new byte[0]), 0))
.build();
crypto.checkProofOfWork(objectMessage, 1000, 1000);
}
@Test
public void testDoProofOfWork() throws Exception {
ObjectMessage objectMessage = new ObjectMessage.Builder()
.nonce(new byte[8])
.expiresTime(UnixTime.now(+2 * MINUTE))
.objectType(0)
.payload(GenericPayload.read(0, 1, new ByteArrayInputStream(new byte[0]), 0))
.build();
final CallbackWaiter<byte[]> waiter = new CallbackWaiter<>();
crypto.doProofOfWork(objectMessage, 1000, 1000,
new ProofOfWorkEngine.Callback() {
@Override
public void onNonceCalculated(byte[] initialHash, byte[] nonce) {
waiter.setValue(nonce);
}
});
objectMessage.setNonce(waiter.waitForValue());
try {
crypto.checkProofOfWork(objectMessage, 1000, 1000);
} catch (InsufficientProofOfWorkException e) {
fail(e.getMessage());
}
}
@Test
public void ensureEncryptionAndDecryptionWorks() {
byte[] data = crypto.randomBytes(100);
byte[] key_e = crypto.randomBytes(32);
byte[] iv = crypto.randomBytes(16);
byte[] encrypted = crypto.crypt(true, data, key_e, iv);
byte[] decrypted = crypto.crypt(false, encrypted, key_e, iv);
assertArrayEquals(data, decrypted);
}
@Test(expected = IllegalArgumentException.class)
public void ensureDecryptionFailsWithInvalidCypherText() {
byte[] data = crypto.randomBytes(128);
byte[] key_e = crypto.randomBytes(32);
byte[] iv = crypto.randomBytes(16);
crypto.crypt(false, data, key_e, iv);
}
@Test
public void testMultiplication() {
byte[] a = crypto.randomBytes(PrivateKey.PRIVATE_KEY_SIZE);
byte[] A = crypto.createPublicKey(a);
byte[] b = crypto.randomBytes(PrivateKey.PRIVATE_KEY_SIZE);
byte[] B = crypto.createPublicKey(b);
assertArrayEquals(crypto.multiply(A, b), crypto.multiply(B, a));
}
@Test
public void ensureSignatureIsValid() {
byte[] data = crypto.randomBytes(100);
PrivateKey privateKey = new PrivateKey(false, 1, 1000, 1000);
byte[] signature = crypto.getSignature(data, privateKey);
assertThat(crypto.isSignatureValid(data, signature, privateKey.getPubkey()), is(true));
}
@Test
public void ensureSignatureIsInvalidForTemperedData() {
byte[] data = crypto.randomBytes(100);
PrivateKey privateKey = new PrivateKey(false, 1, 1000, 1000);
byte[] signature = crypto.getSignature(data, privateKey);
data[0]++;
assertThat(crypto.isSignatureValid(data, signature, privateKey.getPubkey()), is(false));
}
}

18
wif/src/main/java/ch/dissem/bitmessage/wif/WifImporter.java
View File

@ -63,15 +63,15 @@ public class WifImporter {
Profile.Section section = entry.getValue(); Profile.Section section = entry.getValue();
BitmessageAddress address = Factory.createIdentityFromPrivateKey( BitmessageAddress address = Factory.createIdentityFromPrivateKey(
entry.getKey(), entry.getKey(),
getSecret(section.get("privsigningkey")), getSecret(section.get("privsigningkey")),
getSecret(section.get("privencryptionkey")), getSecret(section.get("privencryptionkey")),
section.get("noncetrialsperbyte", long.class), Long.parseLong(section.get("noncetrialsperbyte")),
section.get("payloadlengthextrabytes", long.class), Long.parseLong(section.get("payloadlengthextrabytes")),
Pubkey.Feature.bitfield(features) Pubkey.Feature.bitfield(features)
); );
if (section.containsKey("chan")) { if (section.containsKey("chan")) {
address.setChan(section.get("chan", boolean.class)); address.setChan(Boolean.parseBoolean(section.get("chan")));
} }
address.setAlias(section.get("label")); address.setAlias(section.get("label"));
identities.add(address); identities.add(address);
@ -82,10 +82,10 @@ public class WifImporter {
byte[] bytes = Base58.decode(walletImportFormat); byte[] bytes = Base58.decode(walletImportFormat);
if (bytes[0] != WIF_FIRST_BYTE) if (bytes[0] != WIF_FIRST_BYTE)
throw new IOException("Unknown format: 0x80 expected as first byte, but secret " + walletImportFormat + throw new IOException("Unknown format: 0x80 expected as first byte, but secret " + walletImportFormat +
" was " + bytes[0]); " was " + bytes[0]);
if (bytes.length != WIF_SECRET_LENGTH) if (bytes.length != WIF_SECRET_LENGTH)
throw new IOException("Unknown format: " + WIF_SECRET_LENGTH + throw new IOException("Unknown format: " + WIF_SECRET_LENGTH +
" bytes expected, but secret " + walletImportFormat + " was " + bytes.length + " long"); " bytes expected, but secret " + walletImportFormat + " was " + bytes.length + " long");
byte[] hash = cryptography().doubleSha256(bytes, 33); byte[] hash = cryptography().doubleSha256(bytes, 33);
for (int i = 0; i < 4; i++) { for (int i = 0; i < 4; i++) {