From 0bc1b70c4aa32b730da41ca16e3b11f570e49ffc Mon Sep 17 00:00:00 2001
From: Jochen Hoenicke <hoenicke@gmail.com>
Date: Wed, 20 Apr 2016 10:30:33 +0200
Subject: [PATCH] Use different seed modifier for different curves

---
 bip32.c     | 4 +++-
 ecdsa.c     | 4 ++--
 ecdsa.h     | 1 +
 nist256p1.c | 6 +++++-
 secp256k1.c | 6 +++++-
 5 files changed, 16 insertions(+), 5 deletions(-)

diff --git a/bip32.c b/bip32.c
index 18c96252fb..0fdc28e425 100644
--- a/bip32.c
+++ b/bip32.c
@@ -86,7 +86,8 @@ int hdnode_from_seed(const uint8_t *seed, int seed_len, const char* curve, HDNod
 	out->fingerprint = 0x00000000;
 	out->child_num = 0;
 	out->curve = get_curve_by_name(curve);
-	hmac_sha512((uint8_t *)"Bitcoin seed", 12, seed, seed_len, I);
+	hmac_sha512((const uint8_t*) out->curve->bip32_name,
+				strlen(out->curve->bip32_name), seed, seed_len, I);
 	memcpy(out->private_key, I, 32);
 	bignum256 a;
 	bn_read_be(out->private_key, &a);
@@ -337,6 +338,7 @@ int hdnode_deserialize(const char *str, HDNode *node)
 	if (!base58_decode_check(str, node_data, sizeof(node_data))) {
 		return -1;
 	}
+	node->curve = get_curve_by_name(SECP256K1_NAME);
 	uint32_t version = read_be(node_data);
 	if (version == 0x0488B21E) { // public node
 		memcpy(node->public_key, node_data + 45, 33);
diff --git a/ecdsa.c b/ecdsa.c
index 8d4e8df3ef..4b8a36bdbc 100644
--- a/ecdsa.c
+++ b/ecdsa.c
@@ -1050,10 +1050,10 @@ const ecdsa_curve *get_curve_by_name(const char *curve_name) {
 	if (curve_name == 0) {
 		return 0;
 	}
-	if (strcmp(curve_name, "secp256k1") == 0) {
+	if (strcmp(curve_name, SECP256K1_NAME) == 0) {
 		return &secp256k1;
 	}
-	if (strcmp(curve_name, "nist256p1") == 0) {
+	if (strcmp(curve_name, NIST256P1_NAME) == 0) {
 		return &nist256p1;
 	}
 	return 0;
diff --git a/ecdsa.h b/ecdsa.h
index 4bdc041151..85b6cd058d 100644
--- a/ecdsa.h
+++ b/ecdsa.h
@@ -41,6 +41,7 @@ typedef struct {
 	bignum256 order_half;  // order of G divided by 2
 	int       a;           // coefficient 'a' of the elliptic curve
 	bignum256 b;           // coefficient 'b' of the elliptic curve
+	const char *bip32_name;// string used for generating BIP32 xprv from seed
 
 #if USE_PRECOMPUTED_CP
 	const curve_point cp[64][8];
diff --git a/nist256p1.c b/nist256p1.c
index deb457737b..5ec461776c 100644
--- a/nist256p1.c
+++ b/nist256p1.c
@@ -46,7 +46,11 @@ const ecdsa_curve nist256p1 = {
 
 	/* b */ {
 		/*.val =*/{0x27d2604b, 0x2f38f0f8, 0x53b0f63, 0x741ac33, 0x1886bc65, 0x2ef555da, 0x293e7b3e, 0xd762a8e, 0x5ac6}
-	}
+	},
+
+	/* bip32_name */
+	"Nist256p1 seed"
+
 #if USE_PRECOMPUTED_CP
 	,
 	/* cp */ {
diff --git a/secp256k1.c b/secp256k1.c
index b157bae6a4..8048376976 100644
--- a/secp256k1.c
+++ b/secp256k1.c
@@ -47,7 +47,11 @@ const ecdsa_curve secp256k1 = {
 
 	/* b */ {
 		/*.val =*/{7}
-	}
+	},
+
+	/* bip32_name */
+	"Bitcoin seed"
+
 #if USE_PRECOMPUTED_CP
 	,
 	/* cp */ {