public void ECDsa()
{
var privateKey = Base16.Decode("6f6784731c4e526c97fa6a97b6f22e96f307588c5868bc2c545248bc31207eb1");
Assert.IsTrue(privateKey.Length == 32);
var curve = ECCurve.Secp256r1;
var publicKey = curve.G * privateKey;
var msg = "Hello phantasma";
var msgBytes = Encoding.ASCII.GetBytes(msg);
var signer = new ECDsa(privateKey, ECCurve.Secp256r1);
var signature = signer.GenerateSignature(msgBytes);
Assert.IsNotNull(signature);
var verified = Cryptography.ECC.ECDsa.VerifySignature(msgBytes, signature, curve, publicKey);
Assert.IsTrue(verified);
// make sure that Verify fails for other addresses
var otherPrivateKey = Base16.Decode("97b6f22e96f307588c5868bc2c545248bc31207eb16f6784731c4e526c97fa6a");
Assert.IsTrue(otherPrivateKey.Length == 32);
var otherPublicKey = ECCurve.Secp256r1.G * otherPrivateKey;
verified = Cryptography.ECC.ECDsa.VerifySignature(msgBytes, signature, curve, otherPublicKey);
Assert.IsFalse(verified);
}
public void GenerateSignature()
{
var ecdsa = new ECDsa(ECCurve.Secp256k1.Infinity);
Assert.ThrowsException <InvalidOperationException>(() => ecdsa.GenerateSignature(UInt256.Zero.ToArray()));
Assert.ThrowsException <ArgumentException>(() => ecdsa.VerifySignature(new byte[0], 1, 2));
var pk = new byte[32];
for (int x = 0; x < pk.Length; x++)
{
pk[x] = (byte)x;
}
ecdsa = new ECDsa(pk, ECCurve.Secp256k1);
var zero = UInt256.Zero.ToArray();
var one = UInt256.Parse("0100000000000000000000000000000000000000000000000000000000000000").ToArray();
var two = UInt256.Parse("0200000000000000000000000000000000000000000000000000000000000000").ToArray();
var sig = ecdsa.GenerateSignature(one);
Assert.IsTrue(ecdsa.VerifySignature(one, sig[0], sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(two, sig[0], sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(one, sig[0] + 1, sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(one, sig[0], sig[1] + 1));
Assert.IsFalse(ecdsa.VerifySignature(zero, sig[0], sig[1]));
}
public static byte[] Sign(byte[] message, byte[] prikey)
{
//var Secp256r1_G = Helper.HexString2Bytes("04" + "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296" + "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5");
var PublicKey = ECCurve.Secp256r1.G * prikey;
//var pubkey = PublicKey.EncodePoint(false).Skip(1).ToArray();
var ecdsa = new ECDsa(prikey, ECCurve.Secp256r1);
var hash = sha256.ComputeHash(message);
var result = ecdsa.GenerateSignature(hash);
var data1 = result[0].ToByteArray();
if (data1.Length > 32)
{
data1 = data1.Take(32).ToArray();
}
var data2 = result[1].ToByteArray();
if (data2.Length > 32)
{
data2 = data2.Take(32).ToArray();
}
data1 = data1.Reverse().ToArray();
data2 = data2.Reverse().ToArray();
byte[] newdata = new byte[64];
Array.Copy(data1, 0, newdata, 32 - data1.Length, data1.Length);
Array.Copy(data2, 0, newdata, 64 - data2.Length, data2.Length);
return(newdata);// data1.Concat(data2).ToArray();
//#if NET461
//const int ECDSA_PRIVATE_P256_MAGIC = 0x32534345;
//byte[] first = { 0x45, 0x43, 0x53, 0x32, 0x20, 0x00, 0x00, 0x00 };
//prikey = first.Concat(pubkey).Concat(prikey).ToArray();
//using (System.Security.Cryptography.CngKey key = System.Security.Cryptography.CngKey.Import(prikey, System.Security.Cryptography.CngKeyBlobFormat.EccPrivateBlob))
//using (System.Security.Cryptography.ECDsaCng ecdsa = new System.Security.Cryptography.ECDsaCng(key))
//using (var ecdsa = System.Security.Cryptography.ECDsa.Create(new System.Security.Cryptography.ECParameters
//{
// Curve = System.Security.Cryptography.ECCurve.NamedCurves.nistP256,
// D = prikey,
// Q = new System.Security.Cryptography.ECPoint
// {
// X = pubkey.Take(32).ToArray(),
// Y = pubkey.Skip(32).ToArray()
// }
//}))
//{
// var hash = sha256.ComputeHash(message);
// return ecdsa.SignHash(hash);
//}
}
public void GenerateSignature()
{
var ecdsa = new ECDsa(ECCurve.Secp256k1.Infinity);
Assert.ThrowsException <InvalidOperationException>(() => ecdsa.GenerateSignature(new byte[0]));
var pk = new byte[32];
for (int x = 0; x < pk.Length; x++)
{
pk[x] = (byte)x;
}
ecdsa = new ECDsa(pk, ECCurve.Secp256k1);
var sig = ecdsa.GenerateSignature(new byte[] { 1 });
Assert.IsTrue(ecdsa.VerifySignature(new byte[] { 1 }, sig[0], sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(new byte[] { 2 }, sig[0], sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(new byte[] { 1 }, sig[0] + 1, sig[1]));
Assert.IsFalse(ecdsa.VerifySignature(new byte[] { 1 }, sig[0], sig[1] + 1));
Assert.IsFalse(ecdsa.VerifySignature(new byte[33], sig[0], sig[1]));
}
public static void KeyRecover(ECCurve Curve)
{
byte[] privateKey = generatekey(32);
ECPoint publicKey = Curve.G * privateKey;
ECDsa ecdsa = new ECDsa(privateKey, Curve);
byte[] message = System.Text.Encoding.Default.GetBytes("HelloWorld");
BigInteger[] signatures = ecdsa.GenerateSignature(message);
BigInteger r = signatures[0];
BigInteger s = signatures[1];
bool v;
if (signatures[2] == 0)
{
v = true;
}
else
{
v = false;
}
ECPoint recoverKey = ECDsa.KeyRecover(Curve, r, s, message, v);
Assert.IsTrue(recoverKey.Equals(publicKey));
//wrong r part
r = new BigInteger(generatekey(32));
s = new BigInteger(generatekey(32));
try
{
recoverKey = ECDsa.KeyRecover(Curve, r, s, message, v);
Assert.IsFalse(recoverKey.Equals(publicKey));
}
catch (Exception e)
{
Assert.IsTrue(e.GetType() == typeof(ArithmeticException));
}
}