public void TestECDsaP256Sha256WithGeneratedKey() { var secureRandom = new SecureRandom(); X9ECParameters p = NistNamedCurves.GetByName("P-256"); var parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); var ecParams = new ECKeyGenerationParameters(parameters, secureRandom); var ecGen = new ECKeyPairGenerator("ECDSA"); ecGen.Init(ecParams); var pairKey = ecGen.GenerateKeyPair(); var priKey = pairKey.Private as ECPrivateKeyParameters; byte[] m = Hex.Decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD"); var dsa = new ECDsaSigner(); dsa.Init(true, new ParametersWithRandom(priKey, secureRandom)); IBigInteger[] sig = dsa.GenerateSignature(m); // Verify the signature var pubKey = pairKey.Public as ECPublicKeyParameters; dsa.Init(false, pubKey); if (!dsa.VerifySignature(m, sig[0], sig[1])) { Fail("signature fails"); } }
public void TestECDsa239bitBinary() { BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552"); BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174"); byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363")); SecureRandom k = FixedSecureRandom.From(kData); F2mCurve curve = new F2mCurve( 239, // m 36, //k new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n BigInteger.ValueOf(4)); // h ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d parameters); ECDsaSigner ecdsa = new ECDsaSigner(); ParametersWithRandom param = new ParametersWithRandom(priKey, k); ecdsa.Init(true, param); byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); BigInteger[] sig = ecdsa.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } // Verify the signature ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDSA", curve.DecodePoint(Hex.Decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q parameters); ecdsa.Init(false, pubKey); if (!ecdsa.VerifySignature(message, sig[0], sig[1])) { Fail("signature fails"); } }
public void TestECDsa191bitBinary() { BigInteger r = new BigInteger("87194383164871543355722284926904419997237591535066528048"); BigInteger s = new BigInteger("308992691965804947361541664549085895292153777025772063598"); byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("1542725565216523985789236956265265265235675811949404040041")); SecureRandom k = FixedSecureRandom.From(kData); F2mCurve curve = new F2mCurve( 191, // m 9, //k new BigInteger("2866537B676752636A68F56554E12640276B649EF7526267", 16), // a new BigInteger("2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("0436B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D765BE73433B3F95E332932E70EA245CA2418EA0EF98018FB")), // G new BigInteger("1569275433846670190958947355803350458831205595451630533029"), // n BigInteger.Two); // h ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("1275552191113212300012030439187146164646146646466749494799"), // d parameters); ECDsaSigner ecdsa = new ECDsaSigner(); ParametersWithRandom param = new ParametersWithRandom(priKey, k); ecdsa.Init(true, param); byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); BigInteger[] sig = ecdsa.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } // Verify the signature ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDSA", curve.DecodePoint(Hex.Decode("045DE37E756BD55D72E3768CB396FFEB962614DEA4CE28A2E755C0E0E02F5FB132CAF416EF85B229BBB8E1352003125BA1")), // Q parameters); ecdsa.Init(false, pubKey); if (!ecdsa.VerifySignature(message, sig[0], sig[1])) { Fail("signature fails"); } }
public void TestECDsa239BitPrime() { IBigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176"); IBigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783"); byte[] kData = BigIntegers.AsUnsignedByteArray( new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655")); SecureRandom k = FixedSecureRandom.From(kData); var curve = new FPCurve( new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b var parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n var priKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d parameters); var ecdsa = new ECDsaSigner(); var param = new ParametersWithRandom(priKey, k); ecdsa.Init(true, param); byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); IBigInteger[] sig = ecdsa.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong." + NewLine + " expecting: " + r + NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + NewLine + " expecting: " + s + NewLine + " got : " + sig[1]); } // Verify the signature var pubKey = new ECPublicKeyParameters( "ECDSA", curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q parameters); ecdsa.Init(false, pubKey); if (!ecdsa.VerifySignature(message, sig[0], sig[1])) { Fail("signature fails"); } }
public void TestECDsaP521Sha512() { X9ECParameters p = NistNamedCurves.GetByName("P-521"); var parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); var priKey = new ECPrivateKeyParameters( new BigInteger( "617573726813476282316253885608633222275541026607493641741273231656161177732180358888434629562647985511298272498852936680947729040673640492310550142822667389"), // d parameters); SecureRandom k = FixedSecureRandom.From( BigIntegers.AsUnsignedByteArray( new BigInteger( "6806532878215503520845109818432174847616958675335397773700324097584974639728725689481598054743894544060040710846048585856076812050552869216017728862957612913"))); byte[] m = Hex.Decode( "6893B64BD3A9615C39C3E62DDD269C2BAAF1D85915526083183CE14C2E883B48B193607C1ED871852C9DF9C3147B574DC1526C55DE1FE263A676346A20028A66"); var dsa = new ECDsaSigner(); dsa.Init(true, new ParametersWithRandom(priKey, k)); IBigInteger[] sig = dsa.GenerateSignature(m); IBigInteger r = new BigInteger( "1368926195812127407956140744722257403535864168182534321188553460365652865686040549247096155740756318290773648848859639978618869784291633651685766829574104630"); IBigInteger s = new BigInteger( "1624754720348883715608122151214003032398685415003935734485445999065609979304811509538477657407457976246218976767156629169821116579317401249024208611945405790"); if (!r.Equals(sig[0])) { Fail("r component wrong." + NewLine + " expecting: " + r + NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + NewLine + " expecting: " + s + NewLine + " got : " + sig[1]); } // Verify the signature var pubKey = new ECPublicKeyParameters( parameters.Curve.DecodePoint( Hex.Decode( "020145E221AB9F71C5FE740D8D2B94939A09E2816E2167A7D058125A06A80C014F553E8D6764B048FB6F2B687CEC72F39738F223D4CE6AFCBFF2E34774AA5D3C342CB3")), // Q parameters); dsa.Init(false, pubKey); if (!dsa.VerifySignature(m, sig[0], sig[1])) { Fail("signature fails"); } }
public void TestECDsa192bitPrime() { BigInteger r = new BigInteger("3342403536405981729393488334694600415596881826869351677613"); BigInteger s = new BigInteger("5735822328888155254683894997897571951568553642892029982342"); byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("6140507067065001063065065565667405560006161556565665656654")); SecureRandom k = FixedSecureRandom.From(kData); FpCurve curve = new FpCurve( new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b ECDomainParameters parameters = new ECDomainParameters( curve, curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n ECPrivateKeyParameters priKey = new ECPrivateKeyParameters( "ECDSA", new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d parameters); ParametersWithRandom param = new ParametersWithRandom(priKey, k); ECDsaSigner ecdsa = new ECDsaSigner(); ecdsa.Init(true, param); byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray(); BigInteger[] sig = ecdsa.GenerateSignature(message); if (!r.Equals(sig[0])) { Fail("r component wrong." + SimpleTest.NewLine + " expecting: " + r + SimpleTest.NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + SimpleTest.NewLine + " expecting: " + s + SimpleTest.NewLine + " got : " + sig[1]); } // Verify the signature ECPublicKeyParameters pubKey = new ECPublicKeyParameters( "ECDSA", curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q parameters); ecdsa.Init(false, pubKey); if (!ecdsa.VerifySignature(message, sig[0], sig[1])) { Fail("verification fails"); } }
/// <summary> /// Verifies a public and private key by creating and verifiying a signature /// </summary> /// <param name="privateKey"></param> /// <param name="publicKey"></param> /// <param name="curveName"></param> /// <returns></returns> private bool KeysVerified(ECPrivateKeyParameters privateKey, ECPublicKeyParameters publicKey, string curveName) { byte[] M = Hex.Decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD"); ECDsaSigner dsa = new ECDsaSigner(); dsa.Init(true, privateKey); var signature = dsa.GenerateSignature(M); dsa.Init(false, publicKey); return(dsa.VerifySignature(M, signature[0], signature[1])); }
public void TestECDsaP256Sha256() { X9ECParameters p = NistNamedCurves.GetByName("P-256"); var parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); var priKey = new ECPrivateKeyParameters( new BigInteger("20186677036482506117540275567393538695075300175221296989956723148347484984008"), // d parameters); SecureRandom k = FixedSecureRandom.From( BigIntegers.AsUnsignedByteArray( new BigInteger("72546832179840998877302529996971396893172522460793442785601695562409154906335"))); byte[] m = Hex.Decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD"); var dsa = new ECDsaSigner(); dsa.Init(true, new ParametersWithRandom(priKey, k)); IBigInteger[] sig = dsa.GenerateSignature(m); IBigInteger r = new BigInteger("97354732615802252173078420023658453040116611318111190383344590814578738210384"); IBigInteger s = new BigInteger("98506158880355671805367324764306888225238061309262649376965428126566081727535"); if (!r.Equals(sig[0])) { Fail("r component wrong." + NewLine + " expecting: " + r + NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + NewLine + " expecting: " + s + NewLine + " got : " + sig[1]); } // Verify the signature var pubKey = new ECPublicKeyParameters( parameters.Curve.DecodePoint( Hex.Decode("03596375E6CE57E0F20294FC46BDFCFD19A39F8161B58695B3EC5B3D16427C274D")), // Q parameters); dsa.Init(false, pubKey); if (!dsa.VerifySignature(m, sig[0], sig[1])) { Fail("signature fails"); } }
public bool HasTestPassed(AsymmetricCipherKeyPair kp) { ECDsaSigner signer = new ECDsaSigner(); signer.Init(true, new ParametersWithRandom(kp.Private, Utils.testRandom)); byte[] message = Hex.Decode("0102030405060708090a1112131415161718191a"); // size of a SHA-1 hash BigInteger[] rs = signer.GenerateSignature(message); signer.Init(false, kp.Public); return(signer.VerifySignature(FipsKats.Values[FipsKats.Vec.ECKeyPairConsistencyVec], rs[0], rs[1])); }
public void TestECDsaP224Sha224() { X9ECParameters p = NistNamedCurves.GetByName("P-224"); var parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); var priKey = new ECPrivateKeyParameters( new BigInteger("6081831502424510080126737029209236539191290354021104541805484120491"), // d parameters); SecureRandom k = FixedSecureRandom.From( BigIntegers.AsUnsignedByteArray( new BigInteger("15456715103636396133226117016818339719732885723579037388121116732601"))); byte[] m = Hex.Decode("8797A3C693CC292441039A4E6BAB7387F3B4F2A63D00ED384B378C79"); var dsa = new ECDsaSigner(); dsa.Init(true, new ParametersWithRandom(priKey, k)); IBigInteger[] sig = dsa.GenerateSignature(m); IBigInteger r = new BigInteger("26477406756127720855365980332052585411804331993436302005017227573742"); IBigInteger s = new BigInteger("17694958233103667059888193972742186995283044672015112738919822429978"); if (!r.Equals(sig[0])) { Fail("r component wrong." + NewLine + " expecting: " + r + NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + NewLine + " expecting: " + s + NewLine + " got : " + sig[1]); } // Verify the signature var pubKey = new ECPublicKeyParameters( parameters.Curve.DecodePoint(Hex.Decode("03FD44EC11F9D43D9D23B1E1D1C9ED6519B40ECF0C79F48CF476CC43F1")), // Q parameters); dsa.Init(false, pubKey); if (!dsa.VerifySignature(m, sig[0], sig[1])) { Fail("signature fails"); } }
public void TestECDsaSecP224K1Sha256() { X9ECParameters p = SecNamedCurves.GetByName("secp224k1"); var parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H); var priKey = new ECPrivateKeyParameters( new BigInteger("BE6F6E91FE96840A6518B56F3FE21689903A64FA729057AB872A9F51", 16), // d parameters); SecureRandom k = FixedSecureRandom.From(Hex.Decode("00c39beac93db21c3266084429eb9b846b787c094f23a4de66447efbb3")); byte[] m = Hex.Decode("E5D5A7ADF73C5476FAEE93A2C76CE94DC0557DB04CDC189504779117920B896D"); var dsa = new ECDsaSigner(); dsa.Init(true, new ParametersWithRandom(priKey, k)); IBigInteger[] sig = dsa.GenerateSignature(m); IBigInteger r = new BigInteger("8163E5941BED41DA441B33E653C632A55A110893133351E20CE7CB75", 16); IBigInteger s = new BigInteger("D12C3FC289DDD5F6890DCE26B65792C8C50E68BF551D617D47DF15A8", 16); if (!r.Equals(sig[0])) { Fail("r component wrong." + NewLine + " expecting: " + r + NewLine + " got : " + sig[0]); } if (!s.Equals(sig[1])) { Fail("s component wrong." + NewLine + " expecting: " + s + NewLine + " got : " + sig[1]); } // Verify the signature var pubKey = new ECPublicKeyParameters( parameters.Curve.DecodePoint( Hex.Decode( "04C5C9B38D3603FCCD6994CBB9594E152B658721E483669BB42728520F484B537647EC816E58A8284D3B89DFEDB173AFDC214ECA95A836FA7C")), // Q parameters); dsa.Init(false, pubKey); if (!dsa.VerifySignature(m, sig[0], sig[1])) { Fail("signature fails"); } }
public static Boolean VerifyHashed(byte[][] signature, byte[] publicKey, byte[] message) { var list = new List <byte[]>(); var arr = signature.ToArray(); foreach (var sigVal in arr) { list.Add(sigVal); } var sigR = list[0]; //r var sigS = list[1]; //s try { X9ECParameters spec = ECNamedCurveTable.GetByName("secp256k1"); ECDomainParameters domain = new ECDomainParameters(spec.Curve, spec.G, spec.N); ECPublicKeyParameters publicKeyParams = new ECPublicKeyParameters(spec.Curve.DecodePoint(publicKey), domain); ECDsaSigner signer = new ECDsaSigner(); signer.Init(false, publicKeyParams); return(signer.VerifySignature(message, new BigInteger(1, sigR), new BigInteger(1, sigS))); } catch { return(false); } }
//public static string SignData(string msg, AsymmetricKeyParameter privKey) //public static byte[][] SignTransaction(byte[] data, byte[] privateKey) //{ // try // { // //byte[] msgBytes = Encoding.UTF8.GetBytes(msg); // //ISigner signer = SignerUtilities.GetSigner("SHA384withECDSA"); // //signer.Init(true, privKey); // //signer.BlockUpdate(msgBytes, 0, msgBytes.Length); // //byte[] sigBytes = signer.GenerateSignature(); // //return Convert.ToBase64String(sigBytes); // X9ECParameters spec = ECNamedCurveTable.GetByName("secp256k1"); // ECDsaSigner ecdsaSigner = new ECDsaSigner(); // ECDomainParameters domain = new ECDomainParameters(spec.Curve, spec.G, spec.N); // ECPrivateKeyParameters privateKeyParms = // new ECPrivateKeyParameters(new BigInteger(1, privateKey), domain); // ParametersWithRandom paramxs = new ParametersWithRandom(privateKeyParms); // ecdsaSigner.Init(true, paramxs); // BigInteger[] sig = ecdsaSigner.GenerateSignature(data); // LinkedList<byte[]> sigData = new LinkedList<byte[]>(); // byte[] publicKey = GetPublicKey(privateKey); // byte recoveryId = GetRecoveryId(sig[0].ToByteArray(), sig[1].ToByteArray(), data, publicKey); // foreach (var sigChunk in sig) // { // sigData.AddLast(sigChunk.ToByteArray()); // } // sigData.AddLast(new byte[] {recoveryId}); // return sigData.ToArray(); // } // catch (Exception exc) // { // Console.WriteLine("Signing Failed: " + exc); // return null; // } //} public static (byte[] r, byte[] s, byte[] v) SignTransaction(byte[] data, byte[] privateKey) { try { X9ECParameters spec = ECNamedCurveTable.GetByName("secp256k1"); ECDsaSigner ecdsaSigner = new ECDsaSigner(); ECDomainParameters domain = new ECDomainParameters(spec.Curve, spec.G, spec.N); ECPrivateKeyParameters privateKeyParms = new ECPrivateKeyParameters(new BigInteger(1, privateKey), domain); ParametersWithRandom paramxs = new ParametersWithRandom(privateKeyParms); ecdsaSigner.Init(true, paramxs); BigInteger[] sig = ecdsaSigner.GenerateSignature(data); LinkedList <byte[]> sigData = new LinkedList <byte[]>(); byte[] publicKey = GetPublicKey(privateKey); byte recoveryId = GetRecoveryId(sig[0].ToByteArray(), sig[1].ToByteArray(), data, publicKey); foreach (var sigChunk in sig) { sigData.AddLast(sigChunk.ToByteArray()); } sigData.AddLast(new byte[] { recoveryId }); return(sigData.ElementAt(0), sigData.ElementAt(1), sigData.ElementAt(2)); } catch (Exception exc) { Console.WriteLine("Signing Failed: " + exc); return(null, null, null); } }
private bool VerifyEcDsa(IDigest digest, X9ECParameters curveParameter, byte[] buffer, int length, byte[] signature) { int digestSize = digest.GetDigestSize(); ECDomainParameters dParams = new ECDomainParameters( curveParameter.Curve, curveParameter.G, curveParameter.N, curveParameter.H, curveParameter.GetSeed()); ECPoint q = dParams.Curve.CreatePoint(new BigInteger(1, PublicKey, 0, digestSize), new BigInteger(1, PublicKey, digestSize, digestSize), false); ECPublicKeyParameters parameters = new ECPublicKeyParameters(q, dParams); var signer = new ECDsaSigner(); signer.Init(false, parameters); digest.BlockUpdate(buffer, 0, length); byte[] hash = new byte[digest.GetDigestSize()]; digest.DoFinal(hash, 0); return(signer.VerifySignature(hash, new BigInteger(1, signature, 0, digestSize), new BigInteger(1, signature, digestSize, digestSize))); }
public byte[] Sign(HashDigest <T> messageHash, PrivateKey privateKey) { var h = new Sha256Digest(); var kCalculator = new HMacDsaKCalculator(h); var signer = new ECDsaSigner(kCalculator); signer.Init(true, privateKey.KeyParam); BigInteger[] rs = signer.GenerateSignature(messageHash.ToByteArray()); var r = rs[0]; var s = rs[1]; BigInteger otherS = privateKey.KeyParam.Parameters.N.Subtract(s); if (s.CompareTo(otherS) == 1) { s = otherS; } var bos = new MemoryStream(72); var seq = new DerSequenceGenerator(bos); seq.AddObject(new DerInteger(r)); seq.AddObject(new DerInteger(s)); seq.Close(); return(bos.ToArray()); }
public static byte[] Sign(byte[] bytes, byte[] privateKey) { var x9EcParameters = SecNamedCurves.GetByName("secp256k1"); var ecParams = new ECDomainParameters(x9EcParameters.Curve, x9EcParameters.G, x9EcParameters.N, x9EcParameters.H); var privateKeyBigInteger = new BigInteger((new byte[] { 0x00 }).Concat(privateKey).ToArray()); var signer = new ECDsaSigner(); var privateKeyParameters = new ECPrivateKeyParameters(privateKeyBigInteger, ecParams); signer.Init(true, privateKeyParameters); var signature = signer.GenerateSignature(bytes); var memoryStream = new MemoryStream(); var sequenceGenerator = new DerSequenceGenerator(memoryStream); sequenceGenerator.AddObject(new DerInteger(signature[0])); sequenceGenerator.AddObject(new DerInteger(signature[1])); sequenceGenerator.Close(); var signingResult = memoryStream.ToArray(); return(signingResult); }
/// <summary> /// Calculates an ECDSA signature in DER format for the given input hash. Note that the input is expected to be /// 32 bytes long. /// </summary> public byte[] Sign(byte[] input, Org.BouncyCastle.Math.BigInteger privateKey) { const string BITCOIN_CURVE = "secp256k1"; ECDsaSigner signer = new ECDsaSigner(); Org.BouncyCastle.Asn1.X9.X9ECParameters ecp = SecNamedCurves.GetByName(BITCOIN_CURVE); ECDomainParameters EcParameters = new ECDomainParameters(ecp.Curve, ecp.G, ecp.N, ecp.H); var privateKeyParameters = new ECPrivateKeyParameters(privateKey, EcParameters); signer.Init(true, privateKeyParameters); var signatures = signer.GenerateSignature(input); // What we get back from the signer are the two components of a signature, r and s. To get a flat byte stream // of the type used by BitCoin we have to encode them using DER encoding, which is just a way to pack the two // components into a structure. using (var byteOutputStream = new MemoryStream()) { var derSequenceGenerator = new DerSequenceGenerator(byteOutputStream); derSequenceGenerator.AddObject(new DerInteger(signatures[0])); derSequenceGenerator.AddObject(new DerInteger(signatures[1])); derSequenceGenerator.Close(); return(byteOutputStream.ToArray()); } }
public bool Verify(byte[] hash, ECDSASignature signatrue) { var signer = new ECDsaSigner(); signer.Init(false, PublicKeyParameter); return signer.VerifySignature(hash, signatrue.R, signatrue.S); }
public bool Verify(byte[] hash, ECDSASignature sig) { var signer = new ECDsaSigner(); signer.Init(false, _pubKey); return(signer.VerifySignature(hash, sig.R, sig.S)); }
public bool Verify(byte[] hash, ECDSASignature sig) { var signer = new ECDsaSigner(); signer.Init(false, GetPublicKeyParameters()); return(signer.VerifySignature(hash, sig.R, sig.S)); }
/// <summary> /// Signs given data and returns the r and s components of the ECDSA signature, along with a recovery ID to recover the public key given the original signed message and the returned components. /// </summary> /// <param name="hash">The hash to be signed.</param> /// <returns>Returns r and s components of an ECDSA signature, along with a recovery ID to recover the signers public key given the original signed message and r, s.</returns> public override (byte RecoveryID, BigInteger r, BigInteger s) SignData(Span <byte> hash) { // Verify we have a private key. if (KeyType != EthereumEcdsaKeyType.Private) { throw _notPrivateKeyException; } // Initialize our crypto provider. ECDsaSigner signer = new ECDsaSigner(); signer.Init(true, PrivateKey); // Obtain our signature, rs[0] ("r") and rs[1] ("s") Org.BouncyCastle.Math.BigInteger[] rs = signer.GenerateSignature(hash.ToArray()); // We want to make sure we enforce a low S value rs[1] = Secp256k1Curve.EnforceLowS(rs[1]); // We need to return a valid recovery ID for this signature. We do this by trying all of our 4 possible recovery IDs to make sure the public key hash recovered is the same as ours. // We start by obtaining our current public key hash byte[] actualPublicKeyHash = GetPublicKeyHash(); // Next we try of our potential recovery IDs until we can obtain the matching public key from the signature. // 2, 3 are usually not used and 0, 1 denote odd or even Y, which can be figured out. for (byte recoveryID = 0; recoveryID < 4; recoveryID++) { // We wrap this in a try in case, as we know one of these IDs will work. try { EthereumEcdsa possibleMatch = Recover(hash, recoveryID, rs[0].ToNumericsBigInteger(), rs[1].ToNumericsBigInteger()); if (actualPublicKeyHash.ValuesEqual(possibleMatch.GetPublicKeyHash())) { return(recoveryID, rs[0].ToNumericsBigInteger(), rs[1].ToNumericsBigInteger());
/// <inheritdoc /> public override byte[] Sign(byte[] message, byte[] prikey) { ECPrivateKeyParameters priv = new ECPrivateKeyParameters("ECDSA", (new BigInteger(1, prikey)), _domain); var signer = new ECDsaSigner(); var fullsign = new byte[64]; message = Sha256(message); signer.Init(true, priv); var signature = signer.GenerateSignature(message); var r = signature[0].ToByteArray(); var s = signature[1].ToByteArray(); var rLen = r.Length; var sLen = s.Length; // Buid Signature ensuring Neo expected format. 32byte r + 32byte s. if (rLen < 32) { Array.Copy(r, 0, fullsign, 32 - rLen, rLen); } else { Array.Copy(r, rLen - 32, fullsign, 0, 32); } if (sLen < 32) { Array.Copy(s, 0, fullsign, 64 - sLen, sLen); } else { Array.Copy(s, sLen - 32, fullsign, 32, 32); } return(fullsign); }
public static List <Dictionary <string, object> > Signature(int count, Dictionary <ECPublicKeyParameters, ECPrivateKeyParameters> keyPairs) { var signatures = new List <Dictionary <string, object> >(); for (var i = 0; i < count; i++) { var keyPair = keyPairs.ElementAt(RandomInstance.Next(0, keyPairs.Count)); var ecdsaSigner = new ECDsaSigner(); ecdsaSigner.Init(true, new ParametersWithRandom(keyPair.Value, SecureRandom)); var randomString = StringUtils.RandomString(20); var messageBytes = Encoding.UTF8.GetBytes(randomString); var signature = ecdsaSigner.GenerateSignature(messageBytes); signatures.Add(new Dictionary <string, object> { { "signature", signature }, { "messageHash", messageBytes }, { "publicKey", keyPair.Key }, { "privateKey", keyPair.Value } }); } return(signatures); }
internal bool Verify(uint256 hash, ECDSASignature sig) { var signer = new ECDsaSigner(); signer.Init(false, GetPublicKeyParameters()); return(signer.VerifySignature(hash.ToBytes(), sig.R, sig.S)); }
/// <summary> /// Creates a signature from the given <paramref name="message"/>. /// <para> /// A created signature can be verified by the corresponding /// <see cref="PublicKey"/>. /// </para> /// <para> /// Signatures can be created by only the <see cref="PrivateKey"/> /// which corresponds a <see cref="PublicKey"/> to verify these /// signatures. /// </para> /// <para> /// To sum up, a signature is used to guarantee: /// </para> /// <list type="bullet"> /// <item><description>that the <paramref name="message"/> was created /// by someone possessing the corresponding <see cref="PrivateKey"/>, /// </description></item> /// <item><description>that the possessor cannot deny having sent the /// <paramref name="message"/>, and</description></item> /// <item><description>that the <paramref name="message"/> was not /// forged in the middle of transit.</description></item> /// </list> /// </summary> /// <param name="message">A message to sign in <see cref="byte"/> array /// representation.</param> /// <returns>A signature that verifies the <paramref name="message"/>. /// It can be verified using /// <see cref="Libplanet.Crypto.PublicKey.Verify(byte[], byte[])"/> /// method.</returns> /// <seealso cref="Libplanet.Crypto.PublicKey.Verify(byte[], byte[])"/> public byte[] Sign(byte[] message) { var h = new Sha256Digest(); var hashed = new byte[h.GetDigestSize()]; h.BlockUpdate(message, 0, message.Length); h.DoFinal(hashed, 0); h.Reset(); var kCalculator = new HMacDsaKCalculator(h); var signer = new ECDsaSigner(kCalculator); signer.Init(true, keyParam); BigInteger[] rs = signer.GenerateSignature(hashed); var r = rs[0]; var s = rs[1]; BigInteger otherS = keyParam.Parameters.N.Subtract(s); if (s.CompareTo(otherS) == 1) { s = otherS; } var bos = new MemoryStream(72); var seq = new DerSequenceGenerator(bos); seq.AddObject(new DerInteger(r)); seq.AddObject(new DerInteger(s)); seq.Close(); return(bos.ToArray()); }
public bool IsValid(Transaction transaction) { ECDomainParameters ecSpec = new ECDomainParameters(CryptoUtil.Curve.Curve, CryptoUtil.Curve.G, CryptoUtil.Curve.N, CryptoUtil.Curve.H); IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); var point = DecodeECPointPublicKey(transaction.SenderPublicKey); ECPublicKeyParameters keyParameters = new ECPublicKeyParameters(point, ecSpec); ECDsaSigner signer = new ECDsaSigner(kCalculator); signer.Init(false, keyParameters); var pubKey1 = new BigInteger(transaction.Signature[0], 16); var pubKey2 = new BigInteger(transaction.Signature[1], 16); TransactionRaw transactionRaw = new TransactionRaw() { FromAddress = transaction.FromAddress, ToAddress = transaction.ToAddress, Amount = transaction.Amount, DateCreated = transaction.DateCreated }; string tranJson = JsonConvert.SerializeObject(transactionRaw); byte[] tranHash = CryptoUtil.CalcSHA256(tranJson); return(signer.VerifySignature(tranHash, pubKey1, pubKey2)); }
private static void Sign(UnsignedTransaction unsignedTransaction, string privateKey, bool isHex, bool addPubKey, bool forceCompressed = false) { bool compressed = false; var bytes = isHex ? privateKey.FromHexString() : GetBytesFromBase58Key(privateKey); if (bytes.Length == 33 && bytes[32] == 1) { compressed = true; bytes = bytes.Take(32).ToArray(); } var privKeyB = new BigInteger(1, bytes); var parms = SecNamedCurves.GetByName("secp256k1"); var curve = new ECDomainParameters(parms.Curve, parms.G, parms.N, parms.H); var halfCurveOrder = parms.N.ShiftRight(1); var point = curve.G.Multiply(privKeyB); if (compressed || forceCompressed) { point = new FpPoint(curve.Curve, point.X, point.Y, true); } var publicKey = point.GetEncoded(); var signer = new ECDsaSigner(); var privKey = new ECPrivateKeyParameters(privKeyB, curve); signer.Init(true, privKey); foreach (string toSign in unsignedTransaction.ToSign) { if (addPubKey) { unsignedTransaction.PubKeys.Add(publicKey.ToHexString()); } var components = signer.GenerateSignature(toSign.FromHexString()); var r = components[0]; var s = components[1]; if (s.CompareTo(halfCurveOrder) > 0) { s = curve.N.Subtract(s); } using (var ms = new MemoryStream()) using (var asn = new Asn1OutputStream(ms)) { var seq = new DerSequenceGenerator(asn); seq.AddObject(new DerInteger(r)); seq.AddObject(new DerInteger(s)); seq.Close(); string signedString = ms.ToArray().ToHexString(); unsignedTransaction.Signatures.Add(signedString); } } }
/// <summary> /// Generate a signature /// Using https://github.com/Zaliro/Switcheo.Net/blob/master/Switcheo.Net/SwitcheoAuthenticationProvider.cs /// </summary> /// <param name="message">Message to sign</param> /// <param name="wallet">Wallet for signature</param> /// <returns>Message signature</returns> private string GenerateSignature(byte[] message, NeoWallet wallet) { var privateKey = wallet.privateKey; var curve = SecNamedCurves.GetByName("secp256r1"); var domain = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H); var priv = new ECPrivateKeyParameters("ECDSA", (new BigInteger(1, privateKey)), domain); var signer = new ECDsaSigner(); var fullsign = new byte[64]; var hash = new Sha256Digest(); hash.BlockUpdate(message, 0, message.Length); var result = new byte[32]; hash.DoFinal(result, 0); message = result; signer.Init(true, priv); var signature = signer.GenerateSignature(message); var signedResult = ProcessSignature(signature); var signedMessage = BitConverter.ToString(signedResult); return(signedMessage.Replace("-", "").ToLower()); }
/// <summary> /// Generates a Jws Signature. /// </summary> /// <param name="header"></param> /// <param name="payload"></param> /// <returns></returns> public string GenerateSignature(Dictionary <string, object> header, Dictionary <string, object> payload) { var securedInput = SecureInput(header, payload); var message = Encoding.UTF8.GetBytes(securedInput); byte[] hashedMessage; using (var sha256Hasher = SHA256.Create()) { hashedMessage = sha256Hasher.ComputeHash(message); } var signer = new ECDsaSigner(); signer.Init(true, _privateKey); var results = signer.GenerateSignature(hashedMessage); // Concated to create signature var a = results[0].ToByteArrayUnsigned(); var b = results[1].ToByteArrayUnsigned(); // a,b are required to be exactly the same length of bytes if (a.Length != b.Length) { var largestLength = Math.Max(a.Length, b.Length); a = ByteArrayPadLeft(a, largestLength); b = ByteArrayPadLeft(b, largestLength); } var signature = UrlBase64.Encode(a.Concat(b).ToArray()); return(string.Format("{0}.{1}", securedInput, signature)); }
public bool Verify( HashDigest <T> messageHash, byte[] signature, PublicKey publicKey) { try { Asn1Sequence asn1Sequence = (Asn1Sequence)Asn1Object.FromByteArray(signature); var rs = new[] { ((DerInteger)asn1Sequence[0]).Value, ((DerInteger)asn1Sequence[1]).Value, }; var verifier = new ECDsaSigner(); verifier.Init(false, publicKey.KeyParam); return(verifier.VerifySignature(messageHash.ToByteArray(), rs[0], rs[1])); } catch (IOException) { return(false); } catch (Asn1ParsingException) { return(false); } }