public string SignMessage(string msg, string privKey)
{
//$.checkArgument(text);
string hashMsg = DoubleHashMessageReverse(msg);
// Debugging Only
//Console.WriteLine("Hashed Message: " + hashMsg);
//Console.WriteLine("Hashed Message in Bytes: " + BitConverter.ToString(Encoding.Unicode.GetBytes(hashMsg)));
byte[] bytedPrivKey = ConvertToByteArray(privKey);
// Retrieve the private key in bigint
BigInteger privateKeyInt = new BigInteger(+1, ConvertToByteArray(privKey));
// Reconstruct the curve
X9ECParameters parameters = SecNamedCurves.GetByName("secp256k1");
//Org.BouncyCastle.Math.EC.ECPoint point = parameters.G.Multiply(privateKeyInt);
// Setup the signer
// https://www.programcreek.com/java-api-examples/index.php?api=org.bouncycastle.crypto.signers.ECDSASigner
// Cant new ECDsaSigner(new HMacDsaKCalculator(new Sha256Digest())); Because Btc doesn't use those..
ECDsaSigner signer = new ECDsaSigner();
// Construct the ECDomainParameters
// https://programtalk.com/java-api-usage-examples/org.bouncycastle.crypto.params.ECDomainParameters/ => How to get the parameters
ECDomainParameters ecDomainParams = new ECDomainParameters(parameters.Curve, parameters.G, parameters.N, parameters.H);
ECKeyParameters keyParams = new ECPrivateKeyParameters(privateKeyInt, ecDomainParams);
signer.Init(true, keyParams);
BigInteger[] signature = signer.GenerateSignature(Encoding.Unicode.GetBytes(hashMsg));
// https://stackoverflow.com/questions/37572306/verifying-ecdsa-signature-with-bouncy-castle-in-c-sharp
MemoryStream stream = new MemoryStream();
//DerOutputStream der = new DerOutputStream(stream);
try
{
//Asn1EncodableVector seq = new Asn1EncodableVector();
//seq.Add(new DerInteger(signature[0]));
//seq.Add(new DerInteger(signature[1]));
//der.WriteObject(new DerSequence(seq));
DerSequenceGenerator seq = new DerSequenceGenerator(stream);
seq.AddObject(new DerInteger(signature[0]));
seq.AddObject(new DerInteger(signature[1]));
seq.Close();
byte[] bitResult = stream.ToArray();
PrintByteArray(bitResult);
Console.WriteLine("MemoryStream Output: " + BitConverter.ToString(bitResult).Replace("-", string.Empty));
return(BitConverter.ToString(bitResult).Replace("-", string.Empty));
}
catch (IOException e)
{
return(e.ToString());
}
}
public void TestECDsa192bitPrime()
{
BigInteger r = new BigInteger("3342403536405981729393488334694600415596881826869351677613");
BigInteger s = new BigInteger("5735822328888155254683894997897571951568553642892029982342");
byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("6140507067065001063065065565667405560006161556565665656654"));
SecureRandom k = FixedSecureRandom.From(kData);
FpCurve curve = new FpCurve(
new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b
ECDomainParameters parameters = new ECDomainParameters(
curve,
curve.DecodePoint(Hex.Decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
new BigInteger("6277101735386680763835789423176059013767194773182842284081")); // n
ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
"ECDSA",
new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
parameters);
ParametersWithRandom param = new ParametersWithRandom(priKey, k);
ECDsaSigner ecdsa = new ECDsaSigner();
ecdsa.Init(true, param);
byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
BigInteger[] sig = ecdsa.GenerateSignature(message);
if (!r.Equals(sig[0]))
{
Fail("r component wrong." + SimpleTest.NewLine
+ " expecting: " + r + SimpleTest.NewLine
+ " got : " + sig[0]);
}
if (!s.Equals(sig[1]))
{
Fail("s component wrong." + SimpleTest.NewLine
+ " expecting: " + s + SimpleTest.NewLine
+ " got : " + sig[1]);
}
// Verify the signature
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
"ECDSA",
curve.DecodePoint(Hex.Decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
parameters);
ecdsa.Init(false, pubKey);
if (!ecdsa.VerifySignature(message, sig[0], sig[1]))
{
Fail("verification fails");
}
}
public void TestECDsa239bitPrime()
{
BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176");
BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783");
byte[] kData = BigIntegers.AsUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
SecureRandom k = FixedSecureRandom.From(kData);
FpCurve curve = new FpCurve(
new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
ECDomainParameters parameters = new ECDomainParameters(
curve,
curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307")); // n
ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
"ECDSA",
new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
parameters);
ECDsaSigner ecdsa = new ECDsaSigner();
ParametersWithRandom param = new ParametersWithRandom(priKey, k);
ecdsa.Init(true, param);
byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
BigInteger[] sig = ecdsa.GenerateSignature(message);
if (!r.Equals(sig[0]))
{
Fail("r component wrong." + SimpleTest.NewLine
+ " expecting: " + r + SimpleTest.NewLine
+ " got : " + sig[0]);
}
if (!s.Equals(sig[1]))
{
Fail("s component wrong." + SimpleTest.NewLine
+ " expecting: " + s + SimpleTest.NewLine
+ " got : " + sig[1]);
}
// Verify the signature
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
"ECDSA",
curve.DecodePoint(Hex.Decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
parameters);
ecdsa.Init(false, pubKey);
if (!ecdsa.VerifySignature(message, sig[0], sig[1]))
{
Fail("signature fails");
}
}
public void OnClickInquireButton() //QueryButton?
{
//반납하기 전 조회하는 함수.
if (nodeIP == null)
{
returnText.text = "First, Click QRCode Button!";
return;
}
//여기서 잘 이뤄지면
JsonData getAddressAmountPacket = new JsonData();
JsonData body = new JsonData(); JsonData header = new JsonData();
getAddressAmountPacket["Body"] = body;
getAddressAmountPacket["Header"] = header;
body["UserAddress"] = userAddress;
X9ECParameters ec = SecNamedCurves.GetByName("secp256k1");
ECDomainParameters domainParams = new ECDomainParameters(ec.Curve, ec.G, ec.N, ec.H);
BigInteger biPrivateKey = new BigInteger(privateKey);
ECPrivateKeyParameters tmpPrivatePara = new ECPrivateKeyParameters(biPrivateKey, domainParams);
ECDsaSigner privSigner = new ECDsaSigner();
privSigner.Init(true, tmpPrivatePara);
BigInteger[] signature = privSigner.GenerateSignature(Encoding.ASCII.GetBytes(getAddressAmountPacket["Body"].ToJson()));
BigInteger r = signature[0];
BigInteger s = signature[1];
//디지털 서명을 하는 부분.
header["EncryptR"] = bytesToHexString(r.ToByteArray());
header["EncryptS"] = bytesToHexString(s.ToByteArray());
header["PublicKey"] = publicKey;
header["Type"] = "GetAddressAmount";
//returnText.text = "deviceId"
//여기에 저장합
byte[] getAddressAmountPacketOutput = Encoding.ASCII.GetBytes(getAddressAmountPacket.ToJson());
TcpClient client = new TcpClient(nodeIP, nodePort);
NetworkStream stream = client.GetStream();
stream.Write(getAddressAmountPacketOutput, 0, getAddressAmountPacketOutput.Length);
System.Array.Clear(buffer, 0, buffer.Length);
stream.Read(buffer, 0, buffer.Length);
JsonData getAddressAmountResponsePacket = JsonMapper.ToObject(Encoding.ASCII.GetString(buffer));
client.Close();
if (getAddressAmountResponsePacket["Body"]["DeviceId"].Equals(null))
{
//null값이니 빌린 물건이 없다는 뜻
isInquire = false;
returnText.text = "no rental device";
return;
}
returnText.text = getAddressAmountResponsePacket["Body"]["DeviceId"].ToJson();
isInquire = true;
}
public static Signature Sign(Hash32 hash, PrivateKey privateKey)
{
BigInteger pk = new BigInteger(1, privateKey.Binary.ToArray());
X9ECParameters ec = SecNamedCurves.GetByName("secp256k1");
ECDomainParameters domainParams = new ECDomainParameters(ec.Curve, ec.G, ec.N, ec.H);
ECPrivateKeyParameters param = new ECPrivateKeyParameters(pk, domainParams);
ECDsaSigner signer = new ECDsaSigner(new HMacDsaKCalculator(new Sha256Digest()));
signer.Init(true, param);
var hashArray = hash.Binary.ToArray();
BigInteger[] sig = signer.GenerateSignature(hashArray);
BigInteger r = sig[0];
BigInteger s = sig[1];
if (s.CompareTo(domainParams.N.ShiftRight(1)) > 0)
{
s = domainParams.N.Subtract(s);
}
ECPoint q = domainParams.G.Multiply(pk);
var publicParams = new ECPublicKeyParameters(q, domainParams);
byte[] publicBytes = publicParams.Q.GetEncoded();
int recid = -1;
for (int rec = 0; rec < 4; rec++)
{
try
{
ECPoint Q = Recover(sig, hashArray, rec, true);
if (Enumerable.SequenceEqual(publicBytes, Q.GetEncoded()))
{
recid = rec;
break;
}
}
catch (Exception)
{
continue;
}
}
if (recid < 0)
{
throw new Exception("Did not find proper recid");
}
byte[] fullSigBytes = new byte[65];
Buffer.BlockCopy(sig[0].ToByteArrayUnsigned(), 0, fullSigBytes, 0, 32);
Buffer.BlockCopy(sig[1].ToByteArrayUnsigned(), 0, fullSigBytes, 32, 32);
fullSigBytes[64] = (byte)recid;
return(new Signature(fullSigBytes));
}
public void DeterministicECDSA()
{
var privateKey = Hashes.SHA256(new byte[] { 0x01 });
var signer = new ECDsaSigner(new Key(privateKey));
var signature = signer.GenerateSignature(Encoders.ASCII.GetBytes("hello word"));
Assert.IsTrue(signature.R == TestUtils.HexToBigInteger("8804e75cbdac8ab296df53eaf8f64cee01c283aa4a18f3f5853317faa282d4cd"));
Assert.IsTrue(signature.S == TestUtils.HexToBigInteger("42706d708c4fbf0dd075f3d3152872c7bd7e5ec9e2f691d33ce040d448f42002"));
}
public ECSignature Sign(byte[] data)
{
var ecdsaSigner = new ECDsaSigner(new HMacDsaKCalculator(DigestAlgorithm));
ecdsaSigner.Init(true, PrivateKeyParameters);
var signature = ecdsaSigner.GenerateSignature(data);
return(new ECSignature(signature[0], signature[1]));
}
/// <summary>
/// Calculates an ECDSA signature in DER format for the given input hash. Note that the input is expected to be
/// 32 bytes long.
/// </summary>
public EcdsaSignature Sign(byte[] input)
{
ECDsaSigner signer = new ECDsaSigner(new HMacDsaKCalculator(DigestUtilities.GetDigest("SHA-256")));
////ECDsaSigner signer = new ECDsaSigner();
signer.Init(true, new ECPrivateKeyParameters(this.privateKey, EcParams));
BigInteger[] sig = signer.GenerateSignature(input);
return(new EcdsaSignature(sig[0], sig[1]).ToCanonicalised());
}
public static ECDSASignature Sign(byte[] data, BigInteger privateKey)
{
ECPrivateKeyParameters parameters =
new ECPrivateKeyParameters(privateKey, Secp256k1DomainParameters);
IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest());
IDsa signer = new ECDsaSigner(kCalculator);
signer.Init(true, parameters);
return(new ECDSASignature(signer.GenerateSignature(data)));
}
public ECSignature Sign(ECKeyPair keyPair, byte[] data)
{
ECDsaSigner ecdsaSigner = new ECDsaSigner();
ecdsaSigner.Init(true, new ParametersWithRandom(keyPair.PrivateKey, Parameters.SecureRandom));
BigInteger[] signature = ecdsaSigner.GenerateSignature(data);
return(new ECSignature(signature));
}
/**
* Sign a hash with the private key of this key pair.
* @param message the hash to sign
* @return An {@link ECDSASignature} of the hash
*/
public ECDSASignature Sign(byte[] message)
{
var signer = new ECDsaSigner(new HMacDsaKCalculator(new Sha256Digest()));
var privateKey = new ECPrivateKeyParameters(PrivateKey, Curve);
signer.Init(true, privateKey);
var components = signer.GenerateSignature(message);
return(new ECDSASignature(components[0], components[1]).Canonicalize());
}
private static BigInteger[] SignTransaction(BigInteger privateKey, byte[] data)
{
ECDomainParameters ecSpec = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H);
ECPrivateKeyParameters keyParameters = new ECPrivateKeyParameters(privateKey, ecSpec);
IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest());
ECDsaSigner signer = new ECDsaSigner(kCalculator);
signer.Init(true, keyParameters);
BigInteger[] signature = signer.GenerateSignature(data);
return(signature);
}
/// <summary>
/// Calculates deterministic ECDSA signature (with HMAC-SHA256), based on secp256k1 and RFC-6979.
/// </summary>
public static BigInteger[] SignData(BigInteger privateKey, byte[] data)
{
var keyParameters = new ECPrivateKeyParameters(privateKey, Domain);
IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest());
var signer = new ECDsaSigner(kCalculator);
signer.Init(true, keyParameters);
var signature = signer.GenerateSignature(data);
return(signature);
}
/// <summary>
/// Verifies a public and private key by creating and verifiying a signature
/// </summary>
/// <param name="privateKey"></param>
/// <param name="publicKey"></param>
/// <param name="curveName"></param>
/// <returns></returns>
private bool KeysVerified(ECPrivateKeyParameters privateKey, ECPublicKeyParameters publicKey, string curveName)
{
byte[] M = Hex.Decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD");
ECDsaSigner dsa = new ECDsaSigner();
dsa.Init(true, privateKey);
var signature = dsa.GenerateSignature(M);
dsa.Init(false, publicKey);
return(dsa.VerifySignature(M, signature[0], signature[1]));
}
public void testClick()
{
JsonData initialConnectPacket = new JsonData();
JsonData body = new JsonData(); JsonData header = new JsonData();
initialConnectPacket["Body"] = body;
initialConnectPacket["Header"] = header;
header["Type"] = "InitialConnect";
header["PublicKey"] = publicKey;
X9ECParameters ec = SecNamedCurves.GetByName("secp256k1");
ECDomainParameters domainParams = new ECDomainParameters(ec.Curve, ec.G, ec.N, ec.H);
BigInteger biPrivateKey = new BigInteger(HexStringTobytes(privateKey));
ECPrivateKeyParameters tmpPrivatePara = new ECPrivateKeyParameters(biPrivateKey, domainParams);
//pivateKey로 privatekeyPara 만드는부분
ECDsaSigner privSigner = new ECDsaSigner();
privSigner.Init(true, tmpPrivatePara);
BigInteger[] signature = privSigner.GenerateSignature(Encoding.ASCII.GetBytes(initialConnectPacket["Body"].ToJson()));
BigInteger r = signature[0];
BigInteger s = signature[1];
//디지털 서명을 하는 부분.
header["EncryptR"] = bytesToHexString(r.ToByteArray());
header["EncryptS"] = bytesToHexString(s.ToByteArray());
body["UserAddress"] = userAddress;
//initial Connect하는 부분 Json완성.
//Debug.Log(initialConnectPacket.ToJson());
byte[] initialConnectPacketOutPut = Encoding.ASCII.GetBytes(initialConnectPacket.ToJson());
//TcpClient client = new TcpClient(nodeIP, nodePort);
TcpClient client = new TcpClient("13.125.135.232", 58243);
NetworkStream stream = client.GetStream();
stream.Write(initialConnectPacketOutPut, 0, initialConnectPacketOutPut.Length);
//Debug.Log(buffer.Length);
byte[] tbuffer = new byte[4096];
System.Array.Clear(tbuffer, 0, tbuffer.Length);
stream.Read(tbuffer, 0, 4096);
Debug.Log(Encoding.ASCII.GetString(tbuffer));
client.Close();
}
public ECDSASignature Sign(uint256 hash)
{
AssertPrivateKey();
ECDsaSigner signer = new ECDsaSigner();
signer.Init(true, PrivateKey);
BigInteger[] components = signer.GenerateSignature(hash.ToBytes());
ECDSASignature signature = new ECDSASignature(components[0], components[1]);
signature = signature.MakeCanonical();
return(signature);
}
public void TestECDsaP256Sha256()
{
X9ECParameters p = NistNamedCurves.GetByName("P-256");
var parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
var priKey = new ECPrivateKeyParameters(
new BigInteger("20186677036482506117540275567393538695075300175221296989956723148347484984008"), // d
parameters);
SecureRandom k =
FixedSecureRandom.From(
BigIntegers.AsUnsignedByteArray(
new BigInteger("72546832179840998877302529996971396893172522460793442785601695562409154906335")));
byte[] m = Hex.Decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD");
var dsa = new ECDsaSigner();
dsa.Init(true, new ParametersWithRandom(priKey, k));
IBigInteger[] sig = dsa.GenerateSignature(m);
IBigInteger r =
new BigInteger("97354732615802252173078420023658453040116611318111190383344590814578738210384");
IBigInteger s =
new BigInteger("98506158880355671805367324764306888225238061309262649376965428126566081727535");
if (!r.Equals(sig[0]))
{
Fail("r component wrong." + NewLine
+ " expecting: " + r + NewLine
+ " got : " + sig[0]);
}
if (!s.Equals(sig[1]))
{
Fail("s component wrong." + NewLine
+ " expecting: " + s + NewLine
+ " got : " + sig[1]);
}
// Verify the signature
var pubKey = new ECPublicKeyParameters(
parameters.Curve.DecodePoint(
Hex.Decode("03596375E6CE57E0F20294FC46BDFCFD19A39F8161B58695B3EC5B3D16427C274D")), // Q
parameters);
dsa.Init(false, pubKey);
if (!dsa.VerifySignature(m, sig[0], sig[1]))
{
Fail("signature fails");
}
}
/// <summary>Signs a hash using the given private key.</summary>
public static byte[] SignHash(byte[] data, byte[] priv)
{
ECDsaSigner signer = new ECDsaSigner();
ECPrivateKeyParameters curParams = new ECPrivateKeyParameters(new BigInteger(priv), _ecParams);
signer.Init(true, curParams);
// Generate the signature (produces the r and s values):
BigInteger[] rs = signer.GenerateSignature(data);
// Output stream:
System.IO.MemoryStream stream = new System.IO.MemoryStream();
// Output writer:
System.IO.BinaryWriter sig = new System.IO.BinaryWriter(stream);
// Get r and s as bytes (signed arrays):
byte[] rBa = rs[0].ToByteArray();
byte[] sBa = rs[1].ToByteArray();
// Sequence:
sig.Write((byte)0x30);
// Length (0 for now):
sig.Write((byte)0);
// Int:
sig.Write((byte)(0x02));
sig.Write((byte)rBa.Length);
sig.Write(rBa);
// Int:
sig.Write((byte)(0x02));
sig.Write((byte)sBa.Length);
sig.Write(sBa);
// Get the length:
int length = (int)stream.Length;
// Seek back and write the length - Goto 1:
sig.Seek(1, System.IO.SeekOrigin.Begin);
sig.Write((byte)length);
// Get the data as a block of bytes:
byte[] rawData = stream.ToArray();
stream.Close();
stream.Dispose();
return(rawData);
}
public bool HasTestPassed(AsymmetricCipherKeyPair kp)
{
ECDsaSigner signer = new ECDsaSigner();
signer.Init(true, new ParametersWithRandom(kp.Private, Utils.testRandom));
byte[] message = Hex.Decode("0102030405060708090a1112131415161718191a"); // size of a SHA-1 hash
BigInteger[] rs = signer.GenerateSignature(message);
signer.Init(false, kp.Public);
return(signer.VerifySignature(FipsKats.Values[FipsKats.Vec.ECKeyPairConsistencyVec], rs[0], rs[1]));
}
public void TestECDsaSecP224K1Sha256()
{
X9ECParameters p = SecNamedCurves.GetByName("secp224k1");
var parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
var priKey = new ECPrivateKeyParameters(
new BigInteger("BE6F6E91FE96840A6518B56F3FE21689903A64FA729057AB872A9F51", 16), // d
parameters);
SecureRandom k =
FixedSecureRandom.From(Hex.Decode("00c39beac93db21c3266084429eb9b846b787c094f23a4de66447efbb3"));
byte[] m = Hex.Decode("E5D5A7ADF73C5476FAEE93A2C76CE94DC0557DB04CDC189504779117920B896D");
var dsa = new ECDsaSigner();
dsa.Init(true, new ParametersWithRandom(priKey, k));
IBigInteger[] sig = dsa.GenerateSignature(m);
IBigInteger r = new BigInteger("8163E5941BED41DA441B33E653C632A55A110893133351E20CE7CB75", 16);
IBigInteger s = new BigInteger("D12C3FC289DDD5F6890DCE26B65792C8C50E68BF551D617D47DF15A8", 16);
if (!r.Equals(sig[0]))
{
Fail("r component wrong." + NewLine
+ " expecting: " + r + NewLine
+ " got : " + sig[0]);
}
if (!s.Equals(sig[1]))
{
Fail("s component wrong." + NewLine
+ " expecting: " + s + NewLine
+ " got : " + sig[1]);
}
// Verify the signature
var pubKey = new ECPublicKeyParameters(
parameters.Curve.DecodePoint(
Hex.Decode(
"04C5C9B38D3603FCCD6994CBB9594E152B658721E483669BB42728520F484B537647EC816E58A8284D3B89DFEDB173AFDC214ECA95A836FA7C")),
// Q
parameters);
dsa.Init(false, pubKey);
if (!dsa.VerifySignature(m, sig[0], sig[1]))
{
Fail("signature fails");
}
}
public void TestECDsaP224Sha224()
{
X9ECParameters p = NistNamedCurves.GetByName("P-224");
var parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
var priKey = new ECPrivateKeyParameters(
new BigInteger("6081831502424510080126737029209236539191290354021104541805484120491"), // d
parameters);
SecureRandom k =
FixedSecureRandom.From(
BigIntegers.AsUnsignedByteArray(
new BigInteger("15456715103636396133226117016818339719732885723579037388121116732601")));
byte[] m = Hex.Decode("8797A3C693CC292441039A4E6BAB7387F3B4F2A63D00ED384B378C79");
var dsa = new ECDsaSigner();
dsa.Init(true, new ParametersWithRandom(priKey, k));
IBigInteger[] sig = dsa.GenerateSignature(m);
IBigInteger r = new BigInteger("26477406756127720855365980332052585411804331993436302005017227573742");
IBigInteger s = new BigInteger("17694958233103667059888193972742186995283044672015112738919822429978");
if (!r.Equals(sig[0]))
{
Fail("r component wrong." + NewLine
+ " expecting: " + r + NewLine
+ " got : " + sig[0]);
}
if (!s.Equals(sig[1]))
{
Fail("s component wrong." + NewLine
+ " expecting: " + s + NewLine
+ " got : " + sig[1]);
}
// Verify the signature
var pubKey = new ECPublicKeyParameters(
parameters.Curve.DecodePoint(Hex.Decode("03FD44EC11F9D43D9D23B1E1D1C9ED6519B40ECF0C79F48CF476CC43F1")),
// Q
parameters);
dsa.Init(false, pubKey);
if (!dsa.VerifySignature(m, sig[0], sig[1]))
{
Fail("signature fails");
}
}
private BigInteger[] SignData(BigInteger privateKey, byte[] data)
{
// TODO: put curve name
string curveName = "";
var curve = NistNamedCurves.GetByName(curveName);
ECDomainParameters ecSpec = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H);
ECPrivateKeyParameters keyParameters = new ECPrivateKeyParameters(privateKey, ecSpec);
IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest());
ECDsaSigner signer = new ECDsaSigner(kCalculator);
signer.Init(true, keyParameters);
BigInteger[] signature = signer.GenerateSignature(data);
return(signature);
}
public static BigInteger[] GenerateSignature(byte[] message, BigInteger privateKey)
{
ECPrivateKeyParameters privateKeyParameters = new ECPrivateKeyParameters(privateKey, domain);
SecureRandom k = new SecureRandom();
ParametersWithRandom param = new ParametersWithRandom(privateKeyParameters, k);
ECDsaSigner ecdsa = new ECDsaSigner();
ecdsa.Init(true, param);
BigInteger[] signature = ecdsa.GenerateSignature(message);
return(signature);
}
public Signature Sign(byte[] msg, byte[] prvKey)
{
var keyedHash = Blake2b.GetDigest(msg);
var curve = SecNamedCurves.GetByName("secp256r1");
var parameters = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H, curve.GetSeed());
var key = new ECPrivateKeyParameters(new BigInteger(prvKey), parameters);
var signer = new ECDsaSigner(new HMacDsaKCalculator(new Blake2bDigest(256)));
signer.Init(true, parameters: key);
var rs = signer.GenerateSignature(keyedHash);
var r = rs[0].ToByteArrayUnsigned();
var s = rs[1].ToByteArrayUnsigned();
return(new Signature(r.Concat(s), _SignaturePrefix));
}
/// <summary>
/// Calculates an ECDSA signature in DER format for the given input hash. Note that the input is expected to be
/// 32 bytes long.
/// </summary>
public byte[] Sign(byte[] input)
{
var ecDsaSigner = new ECDsaSigner();
var privateKeyParameters = new ECPrivateKeyParameters(_privateKey, EcParams);
ecDsaSigner.Init(true, privateKeyParameters);
var signature = ecDsaSigner.GenerateSignature(input);
using (var memoryStream = new MemoryStream()) {
var sequenceGenerator = new DerSequenceGenerator(memoryStream);
sequenceGenerator.AddObject(new DerInteger(signature[0]));
sequenceGenerator.AddObject(new DerInteger(signature[1]));
sequenceGenerator.Close();
return(memoryStream.ToArray());
}
}
public void CanSignMessage()
{
var dA = Hashes.SHA256(new byte[] { 0x01 });
var k = Encoders.Hex.GetBytes("0098e9c07e8e6adb97b77d85b0c10a265e11737a89a3e37b");
var rnd = new FakeRandom(k);
var key = new Key(dA);
var signer = new ECDsaSigner(rnd, key);
var message = Encoders.Hex.GetBytes("66e98a165854cd07989b1ee0ec3f8dbe0ee3c2fb0051ef53a0be03457c4f21bc");
var s1 = signer.GenerateSignature(message);
Assert.IsTrue(signer.VerifySignature(message, s1));
Assert.IsTrue(s1.R == (rnd.GetNextK() * Secp256k1.G).X % Secp256k1.N);
Assert.IsTrue(ECDsaSigner.VerifySignature(message, s1.R, s1.S, key.PubKey));
}
public byte[] Sign(ArraySegment <byte> data)
{
ECDsaSigner signer = new ECDsaSigner();
if (_random == null)
{
signer.Init(true, new ECPrivateKeyParameters(_key, domainParms));
}
else
{
signer.Init(true, new ParametersWithRandom(new ECPrivateKeyParameters(_key, domainParms), _random));
}
byte[] hash = data.ToArray();
var sig = signer.GenerateSignature(hash);
var r = sig[0];
var s = sig[1];
var bytes1 = r.ToByteArray();
var bytes2 = s.ToByteArray();
byte[] signatureBytes = new byte[64];
if (bytes1.Length == 33 && bytes1[0] == 0)
{
Array.Copy(bytes1, 1, signatureBytes, 0, 32);
}
else if (bytes1.Length <= 32)
{
Array.Copy(bytes1, 0, signatureBytes, 32 - bytes1.Length, bytes1.Length);
}
else
{
throw new Exception("Unacceptable signature length");
}
if (bytes2.Length == 33 && bytes2[0] == 0)
{
Array.Copy(bytes2, 1, signatureBytes, 32, 32);
}
else if (bytes2.Length <= 32)
{
Array.Copy(bytes2, 0, signatureBytes, 64 - bytes2.Length, bytes2.Length);
}
else
{
throw new Exception("Unacceptable signature length");
}
return(signatureBytes);
}
public byte[] CreatePrivateKeyScript(Transaction tx, int inputIndex, byte hashType, ECPrivateKeyParameters privateKey, ECPublicKeyParameters publicKey)
{
//TODO
var sha256 = new SHA256Managed();
var scriptEngine = new ScriptEngine(this.logger);
var publicAddress = CreatePublicAddress(publicKey);
var publicKeyScript = CreatePublicKeyScript(publicAddress);
var txSignature = scriptEngine.TxSignature(publicKeyScript.ToImmutableArray(), tx, inputIndex, hashType);
var txSignatureHash = sha256.ComputeDoubleHash(txSignature);
//Debug.WriteLine("Signing Tx: {0}".Format2(txSignature.ToHexDataString()));
//Debug.WriteLine("Signing Tx Hash: {0}".Format2(txSignatureHash.ToHexDataString()));
var signer = new ECDsaSigner();
signer.Init(forSigning: true, parameters: privateKey);
var signature = signer.GenerateSignature(txSignatureHash);
var r = signature[0];
var s = signature[1];
byte[] sigEncoded;
using (var stream = new MemoryStream())
{
using (var asn1Stream = new Asn1OutputStream(stream))
{
asn1Stream.WriteObject(new DerSequence(new DerInteger(r), new DerInteger(s)));
}
sigEncoded = stream.ToArray().Concat(hashType);
}
//Debug.WriteLine("Sig R: {0}".Format2(r.ToHexNumberStringUnsigned()));
//Debug.WriteLine("Sig S: {0}".Format2(s.ToHexNumberStringUnsigned()));
//Debug.WriteLine("Sig Encoded: {0}".Format2(sigEncoded.ToHexDataString()));
using (var privateKeyScript = new ScriptBuilder())
{
privateKeyScript.WritePushData(sigEncoded);
privateKeyScript.WritePushData(publicAddress);
//Debug.WriteLine("Private Script: {0}".Format2(privateKeyScript.GetScript().ToHexDataString()));
return(privateKeyScript.GetScript());
}
}
public void TestECDsaKeyGenTest()
{
SecureRandom random = new SecureRandom();
BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307");
FpCurve curve = new FpCurve(
new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b
n, BigInteger.One);
ECDomainParameters parameters = new ECDomainParameters(
curve,
curve.DecodePoint(Hex.Decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
n);
ECKeyPairGenerator pGen = new ECKeyPairGenerator();
ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
parameters,
random);
pGen.Init(genParam);
AsymmetricCipherKeyPair pair = pGen.GenerateKeyPair();
ParametersWithRandom param = new ParametersWithRandom(pair.Private, random);
ECDsaSigner ecdsa = new ECDsaSigner();
ecdsa.Init(true, param);
byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").ToByteArray();
BigInteger[] sig = ecdsa.GenerateSignature(message);
ecdsa.Init(false, pair.Public);
if (!ecdsa.VerifySignature(message, sig[0], sig[1]))
{
_testOutputHelper.WriteLine("signature fails");
}
_testOutputHelper.WriteLine("signature passes");
}
public void TestECDsaP521Sha512()
{
X9ECParameters p = NistNamedCurves.GetByName("P-521");
ECDomainParameters parameters = new ECDomainParameters(p.Curve, p.G, p.N, p.H);
ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
new BigInteger("617573726813476282316253885608633222275541026607493641741273231656161177732180358888434629562647985511298272498852936680947729040673640492310550142822667389"), // d
parameters);
SecureRandom k = FixedSecureRandom.From(BigIntegers.AsUnsignedByteArray(new BigInteger("6806532878215503520845109818432174847616958675335397773700324097584974639728725689481598054743894544060040710846048585856076812050552869216017728862957612913")));
byte[] M = Hex.Decode("6893B64BD3A9615C39C3E62DDD269C2BAAF1D85915526083183CE14C2E883B48B193607C1ED871852C9DF9C3147B574DC1526C55DE1FE263A676346A20028A66");
ECDsaSigner dsa = new ECDsaSigner();
dsa.Init(true, new ParametersWithRandom(priKey, k));
BigInteger[] sig = dsa.GenerateSignature(M);
BigInteger r = new BigInteger("1368926195812127407956140744722257403535864168182534321188553460365652865686040549247096155740756318290773648848859639978618869784291633651685766829574104630");
BigInteger s = new BigInteger("1624754720348883715608122151214003032398685415003935734485445999065609979304811509538477657407457976246218976767156629169821116579317401249024208611945405790");
if (!r.Equals(sig[0]))
{
Fail("r component wrong." + SimpleTest.NewLine
+ " expecting: " + r + SimpleTest.NewLine
+ " got : " + sig[0]);
}
if (!s.Equals(sig[1]))
{
Fail("s component wrong." + SimpleTest.NewLine
+ " expecting: " + s + SimpleTest.NewLine
+ " got : " + sig[1]);
}
// Verify the signature
ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
parameters.Curve.DecodePoint(Hex.Decode("020145E221AB9F71C5FE740D8D2B94939A09E2816E2167A7D058125A06A80C014F553E8D6764B048FB6F2B687CEC72F39738F223D4CE6AFCBFF2E34774AA5D3C342CB3")), // Q
parameters);
dsa.Init(false, pubKey);
if (!dsa.VerifySignature(M, sig[0], sig[1]))
{
Fail("signature fails");
}
}