public bool IsValid(Transaction transaction) { ECDomainParameters ecSpec = new ECDomainParameters(CryptoUtil.Curve.Curve, CryptoUtil.Curve.G, CryptoUtil.Curve.N, CryptoUtil.Curve.H); IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); var point = DecodeECPointPublicKey(transaction.SenderPublicKey); ECPublicKeyParameters keyParameters = new ECPublicKeyParameters(point, ecSpec); ECDsaSigner signer = new ECDsaSigner(kCalculator); signer.Init(false, keyParameters); var pubKey1 = new BigInteger(transaction.Signature[0], 16); var pubKey2 = new BigInteger(transaction.Signature[1], 16); TransactionRaw transactionRaw = new TransactionRaw() { FromAddress = transaction.FromAddress, ToAddress = transaction.ToAddress, Amount = transaction.Amount, DateCreated = transaction.DateCreated }; string tranJson = JsonConvert.SerializeObject(transactionRaw); byte[] tranHash = CryptoUtil.CalcSHA256(tranJson); return(signer.VerifySignature(tranHash, pubKey1, pubKey2)); }
/// <summary> /// Creates a signature from the given <paramref name="message"/>. /// <para> /// A created signature can be verified by the corresponding /// <see cref="PublicKey"/>. /// </para> /// <para> /// Signatures can be created by only the <see cref="PrivateKey"/> /// which corresponds a <see cref="PublicKey"/> to verify these /// signatures. /// </para> /// <para> /// To sum up, a signature is used to guarantee: /// </para> /// <list type="bullet"> /// <item><description>that the <paramref name="message"/> was created /// by someone possessing the corresponding <see cref="PrivateKey"/>, /// </description></item> /// <item><description>that the possessor cannot deny having sent the /// <paramref name="message"/>, and</description></item> /// <item><description>that the <paramref name="message"/> was not /// forged in the middle of transit.</description></item> /// </list> /// </summary> /// <param name="message">A message to sign in <see cref="byte"/> array /// representation.</param> /// <returns>A signature that verifies the <paramref name="message"/>. /// It can be verified using /// <see cref="Libplanet.Crypto.PublicKey.Verify(byte[], byte[])"/> /// method.</returns> /// <seealso cref="Libplanet.Crypto.PublicKey.Verify(byte[], byte[])"/> public byte[] Sign(byte[] message) { var h = new Sha256Digest(); var hashed = new byte[h.GetDigestSize()]; h.BlockUpdate(message, 0, message.Length); h.DoFinal(hashed, 0); h.Reset(); var kCalculator = new HMacDsaKCalculator(h); var signer = new ECDsaSigner(kCalculator); signer.Init(true, keyParam); BigInteger[] rs = signer.GenerateSignature(hashed); var r = rs[0]; var s = rs[1]; BigInteger otherS = keyParam.Parameters.N.Subtract(s); if (s.CompareTo(otherS) == 1) { s = otherS; } var bos = new MemoryStream(72); var seq = new DerSequenceGenerator(bos); seq.AddObject(new DerInteger(r)); seq.AddObject(new DerInteger(s)); seq.Close(); return(bos.ToArray()); }
public byte[] Sign(HashDigest <T> messageHash, PrivateKey privateKey) { var h = new Sha256Digest(); var kCalculator = new HMacDsaKCalculator(h); var signer = new ECDsaSigner(kCalculator); signer.Init(true, privateKey.KeyParam); BigInteger[] rs = signer.GenerateSignature(messageHash.ToByteArray()); var r = rs[0]; var s = rs[1]; BigInteger otherS = privateKey.KeyParam.Parameters.N.Subtract(s); if (s.CompareTo(otherS) == 1) { s = otherS; } var bos = new MemoryStream(72); var seq = new DerSequenceGenerator(bos); seq.AddObject(new DerInteger(r)); seq.AddObject(new DerInteger(s)); seq.Close(); return(bos.ToArray()); }
public static bool VerifySignature(ECPublicKeyParameters keyParameters, BigInteger[] signature, byte[] msg) { IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); var signer = new ECDsaSigner(kCalculator); signer.Init(false, keyParameters); return(signer.VerifySignature(msg, signature[0], signature[1])); }
public static ECDSASignature Sign(byte[] data, BigInteger privateKey) { ECPrivateKeyParameters parameters = new ECPrivateKeyParameters(privateKey, Secp256k1DomainParameters); IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); IDsa signer = new ECDsaSigner(kCalculator); signer.Init(true, parameters); return(new ECDSASignature(signer.GenerateSignature(data))); }
public static bool VerifySignature( byte[] hash, ECDSASignature signature, ECPublicKeyParameters parameters) { IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); var signer = new ECDsaSigner(kCalculator); signer.Init(false, parameters); return(signer.VerifySignature(hash, signature.R, signature.S)); }
private static BigInteger[] SignTransaction(BigInteger privateKey, byte[] data) { ECDomainParameters ecSpec = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H); ECPrivateKeyParameters keyParameters = new ECPrivateKeyParameters(privateKey, ecSpec); IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); ECDsaSigner signer = new ECDsaSigner(kCalculator); signer.Init(true, keyParameters); BigInteger[] signature = signer.GenerateSignature(data); return(signature); }
/// <summary> /// Calculates deterministic ECDSA signature (with HMAC-SHA256), based on secp256k1 and RFC-6979. /// </summary> public static BigInteger[] SignData(BigInteger privateKey, byte[] data) { var keyParameters = new ECPrivateKeyParameters(privateKey, Domain); IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); var signer = new ECDsaSigner(kCalculator); signer.Init(true, keyParameters); var signature = signer.GenerateSignature(data); return(signature); }
public static bool VerifySignature( ECPoint publicKey, BigInteger r, BigInteger s, byte[] hash) { ECPublicKeyParameters parameters = GetPublicKeyParameters(publicKey); IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); var signer = new ECDsaSigner(kCalculator); signer.Init(false, parameters); return(signer.VerifySignature(hash, r, s)); }
private BigInteger[] SignData(BigInteger privateKey, byte[] data) { // TODO: put curve name string curveName = ""; var curve = NistNamedCurves.GetByName(curveName); ECDomainParameters ecSpec = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H); ECPrivateKeyParameters keyParameters = new ECPrivateKeyParameters(privateKey, ecSpec); IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); ECDsaSigner signer = new ECDsaSigner(kCalculator); signer.Init(true, keyParameters); BigInteger[] signature = signer.GenerateSignature(data); return(signature); }
public bool Validate(Transaction transaction) { ECDomainParameters ecSpec = new ECDomainParameters(Crypto.Curve.Curve, Crypto.Curve.G, Crypto.Curve.N, Crypto.Curve.H); IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); // var point = Crypto.DecodeECPointFromPublicKey(transaction.SenderPublicKey); // ECPublicKeyParameters keyParameters = new ECPublicKeyParameters(point, ecSpec); // ECDsaSigner signer = new ECDsaSigner(kCalculator); // signer.Init(false, keyParameters); // var pubKey1 = new BigInteger(transaction.SenderSignature[0], 16); // var pubKey2 = new BigInteger(transaction.SenderSignature[1], 16); // byte[] transactionHash = Crypto.CalcSha256(this.GetTransactionPayload(transaction)); // bool isValid = signer.VerifySignature(transactionHash, pubKey1, pubKey2); return(true); }
public static bool IsSignatureValid(PendingTransaction transaction) { ECPoint publicKeyPoint = GetECPublicKeyPoint(transaction.SenderPublicKey); ECDomainParameters ecSpec = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H); ECPublicKeyParameters publicKeyParameters = new ECPublicKeyParameters(publicKeyPoint, ecSpec); IDsaKCalculator kCalculator = new HMacDsaKCalculator(new Sha256Digest()); ECDsaSigner signer = new ECDsaSigner(kCalculator); signer.Init(false, publicKeyParameters); byte[] tranHashWithoutSignature = CalculateSHA256(transaction.AsJsonWithoutSignatureAndHash()); BigInteger signatureR = new BigInteger(transaction.SenderSignature[0], 16); BigInteger signatureS = new BigInteger(transaction.SenderSignature[1], 16); bool isValid = signer.VerifySignature(tranHashWithoutSignature, signatureR, signatureS); return(isValid); }
public virtual ECSignature GetECSignature(ECPrivateKey privateKey, byte[] data, bool beDeterministic = false, bool enforceLowS = true) { var curve = SecNamedCurves.GetByName(CURVEALGO); var domain = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H); IDsaKCalculator kCalculator; if (beDeterministic) { kCalculator = new HMacDsaKCalculator(new Sha256Digest()); } else { kCalculator = new RandomDsaKCalculator(); } ECDsaSigner signer = new ECDsaSigner(kCalculator); signer.Init(true, new ECPrivateKeyParameters(new BigInteger(1, privateKey.Base64Array), domain)); BigInteger[] components = signer.GenerateSignature(data); BigInteger r = components[0]; BigInteger s = components[1]; BigInteger curveOrder = domain.N; BigInteger halvCurveOrder = curveOrder.ShiftRight(1); bool sIsLow = s.CompareTo(halvCurveOrder) <= 0; if (enforceLowS && !sIsLow) { s = curveOrder.Subtract(s); } return(new ECSignature(r, s)); }