public static bool Verify(byte[] message, byte[] signature, byte[] pubkey, Phantasma.Cryptography.ECC.ECDsaCurve phaCurve = Phantasma.Cryptography.ECC.ECDsaCurve.Secp256r1, SignatureFormat signatureFormat = SignatureFormat.Concatenated)
{
var signer = SignerUtilities.GetSigner("SHA256withECDSA");
Org.BouncyCastle.Asn1.X9.X9ECParameters curve;
switch (phaCurve)
{
case Phantasma.Cryptography.ECC.ECDsaCurve.Secp256k1:
curve = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1");
break;
default:
curve = NistNamedCurves.GetByName("P-256");
break;
}
var dom = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H);
var point = dom.Curve.DecodePoint(pubkey);
var publicKeyParameters = new ECPublicKeyParameters(point, dom);
signer.Init(false, publicKeyParameters);
signer.BlockUpdate(message, 0, message.Length);
switch (signatureFormat)
{
case SignatureFormat.Concatenated:
// We convert from concatenated "raw" R + S format to DER format that Bouncy Castle uses.
signature = new Org.BouncyCastle.Asn1.DerSequence(
// first 32 bytes is "r" number
new Org.BouncyCastle.Asn1.DerInteger(new BigInteger(1, signature.Take(32).ToArray())),
// last 32 bytes is "s" number
new Org.BouncyCastle.Asn1.DerInteger(new BigInteger(1, signature.Skip(32).ToArray())))
.GetDerEncoded();
break;
case SignatureFormat.DEREncoded:
// Do nothing, signature already DER-encoded.
break;
default:
throw new Exception("Unknown signature format");
}
return(signer.VerifySignature(signature));
}
public static byte[] Sign(byte[] message, byte[] prikey, byte[] pubkey, Phantasma.Cryptography.ECC.ECDsaCurve phaCurve = Phantasma.Cryptography.ECC.ECDsaCurve.Secp256r1)
{
var signer = SignerUtilities.GetSigner("SHA256withECDSA");
Org.BouncyCastle.Asn1.X9.X9ECParameters curve;
switch (phaCurve)
{
case Phantasma.Cryptography.ECC.ECDsaCurve.Secp256k1:
curve = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1");
break;
default:
curve = NistNamedCurves.GetByName("P-256");
break;
}
var dom = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H);
ECKeyParameters privateKeyParameters = new ECPrivateKeyParameters(new BigInteger(1, prikey), dom);
signer.Init(true, privateKeyParameters);
signer.BlockUpdate(message, 0, message.Length);
var sig = signer.GenerateSignature();
return(TranscodeSignatureToConcat(sig, 64));
}
public static byte[] Sign(byte[] message, byte[] prikey, byte[] pubkey, Phantasma.Cryptography.ECC.ECDsaCurve phaCurve = Phantasma.Cryptography.ECC.ECDsaCurve.Secp256r1, SignatureFormat signatureFormat = SignatureFormat.Concatenated)
{
var signer = SignerUtilities.GetSigner("SHA256withECDSA");
Org.BouncyCastle.Asn1.X9.X9ECParameters curve;
switch (phaCurve)
{
case Phantasma.Cryptography.ECC.ECDsaCurve.Secp256k1:
curve = Org.BouncyCastle.Asn1.Sec.SecNamedCurves.GetByName("secp256k1");
break;
default:
curve = NistNamedCurves.GetByName("P-256");
break;
}
var dom = new ECDomainParameters(curve.Curve, curve.G, curve.N, curve.H);
ECKeyParameters privateKeyParameters = new ECPrivateKeyParameters(new BigInteger(1, prikey), dom);
signer.Init(true, privateKeyParameters);
signer.BlockUpdate(message, 0, message.Length);
var sig = signer.GenerateSignature();
switch (signatureFormat)
{
case SignatureFormat.Concatenated:
// We convert from default DER format that Bouncy Castle uses to concatenated "raw" R + S format.
return(TranscodeSignatureToConcat(sig, 64));
case SignatureFormat.DEREncoded:
// Return DER-encoded signature unchanged.
return(sig);
default:
throw new Exception("Unknown signature format");
}
}