static void Main(string[] args) { // Create a secp256k1 context (ensure disposal to prevent unmanaged memory leaks). using (var secp256k1 = new Secp256k1()) { // Generate a private key. var privateKey = new byte[32]; var rnd = System.Security.Cryptography.RandomNumberGenerator.Create(); do { rnd.GetBytes(privateKey); }while (!secp256k1.SecretKeyVerify(privateKey)); // Create public key from private key. var publicKey = new byte[64]; Debug.Assert(secp256k1.PublicKeyCreate(publicKey, privateKey)); // Sign a message hash. var messageBytes = Encoding.UTF8.GetBytes("Hello world."); var messageHash = System.Security.Cryptography.SHA256.Create().ComputeHash(messageBytes); var signature = new byte[64]; Debug.Assert(secp256k1.Sign(signature, messageHash, privateKey)); // Serialize a DER signature from ECDSA signature byte[] signatureDer = new byte[Secp256k1.SERIALIZED_DER_SIGNATURE_MAX_SIZE]; int outL = 0; Debug.Assert(secp256k1.SignatureSerializeDer(signatureDer, signature, out outL)); Array.Resize(ref signatureDer, outL); // Verify message hash. Debug.Assert(secp256k1.Verify(signature, messageHash, publicKey)); } }
/// <summary> /// Attachs the envelope. /// </summary> /// <param name="blindSum">Blind sum.</param> /// <param name="commitSum">Commit sum.</param> /// <param name="balance">Balance.</param> /// <param name="secret">Secret.</param> /// <param name="coin">Coin.</param> private void AttachEnvelope(byte[] blindSum, byte[] commitSum, ulong balance, SecureString secret, SecureString salt, ref CoinDto coin) { var(k1, k2) = Split(blindSum, secret, salt, coin.Stamp, coin.Version); using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) using (var bulletProof = new BulletProof()) { coin.Envelope.Commitment = commitSum.ToHex(); coin.Envelope.Proof = k2.ToHex(); coin.Envelope.PublicKey = pedersen.ToPublicKey(pedersen.Commit(0, k1)).ToHex(); coin.Hash = Hash(coin).ToHex(); coin.Envelope.Signature = secp256k1.Sign(coin.Hash.FromHex(), k1).ToHex(); var @struct = bulletProof.ProofSingle(balance, blindSum, Cryptography.RandomBytes(), null, null, null); var success = bulletProof.Verify(commitSum, @struct.proof, null); if (!success) { throw new ArgumentOutOfRangeException(nameof(success), "Bullet proof failed."); } coin.Envelope.RangeProof = @struct.proof.ToHex(); } }
static void Main(string[] args) { // Create a secp256k1 context (ensure disposal to prevent unmanaged memory leaks). using (var secp256k1 = new Secp256k1()) { // Generate a private key. var privateKey = new byte[32]; var rnd = System.Security.Cryptography.RandomNumberGenerator.Create(); do { rnd.GetBytes(privateKey); }while (!secp256k1.SecretKeyVerify(privateKey)); // Create public key from private key. var publicKey = new byte[64]; Debug.Assert(secp256k1.PublicKeyCreate(publicKey, privateKey)); // Sign a message hash. var messageBytes = Encoding.UTF8.GetBytes("Hello world."); var messageHash = System.Security.Cryptography.SHA256.Create().ComputeHash(messageBytes); var signature = new byte[64]; Debug.Assert(secp256k1.Sign(signature, messageHash, privateKey)); // Verify message hash. Debug.Assert(secp256k1.Verify(signature, messageHash, publicKey)); } }
static void TestToPublicKey() { using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) { var blinding = secp256k1.CreatePrivateKey(); var commitPos = pedersen.Commit(0, blinding); var commitNeg = pedersen.Commit(0, blinding); var blindSum = pedersen.BlindSum(new List <byte[]> { blinding, blinding }, new List <byte[]> { }); var commitSum = pedersen.CommitSum(new List <byte[]> { commitPos }, new List <byte[]> { commitNeg }); var msg = "Message for signing"; var msgBytes = Encoding.UTF8.GetBytes(msg); var msgHash = System.Security.Cryptography.SHA256.Create().ComputeHash(msgBytes); var sig = secp256k1.Sign(msgHash, blinding); var pubKey = pedersen.ToPublicKey(commitSum); var verified1 = secp256k1.Verify(sig, msgHash, pubKey); var pub = secp256k1.CreatePublicKey(blinding); } }
public static byte[] GenerateSignatureSecp256k1(byte[] privateKey, byte[] data) { lock (ecdsaLock) { return(secp256k1.Sign(privateKey, data)); } }
public void Sign_With_PubKey_From_Commitment() { using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) { string ToHex(byte[] data) { return(BitConverter.ToString(data).Replace("-", string.Empty)); } var blinding = secp256k1.CreatePrivateKey(); var commit = pedersen.Commit(0, blinding); var msg = "Message for signing"; var msgBytes = Encoding.UTF8.GetBytes(msg); var msgHash = System.Security.Cryptography.SHA256.Create().ComputeHash(msgBytes); var sig = secp256k1.Sign(msgHash, blinding); var pubKey = pedersen.ToPublicKey(commit); Assert.True(secp256k1.Verify(sig, msgHash, pubKey)); var actualPubKey = secp256k1.CreatePublicKey(blinding); Assert.Equal(ToHex(pubKey), ToHex(actualPubKey)); } }
/// <summary> /// Signs with blinding factor. /// </summary> /// <returns>The with blinding.</returns> /// <param name="msg">Message.</param> /// <param name="blinding">Blinding.</param> public byte[] SignWithBlinding(byte[] msg, byte[] blinding) { if (msg == null) { throw new ArgumentNullException(nameof(msg)); } if (msg.Length > 32) { throw new IndexOutOfRangeException(nameof(msg)); } if (blinding == null) { throw new ArgumentNullException(nameof(blinding)); } if (blinding.Length > 32) { throw new IndexOutOfRangeException(nameof(blinding)); } using (var secp256k1 = new Secp256k1()) { var msgHash = Cryptography.GenericHashNoKey(Encoding.UTF8.GetString(msg)); return(secp256k1.Sign(msgHash, blinding)); } }
public byte[] Sign(HashDigest <T> messageHash, PrivateKey privateKey) { lock (_instanceLock) { var secp256K1Signature = new byte[Secp256k1.SIGNATURE_LENGTH]; var privateKeyBytes = new byte[Secp256k1.PRIVKEY_LENGTH]; privateKey.ByteArray.CopyTo( privateKeyBytes, Secp256k1.PRIVKEY_LENGTH - privateKey.ByteArray.Length); _instance.Sign( secp256K1Signature, messageHash.ToByteArray(), privateKeyBytes); var signature = new byte[Secp256k1.SERIALIZED_DER_SIGNATURE_MAX_SIZE]; _instance.SignatureSerializeDer( signature, secp256K1Signature, out int signatureLength); return(signature.Take(signatureLength).ToArray()); } }
/// <summary> /// Sign the specified amount, version, stamp, password and msg. /// </summary> /// <returns>The sign.</returns> /// <param name="amount">Amount.</param> /// <param name="version">Version.</param> /// <param name="stamp">Stamp.</param> /// <param name="password">Password.</param> /// <param name="msg">Message.</param> public byte[] Sign(ulong amount, int version, string stamp, SecureString password, byte[] msg) { if (string.IsNullOrEmpty(stamp)) { throw new ArgumentNullException(nameof(stamp)); } if (password == null) { throw new ArgumentNullException(nameof(password)); } if (msg == null) { throw new ArgumentNullException(nameof(msg)); } if (msg.Length > 32) { throw new IndexOutOfRangeException(nameof(msg)); } using (var secp256k1 = new Secp256k1()) { var blind = DeriveKey(version, stamp, password).FromHex(); var sig = secp256k1.Sign(msg, blind); return(sig); } }
public void SetupVerify() { SetupSign(); Span <byte> sk = new byte[64]; sk = privateKey; Span <byte> m = new byte[32]; m = message; Span <byte> sig = new byte[64]; secp256k1.Sign(sig, message, sk); signature = sig.ToArray(); }
public static byte[] Sign(object data, byte[] privateKey) { var signature = new byte[64]; var dataHash = ObjectToSha256(data); using (var secp256k1 = new Secp256k1()) { secp256k1.Sign(signature, dataHash, privateKey); return(signature); } }
/// <summary> /// Signs with blinding factor. /// </summary> /// <returns>The with blinding.</returns> /// <param name="msg">Message.</param> /// <param name="blinding">Blinding.</param> public byte[] SignWithBlinding(byte[] msg, byte[] blinding) { Guard.Argument(msg, nameof(msg)).NotNull().MaxCount(32); Guard.Argument(blinding, nameof(blinding)).NotNull().MaxCount(32); using (var secp256k1 = new Secp256k1()) { var msgHash = Cryptography.GenericHashNoKey(Encoding.UTF8.GetString(msg)); return(secp256k1.Sign(msgHash, blinding)); } }
public void Sign(string privateKey) { using (var sep = new Secp256k1()) { var secret = Convert.FromBase64String(privateKey); var hash = Convert.FromBase64String(ComputeHash()); var signature = new byte[64]; sep.Sign(signature, hash, secret); Signature = Convert.ToBase64String(signature); } }
public void TestRecoverAddressTest() { var priKey = "0xdce1443bd2ef0c2631adc1c67e5c93f13dc23a41c18b536effbbdcbcdb96fb65".ToBytes(); var vechainKey = new SimpleWallet(priKey); var msgHash = Keccack256.CalculateHash("hello world"); var signature = Secp256k1.Sign(msgHash, priKey); var recoverAddress = SimpleWallet.RecoverAddress(msgHash, signature); Assert.True(recoverAddress == "0x7567d83b7b8d80addcb281a71d54fc7b3364ffed"); }
/// <summary> /// Sign a <paramref name="digest"/> using a <paramref name="privateKey"/>. /// </summary> /// <param name="digest">The digest to be signed.</param> /// <param name="privateKey">The private key.</param> /// <returns>The signature.</returns> public byte[] Sign(byte[] digest, byte[] privateKey) { if (digest == null) { throw new ArgumentNullException(nameof(digest)); } if (privateKey == null) { throw new ArgumentNullException(nameof(privateKey)); } return(_algorithm.Sign(privateKey, digest)); }
/// <summary> /// Sign the specified amount and msg. /// </summary> /// <returns>The sign.</returns> /// <param name="amount">Amount.</param> /// <param name="msg">Message.</param> public byte[] Sign(ulong amount, byte[] msg) { Guard.Argument(msg, nameof(msg)).NotNull().MaxCount(32); using (var secp256k1 = new Secp256k1()) { var blind = DeriveKey(Version(), Stamp(), Password()).FromHex(); var msgHash = Cryptography.GenericHashNoKey(Encoding.UTF8.GetString(msg)); var sig = secp256k1.Sign(msgHash, blind); return(sig); } }
public void TestSecp256k1() { var priKey = Secp256k1.GeneratePrivateKey(); var pubKey = Secp256k1.DerivePublicKey(priKey); var msgHash = Keccack256.CalculateHash("hello world"); var signature = Secp256k1.Sign(msgHash, priKey); var recoveredPubKey = Secp256k1.RecoverPublickey(Keccack256.CalculateHash("hello world"), signature); Assert.True(pubKey.SequenceEqual(recoveredPubKey)); }
/// <summary> /// Sign the specified amount, version, stamp, secret and msg. /// </summary> /// <returns>The sign.</returns> /// <param name="amount">Amount.</param> /// <param name="version">Version.</param> /// <param name="stamp">Stamp.</param> /// <param name="secret">secret.</param> /// <param name="msg">Message.</param> public byte[] Sign(ulong amount, int version, string stamp, SecureString secret, SecureString salt, byte[] msg) { Guard.Argument(stamp, nameof(stamp)).NotNull().NotEmpty(); Guard.Argument(secret, nameof(secret)).NotNull(); Guard.Argument(msg, nameof(msg)).NotNull().MaxCount(32); using (var secp256k1 = new Secp256k1()) { var blind = DeriveKey(version, stamp, secret, salt).FromHex(); var sig = secp256k1.Sign(msg, blind); return(sig); } }
public string GetSignature(string strToSign, string privateKey) { var secp256k1 = new Secp256k1(); var messageBytes = Encoding.UTF8.GetBytes(strToSign); var messageHash = System.Security.Cryptography.SHA256.Create().ComputeHash(messageBytes); var signature = new byte[64]; if (secp256k1.Sign(signature, messageHash, HexStringToByteArray(privateKey))) { return(ByteArrayToHexString(signature)); } else { return(null); } }
/// <summary> /// Attaches the envelope. /// </summary> /// <param name="secp256k1">Secp256k1.</param> /// <param name="pedersen">Pedersen.</param> /// <param name="rangeProof">Range proof.</param> /// <param name="blindSum">Blind sum.</param> /// <param name="commitSum">Commit sum.</param> /// <param name="secret">Secret.</param> private void AttachEnvelope(Secp256k1 secp256k1, Pedersen pedersen, RangeProof rangeProof, byte[] blindSum, byte[] commitSum, ulong balance, SecureString secret) { var(k1, k2) = Split(blindSum, secret); Coin().Envelope.Commitment = commitSum.ToHex(); Coin().Envelope.Proof = k2.ToHex(); Coin().Envelope.PublicKey = pedersen.ToPublicKey(pedersen.Commit(0, k1)).ToHex(); Coin().Hash = Hash(Coin()).ToHex(); Coin().Envelope.Signature = secp256k1.Sign(Coin().Hash.FromHex(), k1).ToHex(); proofStruct = rangeProof.Proof(0, balance, blindSum, commitSum, Coin().Hash.FromHex()); var isVerified = rangeProof.Verify(commitSum, proofStruct); if (!isVerified) { throw new ArgumentOutOfRangeException(nameof(isVerified), "Range proof failed."); } }
public void SignTransaction(string secretKey) { var secp256k1 = new Secp256k1(); Span <byte> publicKey = new byte[64]; secp256k1.PublicKeyCreate(publicKey, secretKey.ToBytes()); //As only wallet owner can sign it's own transactions so //Public key genrated from secretKey must be equal to sender's wallet address (i.e. FromAddress) if (!publicKey.ToHex().Equals(FromAddress)) { throw new Exception("You cannot sign transactions for other wallets."); } var txHash = CalculateHash(); Span <byte> signature = new byte[64]; secp256k1.Sign(signature, txHash, secretKey.ToBytes()); Signature = signature.ToArray(); }
/// <summary> /// Sign the specified amount and msg. /// </summary> /// <returns>The sign.</returns> /// <param name="amount">Amount.</param> /// <param name="msg">Message.</param> public byte[] Sign(ulong amount, byte[] msg) { if (msg == null) { throw new ArgumentNullException(nameof(msg)); } if (msg.Length > 32) { throw new IndexOutOfRangeException(nameof(msg)); } using (var secp256k1 = new Secp256k1()) { var blind = DeriveKey(Version(), Stamp(), Password()).FromHex(); var msgHash = Cryptography.GenericHashNoKey(Encoding.UTF8.GetString(msg)); var sig = secp256k1.Sign(msgHash, blind); return(sig); } }
//Ignore this function as this is just to create Public Private key pairs for testing public static void GenerateKeys() { using (var secp256k1 = new Secp256k1()) { // privatekey= "105c301c92f5d956ad577105e71aba4d29cf7af04cd47c648244dd8ad677381f" // publickey = "7a89dec4cc7e0964ed4c5e517f1cfee7e4f145e8500f55fe0317f97e71b7ba5219a4215b1885ac547da87bd0155d02c9bbe0501d0670a4f481df2b42f2130c02" // Generate a private key. var privateKey = new byte[32]; var rnd = System.Security.Cryptography.RandomNumberGenerator.Create(); do { rnd.GetBytes(privateKey); }while (!secp256k1.SecretKeyVerify(privateKey)); var prk = ToHex(privateKey); // Create public key from private key. var publicKey = new byte[64]; Debug.Assert(secp256k1.PublicKeyCreate(publicKey, privateKey)); var pbk = ToHex(publicKey); // Sign a message hash. var messageBytes = Encoding.UTF8.GetBytes("Hello world."); var messageHash = System.Security.Cryptography.SHA256.Create().ComputeHash(messageBytes); var signature = new byte[64]; Debug.Assert(secp256k1.Sign(signature, messageHash, privateKey)); // Serialize a DER signature from ECDSA signature byte[] signatureDer = new byte[Secp256k1.SERIALIZED_DER_SIGNATURE_MAX_SIZE]; int outL = 0; Debug.Assert(secp256k1.SignatureSerializeDer(signatureDer, signature, out outL)); Array.Resize(ref signatureDer, outL); // Verify message hash. Debug.Assert(secp256k1.Verify(signature, messageHash, publicKey)); } }
/// <summary> /// Builds the coin. /// </summary> /// <returns>The coin.</returns> /// <param name="blindSum">Blind sum.</param> /// <param name="commitPos">Commit position.</param> /// <param name="commitNeg">Commit neg.</param> private CoinDto BuildCoin(byte[] blindSum, byte[] commitPos, byte[] commitNeg, bool receiver = false) { if (blindSum == null) { throw new ArgumentNullException(nameof(blindSum)); } if (blindSum.Length > 32) { throw new IndexOutOfRangeException(nameof(blindSum)); } if (commitPos == null) { throw new ArgumentNullException(nameof(commitPos)); } if (commitPos.Length > 33) { throw new IndexOutOfRangeException(nameof(commitPos)); } if (commitNeg == null) { throw new ArgumentNullException(nameof(commitNeg)); } if (commitNeg.Length > 33) { throw new IndexOutOfRangeException(nameof(commitNeg)); } CoinDto coin; bool isVerified; using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) { var commitSum = pedersen.CommitSum(new List <byte[]> { commitPos }, new List <byte[]> { commitNeg }); isVerified = receiver ? pedersen.VerifyCommitSum(new List <byte[]> { commitPos, commitNeg }, new List <byte[]> { Commit((ulong)Output(), blindSum) }) : pedersen.VerifyCommitSum(new List <byte[]> { commitPos }, new List <byte[]> { commitNeg, commitSum }); if (!isVerified) { throw new Exception(nameof(isVerified)); } var(k1, k2) = Split(blindSum); coin = MakeSingleCoin(); coin.Envelope.Commitment = commitSum.ToHex(); coin.Envelope.Proof = k2.ToHex(); coin.Envelope.PublicKey = pedersen.ToPublicKey(Commit(0, k1)).ToHex(); coin.Envelope.Signature = secp256k1.Sign(Hash(coin), k1).ToHex(); coin.Hash = Hash(coin).ToHex(); } return(coin); }
/// <summary> /// Builds the coin. /// </summary> /// <returns>The coin.</returns> /// <param name="blindSum">Blind sum.</param> /// <param name="commitPos">Commit position.</param> /// <param name="commitNeg">Commit neg.</param> private CoinDto BuildCoin(byte[] blindSum, byte[] commitPos, byte[] commitNeg, bool isReceiver = false) { Guard.Argument(blindSum, nameof(blindSum)).NotNull().MaxCount(32); Guard.Argument(commitPos, nameof(commitPos)).NotNull().MaxCount(33); Guard.Argument(commitNeg, nameof(commitNeg)).NotNull().MaxCount(33); CoinDto coin = null; bool isVerified; using (var secp256k1 = new Secp256k1()) using (var pedersen = new Pedersen()) using (var rangeProof = new RangeProof()) { try { var commitSum = pedersen.CommitSum(new List <byte[]> { commitPos }, new List <byte[]> { commitNeg }); var naTInput = NaT(Input()); var naTOutput = NaT(Output()); var naTChange = naTInput - naTOutput; isVerified = isReceiver ? pedersen.VerifyCommitSum(new List <byte[]> { commitPos, commitNeg }, new List <byte[]> { Commit(naTOutput, blindSum) }) : pedersen.VerifyCommitSum(new List <byte[]> { commitPos }, new List <byte[]> { commitNeg, commitSum }); if (!isVerified) { throw new ArgumentOutOfRangeException(nameof(isVerified), "Verify commit sum failed."); } var(k1, k2) = Split(blindSum, isReceiver); coin = MakeSingleCoin(); coin.Envelope.Commitment = isReceiver ? Commit(naTOutput, blindSum).ToHex() : commitSum.ToHex(); coin.Envelope.Proof = k2.ToHex(); coin.Envelope.PublicKey = pedersen.ToPublicKey(Commit(0, k1)).ToHex(); coin.Envelope.Signature = secp256k1.Sign(Hash(coin), k1).ToHex(); coin.Hash = Hash(coin).ToHex(); proofStruct = isReceiver ? rangeProof.Proof(0, naTOutput, blindSum, coin.Envelope.Commitment.FromHex(), coin.Hash.FromHex()) : rangeProof.Proof(0, naTChange, blindSum, coin.Envelope.Commitment.FromHex(), coin.Hash.FromHex()); isVerified = rangeProof.Verify(coin.Envelope.Commitment.FromHex(), proofStruct); if (!isVerified) { throw new ArgumentOutOfRangeException(nameof(isVerified), "Range proof failed."); } } catch (Exception ex) { logger.LogError($"Message: {ex.Message}\n Stack: {ex.StackTrace}"); } } return(coin); }