예제 #1
0
        public static Signature Sign(SigningTranscript st, SecretKey secretKey, PublicKey publicKey, RandomGenerator rng)
        {
            st.SetProtocolName(GetStrBytes("Schnorr-sig"));
            st.CommitPoint(GetStrBytes("sign:pk"), publicKey.Key);

            var r = st.WitnessScalar(GetStrBytes("signing"), secretKey.nonce, rng);

            var tbl = new RistrettoBasepointTable();
            var R   = tbl.Mul(r).Compress();

            st.CommitPoint(GetStrBytes("sign:R"), R);

            Scalar k = st.ChallengeScalar(GetStrBytes("sign:c"));  // context, message, A/public_key, R=rG

            k.Recalc();
            secretKey.key.Recalc();
            r.Recalc();

            var scalar = k.ScalarInner * secretKey.key.ScalarInner + r.ScalarInner;

            var s = new Scalar {
                ScalarBytes = scalar.ToBytes()
            };

            s.Recalc();

            return(new Signature {
                R = R, S = s
            });
        }
예제 #2
0
        public static bool Verify(byte[] signature, byte[] publicKey, byte[] message)
        {
            var s = new Signature();

            s.FromBytes(signature);
            var pk             = new PublicKey(publicKey);
            var signingContext = new SigningContext085(Encoding.UTF8.GetBytes("substrate"));
            var st             = new SigningTranscript(signingContext);

            signingContext.ts = signingContext.Bytes(message);

            return(Verify(st, s, pk));
        }
예제 #3
0
        internal static bool Verify(SigningTranscript st, Signature sig, PublicKey publicKey)
        {
            st.SetProtocolName(GetStrBytes("Schnorr-sig"));
            st.CommitPoint(GetStrBytes("pk"), publicKey.Key);
            st.CommitPoint(GetStrBytes("no"), sig.R);

            var k  = st.ChallengeScalar(GetStrBytes("")); // context, message, A/public_key, R=rG
            var ep = publicKey.GetEdwardsPoint().Negate();

            var R = RistrettoPoint.VartimeDoubleScalarMulBasepoint(k, ep, sig.S);

            return(new RistrettoPoint(R).Compress().Equals(sig.R));
        }
예제 #4
0
        public static byte[] SignSimple(byte[] publicKey, byte[] secretKey, byte[] message)
        {
            var sk             = SecretKey.FromBytes085(secretKey);
            var pk             = new PublicKey(publicKey);
            var signingContext = new SigningContext085(Encoding.UTF8.GetBytes("substrate"));
            var st             = new SigningTranscript(signingContext);

            signingContext.ts = signingContext.Bytes(message);
            var rng = new Simple();
            var sig = Sign(st, sk, pk, rng);

            return(sig.ToBytes());
        }
예제 #5
0
 internal Signature Sign(SigningTranscript st, SecretKey secretKey, PublicKey publicKey)
 {
     return(Sign(st, secretKey, publicKey, _rng));
 }