public static bool VerifySignature(string publicKeyHex, string message, string signature)
{
var byt = Utils.HexToBytes(publicKeyHex);
var publicKey = PublicKey.fromString(byt);
return(Ecdsa.verify(message, Signature.fromBase64(signature), publicKey));
}
/// <summary>
/// Verify signed event webhook requests.
/// </summary>
/// <param name="publicKey">elliptic curve public key</param>
/// <param name="payload">event payload in the request body</param>
/// <param name="signature">value obtained from the 'X-Twilio-Email-Event-Webhook-Signature' header</param>
/// <param name="timestamp">value obtained from the 'X-Twilio-Email-Event-Webhook-Timestamp' header</param>
/// <returns>true or false if signature is valid</returns>
public bool VerifySignature(PublicKey publicKey, string payload, string signature, string timestamp)
{
var timestampedPayload = timestamp + payload;
var decodedSignature = Signature.fromBase64(signature);
return(Ecdsa.verify(timestampedPayload, decodedSignature, publicKey));
}
public static bool VerifySignature(string publicKeyHex, string message, string signature)
{
var @byte = publicKeyHex.ConvertHexToByteArray();
var publicKey = PublicKey.fromString(@byte);
return(Ecdsa.verify(message, Signature.fromBase64(signature), publicKey));
}
public void testVerifyRightMessage()
{
PrivateKey privateKey = new PrivateKey();
PublicKey publicKey = privateKey.publicKey();
string message = "This is the right message";
Signature signature = Ecdsa.sign(message, privateKey);
Assert.True(Ecdsa.verify(message, signature, publicKey));
}
public void testVerifyWrongMessage()
{
PrivateKey privateKey = new PrivateKey();
PublicKey publicKey = privateKey.publicKey();
string message1 = "This is the right message";
string message2 = "This is the wrong message";
Signature signature = Ecdsa.sign(message1, privateKey);
Assert.False(Ecdsa.verify(message2, signature, publicKey));
}
public bool IsValid()
{
if (this.FromAddress is null)
{
return(true);
}
if (this.Signature is null)
{
throw new Exception("No signature is in this transaction");
}
return(Ecdsa.verify(this.CalculateHash(), this.Signature, this.FromAddress));
}
public void testDerConversion()
{
PrivateKey privateKey = new PrivateKey();
string message = "This is a text message";
Signature signature1 = Ecdsa.sign(message, privateKey);
byte[] der = signature1.toDer();
Signature signature2 = Signature.fromDer(der);
Assert.Equal(signature1.r, signature2.r);
Assert.Equal(signature1.s, signature2.s);
}
public void testBase64Conversion()
{
PrivateKey privateKey = new PrivateKey();
string message = "This is a text message";
Signature signature1 = Ecdsa.sign(message, privateKey);
string base64 = signature1.toBase64();
Signature signature2 = Signature.fromBase64(base64);
Assert.Equal(signature1.r, signature2.r);
Assert.Equal(signature1.s, signature2.s);
}
public void SignTransaction(PrivateKey signingKey)
{
string fromAddressDER = BitConverter.ToString(FromAddress.toDer()).Replace("-", "");
string signingDER = BitConverter.ToString(signingKey.publicKey().toDer()).Replace("-", "");
if (fromAddressDER != signingDER)
{
throw new Exception("You cannot sign transactions for other wallet!");
}
string txHash = this.CalculateHash();
this.Signature = Ecdsa.sign(txHash, signingKey);
}
public void testAssign()
{
// Generated by: openssl ecparam -name secp256k1 -genkey -out privateKey.pem
string privateKeyPem = EllipticCurve.Utils.File.read("files/privateKey.pem");
PrivateKey privateKey = PrivateKey.fromPem(privateKeyPem);
string message = EllipticCurve.Utils.File.read("files/message.txt");
Signature signature = Ecdsa.sign(message, privateKey);
PublicKey publicKey = privateKey.publicKey();
Assert.True(Ecdsa.verify(message, signature, publicKey));
}
public SerializationBuilder WithDiscovery(PrivateKey privateKey)
{
Ecdsa ecdsa = new Ecdsa();
SameKeyGenerator privateKeyProvider = new SameKeyGenerator(privateKey);
PingMessageSerializer pingSerializer = new PingMessageSerializer(ecdsa, privateKeyProvider, new DiscoveryMessageFactory(_timestamper), new NodeIdResolver(ecdsa));
PongMessageSerializer pongSerializer = new PongMessageSerializer(ecdsa, privateKeyProvider, new DiscoveryMessageFactory(_timestamper), new NodeIdResolver(ecdsa));
FindNodeMessageSerializer findNodeSerializer = new FindNodeMessageSerializer(ecdsa, privateKeyProvider, new DiscoveryMessageFactory(_timestamper), new NodeIdResolver(ecdsa));
NeighborsMessageSerializer neighborsSerializer = new NeighborsMessageSerializer(ecdsa, privateKeyProvider, new DiscoveryMessageFactory(_timestamper), new NodeIdResolver(ecdsa));
return(With(pingSerializer)
.With(pongSerializer)
.With(findNodeSerializer)
.With(neighborsSerializer));
}
//method to evaluate if it is a valid transaction
public bool IsValid()
{
//mining rewards, no from address listed
if (this.FromAddress is null)
{
return(true);
}
//check for signature
if (this.Signature is null)
{
throw new Exception("No Signature in this transaction");
}
return(Ecdsa.verify(this.CalculateHash(), this.Signature, this.FromAddress));
}
public void testVerifySignature()
{
// openssl ec -in privateKey.pem -pubout -out publicKey.pem
string publicKeyPem = EllipticCurve.Utils.File.read("files/publicKey.pem");
// openssl dgst -sha256 -sign privateKey.pem -out signature.binary message.txt
byte[] signatureDer = EllipticCurve.Utils.File.readBytes("files/signatureDer.txt");
string message = EllipticCurve.Utils.File.read("files/message.txt");
PublicKey publicKey = PublicKey.fromPem(publicKeyPem);
Signature signature = Signature.fromDer(signatureDer);
Assert.True(Ecdsa.verify(message, signature, publicKey));
}
public bool Verify(byte[] data, byte[] sig)
{
switch (_type)
{
case COSE.KeyType.EC2:
{
var ecsig = CryptoUtils.SigFromEcDsaSig(sig, Ecdsa.KeySize);
return(Ecdsa.VerifyData(data, ecsig, CryptoUtils.algMap[(int)_alg]));
}
case COSE.KeyType.RSA:
{
return(Rsa.VerifyData(data, sig, CryptoUtils.algMap[(int)_alg], Padding));
}
case COSE.KeyType.OKP:
{
return(Chaos.NaCl.Ed25519.Verify(sig, data, EdDSAPublicKey));
}
}
throw new ArgumentOutOfRangeException(string.Format("Missing or unknown kty {0}", _type.ToString()));
}
public string CreateSignature(string message)
{
Signature signature = Ecdsa.sign(message, PrivKey);
return(signature.toBase64());
}
private void Client_ReceiveBroadcast(object?sender, BroadcastEventArgs e)
{
// 只处理超级节点上线广播
// 1 bytes: 0xff
// 1 bytes: ip版本
// 16,4 bytes: ip
// 2 bytes: port
// 4 bytes: 区块链时间戳(超过1小时丢弃)
// 32 bytes: 随机数
// 64 bytes: 超级节点公钥
// 64 bytes: 签名
if (e.Message.Length > 0 && e.Message[0] is 0xff)
{
ReadOnlyMemory <byte> data = e.Message.AsMemory(1);
int ipBytes;
IPAddress ipAddress;
if (data.Span[0] is 4)
{
ipAddress = new IPAddress(data.Span.Slice(1, 4));
ipBytes = 4;
}
else if (data.Span[0] is 6)
{
ipAddress = new IPAddress(data.Span.Slice(1, 16));
ipBytes = 16;
}
else
{
goto CancelForward;
}
int port = BinaryPrimitives.ReadUInt16BigEndian(data.Span.Slice(1 + ipBytes));
var endPoint = new IPEndPoint(ipAddress, port);
var time = BlockChainTimestamp.ToDateTime(BinaryPrimitives.ReadUInt32BigEndian(data.Span.Slice(3 + ipBytes)));
if (DateTime.Now - time >= TimeSpan.FromHours(1) || time - DateTime.Now >= TimeSpan.FromMinutes(5))
{
goto CancelForward; // 过期,丢弃并阻断广播
}
var(publicKey, _) = Deserializer.PublicKeyStruct(data.Span.Slice(39 + ipBytes));
var address = publicKey.ToAddress();
if (!client.System.ImmutableCampaignNodes.TryGetValue(address, out SuperNode? oldSuperNode))
{
goto CancelForward; // 非竞选节点,丢弃并阻断广播
}
var(sign, _) = Deserializer.Signature(data.Span.Slice(103 + ipBytes));
if (!Ecdsa.Verify(publicKey, data.Span.Slice(0, 103 + ipBytes).MessageHash(), sign))
{
goto CancelForward; // 错误的签名,丢弃并阻断广播
}
SuperNode superNode;
if (endPoint.Equals(oldSuperNode?.IPEndPoint)) // IP 端口与本地保存的一致
{
superNode = oldSuperNode;
}
else
{
superNode = new SuperNode(publicKey, endPoint);
client.System.ImmutableCampaignNodes[address] = superNode;
}
if (client.System.IsProducer(address) && !superNode.Connected)
{
e.Task = superNode.ConnectAsync().ContinueWith(task => {
task.Wait();
});
}
}
return;
CancelForward:
e.CancelForward();
}
public string CreateSignature(string message) => Ecdsa.sign(message, this.privateKey).toBase64();
