def verify_digest(digest_hex,
pubkey_hex,
sigb64,
curve=fastecdsa.curve.secp256k1,
hashfunc=hashlib.sha256):
"""
Verify a digest and signature with ECDSA
Return True if it matches
"""
Q = decode_pubkey_hex(str(pubkey_hex))
r, s = decode_signature(sigb64)
# validate Q, r, s
if not curve.is_point_on_curve(Q):
raise fastecdsa.ecdsa.EcdsaError(
'Invalid public key, point is not on curve {}'.format(curve.name))
elif r > curve.q or r < 1:
raise fastecdsa.ecdsa.EcdsaError(
'Invalid Signature: r is not a positive integer smaller than the curve order'
)
elif s > curve.q or s < 1:
raise fastecdsa.ecdsa.EcdsaError(
'Invalid Signature: s is not a positive integer smaller than the curve order'
)
qx, qy = Q
return _ecdsa.verify(str(r), str(s), digest_hex, str(qx), str(qy),
curve.name)
def verify(
sig: SigType, msg: MsgTypes, Q: Point, curve: Curve = P256, hashfunc=sha256, prehashed: bool = False) -> bool:
"""Verify a message signature using the elliptic curve digital signature algorithm.
The elliptic curve signature algorithm is described in full in FIPS 186-4 Section 6. Please
refer to http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf for more information.
Args:
| sig (int, int): The signature for the message.
| msg (str|bytes|bytearray): A message to be signed.
| Q (fastecdsa.point.Point): The ECDSA public key of the signer.
| curve (fastecdsa.curve.Curve): The curve to be used to sign the message.
| hashfunc (_hashlib.HASH): The hash function used to compress the message.
| prehashed (bool): The message being passed has already been hashed by :code:`hashfunc`.
Returns:
bool: True if the signature is valid, False otherwise.
Raises:
fastecdsa.ecdsa.EcdsaError: If the signature or public key are invalid. Invalid signature
in this case means that it has values less than 1 or greater than the curve order.
"""
if isinstance(Q, tuple):
Q = Point(Q[0], Q[1], curve)
r, s = sig
# validate Q, r, s (Q should be validated in constructor of Point already but double check)
if not curve.is_point_on_curve((Q.x, Q.y)):
raise EcdsaError('Invalid public key, point is not on curve {}'.format(curve.name))
elif r > curve.q or r < 1:
raise EcdsaError(
'Invalid Signature: r is not a positive integer smaller than the curve order')
elif s > curve.q or s < 1:
raise EcdsaError(
'Invalid Signature: s is not a positive integer smaller than the curve order')
if prehashed:
hashed = hexlify(msg).decode()
else:
hashed = hashfunc(msg_bytes(msg)).hexdigest()
return _ecdsa.verify(
str(r),
str(s),
hashed,
str(Q.x),
str(Q.y),
str(curve.p),
str(curve.a),
str(curve.b),
str(curve.q),
str(curve.gx),
str(curve.gy)
)
def verify(sig, msg, Q, curve=P256, hashfunc=sha256):
"""Verify a message signature using the elliptic curve digital signature algorithm.
The elliptic curve signature algorithm is described in full in FIPS 186-4 Section 6. Please
refer to http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf for more information.
Args:
| sig (long, long): The signature for the message.
| msg (str): A message to be signed.
| Q (fastecdsa.point.Point): The ECDSA public key of the signer.
| curve (fastecdsa.curve.Curve): The curve to be used to sign the message.
| hashfunc (_hashlib.HASH): The hash function used to compress the message.
Returns:
bool: True if the signature is valid, False otherwise.
Raises:
fastecdsa.ecdsa.EcdsaError: If the signature or public key are invalid. Invalid signature
in this case means that it has values less than 1 or greater than the curve order.
"""
if isinstance(Q, tuple):
Q = Point(Q[0], Q[1], curve)
r, s = sig
# validate Q, r, s (Q should be validated in constructor of Point already but double check)
if not curve.is_point_on_curve((Q.x, Q.y)):
raise EcdsaError('Invalid public key, point is not on curve {}'.format(
curve.name))
elif r > curve.q or r < 1:
raise EcdsaError(
'Invalid Signature: r is not a positive integer smaller than the curve order'
)
elif s > curve.q or s < 1:
raise EcdsaError(
'Invalid Signature: s is not a positive integer smaller than the curve order'
)
hashed = str(0x0d80b4919e2edb5e1ba3e619e8b60bfad25d16c4deec05a7)
#hashed = hashfunc(msg.encode()).hexdigest()
return _ecdsa.verify(str(r), str(s), hashed, str(Q.x), str(Q.y),
curve.name)