def gen_keypair() -> Tuple[ecdsa.Private_key, ecdsa.Public_key]: """ generate a new ecdsa keypair """ g = ecdsa.generator_secp256k1 d = SystemRandom().randrange(1, g.order()) pub = ecdsa.Public_key(g, g * d) priv = ecdsa.Private_key(pub, d) return priv, pub
def make_private_key(secret, p_number): """Make a private ECDSA key from an integer secret. """ try: generator = NBITS_TO_GENERATOR[p_number] except KeyError: raise ValueError('Only P-224 or P-256 supported, got P-%d' % p_number) return ecdsa.Private_key(generator, secret)
def dump_all_keys(): private_key = 0 pairs = [] for _ in xrange(args.num_reqs): private_key += 1 if args.curve == 224: private_key_obj = ecdsa.Private_key(ecdsa.generator_224, private_key) else: private_key_obj = ecdsa.Private_key(ecdsa.generator_256, private_key) product = private_key_obj.generator * private_key_obj.secret_multiplier public_key_obj = ecdsa.Public_key(private_key_obj.generator, product) pair = dump_tuple_private_public_key(private_key, public_key_obj.point.x(), public_key_obj.point.y()) pairs.append(pair) all = '%s' % (',\n'.join('%s' % p for p in pairs)) args.output.write(all)
def ecdsa_sign(private_key: bytes, data: bytes): data_hash = sha256_hash(data, 1) g = ecdsa.generator_256 n = g.order() randrange = random.SystemRandom().randrange secret = int.from_bytes(private_key, byteorder="big", signed=False) digest = int.from_bytes(data_hash, byteorder="big", signed=False) pub_key = ecdsa.Public_key(g, g * secret) pri_key = ecdsa.Private_key(pub_key, secret) signature = pri_key.sign(digest, randrange(1, n)) r = signature.r.to_bytes(32, byteorder="big", signed=False) s = signature.s.to_bytes(32, byteorder="big", signed=False) b = r + s return b
p << 'a\nb\n' >> "test=" test = int(p.recvline(), 16) print("test", hex(test)) print("s1", hex(s1)) print("s2", hex(s2)) assert r1 == r2 h1 = hash_message("message1") h2 = hash_message("message2") for v in (s1 - s2, s1 + s2, -s1 - s2, -s1 + s2): k = inverse_mod(v, ecdsa.generator_secp256k1.order()) * ( h1 - h2) % ecdsa.generator_secp256k1.order() d = inverse_mod(r1, ecdsa.generator_secp256k1.order()) * ( k * s1 - h1) % ecdsa.generator_secp256k1.order() g = ecdsa.generator_secp256k1 pub = ecdsa.Public_key(g, g * d) priv = ecdsa.Private_key(pub, d) if pub.verifies(h1, ecdsa.Signature(r1, s1)): break sig = priv.sign(test, 1) p >> 'r? ' << hex(sig.r) << '\n' p >> 's? ' << hex(sig.s) << '\n' flag = p.recvline().decode('utf8') print("got flag", str(flag))