def verify(self,msg,sig,pu_key):
""" Verifies a message signature.
Args:
msg (bytes) : the message hash to verify the signature
sig (bytes) : signature to verify
pu_key (ecpy.keys.ECPublicKey): key to use for verifying
"""
curve = pu_key.curve
n = curve.order
G = curve.generator
r,s = decode_sig(sig, self.fmt)
if (r == None or s == None or
r == 0 or r >= n or
s == 0 or s >= n ) :
return False
h = int.from_bytes(msg,'big')
c = pow(s, n-2, n)
u1 = (h*c)%n
u2 = (r*c)%n
u1G = u1*G
u2Q = u2*pu_key.W
GQ = u1G+u2Q
if GQ.is_infinity:
return False
x = GQ.x % n
return x == r
def verify(self, msg, sig, pu_key):
""" Verifies a message signature.
Args:
msg (bytes) : the message to verify the signature
sig (bytes) : signature to verify
pu_key (ecpy.keys.ECPublicKey): key to use for verifying
"""
curve = pu_key.curve
n = curve.order
size = curve.size >> 3
#eR = sig[0:size]
#S = int.from_bytes(sig[size:],'little')
eR, S = decode_sig(sig, self.fmt)
#left
eR = eR.to_bytes(size, 'little')
R = curve.decode_point(eR)
hasher = self._hasher()
eA = curve.encode_point(pu_key.W)
hasher.update(eR + eA + msg)
h = hasher.digest()
h = int.from_bytes(h, 'little')
h = h % n
A = pu_key.W
left = R + h * A
#right
right = S * curve.generator
return left == right
def verify(self, msg, sig, pu_key):
""" Verifies a message signature.
Args:
msg (bytes) : the message hash to verify the signature
sig (bytes) : signature to verify
pu_key (ecpy.keys.ECPublicKey): key to use for verifying
"""
curve = pu_key.curve
n = curve.order
G = curve.generator
r, s = decode_sig(sig, self.fmt)
if (r == None or s == None or r == 0 or r >= n or s == 0 or s >= n):
return False
h = int.from_bytes(msg, 'big')
if n.bit_length() < h.bit_length():
# h is the 'n.bit_length()' leftmost bits of the received h value,
# leading zeroes included (if any).
hbyteslen = (h.bit_length() + 7) // 8
h = int(format(h, f'0{8*hbyteslen}b')[:n.bit_length()], 2)
c = pow(s, n - 2, n)
u1 = (h * c) % n
u2 = (r * c) % n
u1G = u1 * G
u2Q = u2 * pu_key.W
GQ = u1G + u2Q
if GQ.is_infinity:
return False
x = GQ.x % n
return x == r
def verify(self, msg, sig, pu_key):
""" Verifies a message signature.
Args:
msg (bytes) : the message hash to verify the signature
sig (bytes) : signature to verify
pu_key (ecpy.keys.ECPublicKey): key to use for verifying
"""
curve = pu_key.curve
n = pu_key.curve.order
G = pu_key.curve.generator
size = curve.size >> 3
r, s = decode_sig(sig, self.fmt)
if (r == None or r > (pow(2, size * 8) - 1) or s == 0 or s > n - 1):
return False
hasher = self._hasher()
if self.option == "ISO":
sG = s * G
rW = r * pu_key.W
Q = sG - rW
xQ = Q.x.to_bytes(size, 'big')
yQ = Q.y.to_bytes(size, 'big')
hasher.update(xQ + yQ + msg)
v = hasher.digest()
v = int.from_bytes(v, 'big')
elif self.option == "ISOx":
sG = s * G
rW = r * pu_key.W
Q = sG - rW
xQ = Q.x.to_bytes(size, 'big')
hasher.update(xQ + msg)
v = hasher.digest()
v = int.from_bytes(v, 'big')
elif self.option == "BSI":
sG = s * G
rW = r * pu_key.W
Q = sG + rW
xQ = (Q.x).to_bytes(size, 'big')
hasher.update(msg + xQ)
v = hasher.digest()
v = int.from_bytes(v, 'big')
elif self.option == "LIBSECP":
rb = r.to_bytes(size, 'big')
hasher.update(rb + msg)
h = hasher.digest()
h = int.from_bytes(h, 'big')
if h == 0 or h > n:
return 0
sG = s * G
hW = h * pu_key.W
R = sG + hW
v = R.x % n
return v == r
def gen_random_tx(curve):
n = curve.order
P = curve.generator
sA = random.randint(0, n)
sk = ECPrivateKey(sA, curve)
QA = sA * P
pk = ECPublicKey(QA)
payee_sA = random.randint(0, n)
payee_sk = ECPrivateKey(payee_sA, curve)
payee_QA = sA * P
payee_pk = ECPublicKey(payee_QA)
sum_string = "*** Bitcoin transaction ***\n"
serial = random.getrandbits(128)
sum_string += "Serial number: " + str(serial) + "\n"
sum_string += "Payer Public key - x: " + str(QA.x) + "\n"
sum_string += "Payer Public key - y: " + str(QA.y) + "\n"
sum_string += "Payee Public key - x: " + str(payee_QA.x) + "\n"
sum_string += "Payee Public key - y: " + str(payee_QA.y) + "\n"
amount = random.randint(1, 1000000)
sum_string += "Amount: " + str(amount) + " Satoshi" + "\n"
signer = ECDSA()
sig = signer.sign(sum_string.encode('UTF-8'), sk)
(r, s) = decode_sig(sig)
# k = random.randint(1, n - 1)
# R = k * P
# r = R.x % n
# #r = str(r).encode('UTF-8')
# h = hashlib.sha3_256()
# h.update(sum_string.encode('UTF-8'))
# # h.update(str(r).encode('UTF-8'))
# #h.update(r) # m + r
# s = (modinv(k, n) * ((int(h.hexdigest(), 16)) + (sA * r))) % n
# #h = int(h.hexdigest(), 16)
sum_string += "Signature - r: " + str(r) + "\n"
sum_string += "Signature - s: " + str(s) + "\n"
return sum_string
def verify(self, msg, sig, pu_key):
""" Verifies a message signature.
Args:
msg (bytes) : the message to verify the signature
sig (bytes) : signature to verify
pu_key (ecpy.keys.ECPublicKey): key to use for verifying
"""
curve = pu_key.curve
n = curve.order
size = curve._coord_size()
eR, S = decode_sig(sig, self.fmt)
#left
eR = eR.to_bytes(size, 'little')
R = curve.decode_point(eR)
hasher = self._hasher()
eA = curve.encode_point(pu_key.W)
if curve.name == 'Ed448':
hasher.update(b'SigEd448\x00\x00')
hasher.update(eR)
hasher.update(eA)
hasher.update(msg)
h = hasher.digest(self._hash_len)
elif curve.name == 'Ed521':
hasher.update(b'SigEd521\x00\x00')
hasher.update(eR)
hasher.update(eA)
hasher.update(msg)
h = hasher.digest(self._hash_len)
elif curve.name == 'Ed25519':
hasher.update(eR)
hasher.update(eA)
hasher.update(msg)
h = hasher.digest()
else:
assert False, '%s not supported' % curve.name
h = int.from_bytes(h, 'little')
h = h % n
A = pu_key.W
left = R + h * A
#right
right = S * curve.generator
return left == right
def gen_random_tx(curve):
# get a random 128 BIT integer for serial number
serial_num = Num.getRandomNBitInteger(128)
# create the public key for sender
n = curve.order
P = curve.generator
sA = Num.getRandomRange(0, n + 1)
sK = ECPrivateKey(sA, curve)
QA = sA * P
pk = ECPublicKey(QA)
signer = ECDSA()
# create the public key for sendee
sA_2 = Num.getRandomRange(0, n + 1)
sK_2 = ECPrivateKey(sA_2, curve)
P2 = curve.generator
QA_2 = sA_2 * P2
pk_2 = ECPublicKey(QA_2)
# header for the block
temp = "*** Bitcoin transaction ***\n"
# add the serial number to the block
temp = temp + "Serial number: " + str(serial_num) + "\n"
# write payers public keys
temp = temp + "Payer public key - x: " + str(QA.x) + "\n"
temp = temp + "Payer public key - y: " + str(QA.y) + "\n"
# write payees public keys
temp = temp + "Payee public key - x: " + str(QA_2.x) + "\n"
temp = temp + "Payee public key - y: " + str(QA_2.y) + "\n"
# get random transaction val
amount = Num.getRandomRange(0, 1000001)
temp = temp + "Amount: " + str(amount) + "\n"
sig = signer.sign(temp.encode("utf-8"), sK)
(r, s) = decode_sig(sig)
temp = temp + "Signature (r): " + str(r) + "\n"
temp = temp + "Signature (s): " + str(s) + "\n"
return temp
def verify(self,msg,sig,pu_key):
""" Verifies a message signature.
Args:
msg (bytes) : the message hash to verify the signature
sig (bytes) : signature to verify
pu_key (ecpy.keys.ECPublicKey): key to use for verifying
"""
curve = pu_key.curve
n = curve.order
G = curve.generator
r,s = decode_sig(sig, self.fmt)
if (r == None or s == None or
r == 0 or r >= n or
s == 0 or s >= n ) :
return False
# if "msg (hash) bit length" is greater that the "domain bit length",
# we only consider the left most "domain bit length" of message.
msg_len = len(msg)*8;
h = int.from_bytes(msg, 'big')
if msg_len > curve.size:
h = h >> (msg_len-curve.size)
c = pow(s, n-2, n)
u1 = (h*c)%n
u2 = (r*c)%n
u1G = u1*G
u2Q = u2*pu_key.W
GQ = u1G+u2Q
if GQ.is_infinity:
return False
x = GQ.x % n
return x == r
def gen_random_tx(curve):
serial = random.randrange(pow(2, 127), pow(2, 128))
amount = random.randrange(1, 1000001)
n = curve.order
P = curve.generator
sA = random.randint(0, n)
sB = random.randint(0, n)
skA = ECPrivateKey(sA, curve)
skB = ECPrivateKey(sB, curve)
QA = sA * P
QB = sB * P
pkA = ECPublicKey(QA)
pkB = ECPublicKey(QB)
signer = ECDSA()
trans = "**** Bitcoin transaction ****" + \
"\nSerial number: " + str(serial) + \
"\nPayer public key - x: " + str(QA.x) + \
"\nPayer public key - y: " + str(QA.y) + \
"\nPayee public key - x: " + str(QB.x) + \
"\nPayee public key - y: " + str(QB.y) + \
"\nAmount: " + str(amount) + "\n"
t = trans.encode("UTF-8")
sig = signer.sign(t, skA)
(r, s) = decode_sig(sig)
trans += "Signature (r): " + str(r) + "\n" + "Signature (s): " + str(
s) + "\n"
return trans
def gen_random_tx(curve):
serial = random.randint(0,
2**128 - 1) # creates 128 bit random serial number
n = curve.order
P = curve.generator
sA = random.randint(0, n)
sk = ECPrivateKey(sA, curve)
QA = sA * P
pk = ECPublicKey(QA)
sB = random.randint(0, n)
skB = ECPrivateKey(sB, curve)
QB = sB * P
pkB = ECPublicKey(QB)
amount = random.randint(1, 1000000) # create a random int for amount
transaction = "**** Bitcoin transaction ****\n"
transaction += "Serial number: " + str(serial) + "\n"
transaction += "Payer public key - x: " + str(QA.x) + "\n"
transaction += "Payer public key - y: " + str(QA.y) + "\n"
transaction += "Payee public key - x: " + str(QB.x) + "\n"
transaction += "Payee public key - y: " + str(QB.y) + "\n"
transaction += "Amount: " + str(amount) + "\n"
signer = ECDSA()
message = transaction
message = message.encode('UTF-8')
sig = signer.sign(message, sk)
(r, s) = decode_sig(sig)
transaction += "Signature (r): " + str(r) + "\n"
transaction += "Signature (s): " + str(s) + "\n"
return transaction
curve = Curve.get_curve('secp256k1')
n = curve.order
P = curve.generator
sA = random.randint(0,n)
sk = ECPrivateKey(sA, curve)
QA = sA*P
pk = ECPublicKey(QA)
signer = ECDSA()
message = b'Anything goes here'
sig = signer.sign(message, sk)
(r, s) = decode_sig(sig)
f = open("deneme.txt", "w")
f.write("Public key - x: " + str(QA.x)+"\n")
f.write("Public key - y: " + str(QA.y)+"\n")
f.write("Signature - r: " + str(r)+"\n")
f.write("Signature - s: " + str(s)+"\n")
f.close()
f = open("deneme.txt", "r")
x1 = int(f.readline()[16:-1])
y1 = int(f.readline()[16:-1])
r1 = int(f.readline()[15:-1])
s1 = int(f.readline()[15:-1])
f.close()
