def ecdsa_raw_recover(msg_hash, vrs): # type: (bytes, Tuple[int, int, int]) -> Optional[bytes] v, r, s = vrs v += 27 if not (27 <= v <= 34): raise BadSignature("%d must in range 27-31" % v) x = r xcubedaxb = (x * x * x + A * x + B) % P beta = pow(xcubedaxb, (P + 1) // 4, P) y = beta if v % 2 ^ beta % 2 else (P - beta) # If xcubedaxb is not a quadratic residue, then r cannot be the x coord # for a point on the curve, and so the sig is invalid if (xcubedaxb - y * y) % P != 0 or not (r % N) or not (s % N): raise BadSignature("Invalid signature") z = big_endian_to_int(msg_hash) Gz = jacobian_multiply((Gx, Gy, 1), (N - z) % N) XY = jacobian_multiply((x, y, 1), s) Qr = jacobian_add(Gz, XY) Q = jacobian_multiply(Qr, inv(r, N)) raw_public_key = from_jacobian(Q) return encode_raw_public_key(raw_public_key)
def __init__( self, signature_bytes: bytes = None, vrs: Tuple[int, int, int] = None, backend: 'Union[BaseECCBackend, Type[BaseECCBackend], str, None]' = None, ) -> None: if bool(signature_bytes) is bool(vrs): raise TypeError( "You must provide one of `signature_bytes` or `vrs`") elif signature_bytes: validate_signature_bytes(signature_bytes) try: self.r = big_endian_to_int(signature_bytes[0:32]) self.s = big_endian_to_int(signature_bytes[32:64]) self.v = ord(signature_bytes[64:65]) except ValidationError as err: raise BadSignature(str(err)) elif vrs: v, r, s, = vrs try: self.v = v self.r = r self.s = s except ValidationError as err: raise BadSignature(str(err)) else: raise TypeError("Invariant: unreachable code path") super().__init__(backend=backend)
def verify_advertisement_signature( content_id: ContentID, hash_tree_root: Hash32, expires_at: datetime.datetime, signature: keys.Signature, public_key: keys.PublicKey, ) -> None: signing_message = create_advertisement_signing_message( content_id, hash_tree_root, expires_at) if not public_key.verify_msg(signing_message, signature): raise BadSignature("Signature does not validate")
def __init__(self, rs: Tuple[int, int], backend: 'Union[BaseECCBackend, Type[BaseECCBackend], str, None]' = None ) -> None: for value in rs: try: validate_signature_r_or_s(value) except ValidationError as error: raise BadSignature(error) from error self._r, self._s = rs super().__init__(backend=backend)
def __init__(self, signature_bytes=None, vrs=None): if bool(signature_bytes) is bool(vrs): raise TypeError( "You must provide one of `signature_bytes` or `vrs`") elif signature_bytes: validate_signature_bytes(signature_bytes) try: self.r = big_endian_to_int(signature_bytes[0:32]) self.s = big_endian_to_int(signature_bytes[32:64]) self.v = ord(signature_bytes[64:65]) except ValidationError as err: raise BadSignature(str(err)) elif vrs: v, r, s, = vrs try: self.v = v self.r = r self.s = s except ValidationError as err: raise BadSignature(str(err)) else: raise TypeError("Invariant: unreachable code path")
def ecdsa_recover(self, msg_hash, signature): signature_bytes = signature.to_bytes() try: public_key_bytes = self.keys.PublicKey.from_signature_and_message( signature_bytes, msg_hash, hasher=None, ).format(compressed=False)[1:] except (ValueError, Exception) as err: # `coincurve` can raise `ValueError` or `Exception` dependending on # how the signature is invalid. raise BadSignature(str(err)) public_key = self.PublicKey(public_key_bytes) return public_key
def ecdsa_raw_verify(msg_hash, vrs, public_key_bytes): raw_public_key = decode_public_key(public_key_bytes) v, r, s = vrs v += 27 if not (27 <= v <= 34): raise BadSignature("Invalid Signature") w = inv(s, N) z = big_endian_to_int(msg_hash) u1, u2 = z * w % N, r * w % N x, y = fast_add( fast_multiply(G, u1), fast_multiply(raw_public_key, u2), ) return bool(r == x and (r % N) and (s % N))