def test_sign_verify_min_max(self):
sk = secp256k1.generate_secret()
pk = secp256k1.publickey(sk)
dig = bytes([1] + [0] * 31)
sig = secp256k1.sign(sk, dig)
self.assertTrue(secp256k1.verify(pk, sig, dig))
dig = bytes([0] * 31 + [1])
sig = secp256k1.sign(sk, dig)
self.assertTrue(secp256k1.verify(pk, sig, dig))
dig = bytes([0xFF] * 32)
sig = secp256k1.sign(sk, dig)
self.assertTrue(secp256k1.verify(pk, sig, dig))
def test_sign_verify_random(self):
for _ in range(100):
sk = secp256k1.generate_secret()
pk = secp256k1.publickey(sk)
dig = random.bytes(32)
sig = secp256k1.sign(sk, dig)
self.assertTrue(secp256k1.verify(pk, sig, dig))
def verify_ecdsa(self, digest: bytes) -> None:
try:
i = 0
for der_signature, _ in self.signatures:
signature = decode_der_signature(der_signature)
while not secp256k1.verify(self.public_keys[i], signature, digest):
i += 1
except Exception:
raise wire.DataError("Invalid signature")
def verify(self, digest: bytes) -> None:
# It is up to the caller to ensure that the digest is appropriate for
# the hash type used by the signatures. If a signature is using a
# different hash type than expected, then verification will fail. To
# return the proper error message, the caller can optionally check the
# hash type by using ensure_hash_type() before calling verify.
try:
i = 0
for der_signature, _ in self.signatures:
signature = decode_der_signature(der_signature)
while not secp256k1.verify(self.public_keys[i], signature, digest):
i += 1
except Exception:
raise wire.DataError("Invalid signature")
def verify_content_signature(public_key: bytes, signature: bytes,
unsigned_data: bytes) -> bool:
msghash = sha256(unsigned_data).digest()
return secp256k1.verify(public_key, signature, msghash)