maybe ecdsa

2024-11-20 10:38:42 +01:00 · 2013-03-10 06:55:46 +01:00 · 2013-03-10 06:55:46 +01:00 · c82e1eeead
commit c82e1eeead
parent 83e640f0ba
3 changed files with 36 additions and 25 deletions
--- a/ecdsa.h
+++ b/ecdsa.h
@ -26,6 +26,8 @@ private:
    Number r,s;

 public:
+    Signature(Context &ctx) : r(ctx), s(ctx) {}
+
    bool Verify(Context &ctx, const GroupElemJac &pubkey, const Number &message) {
        const GroupConstants &c = GetGroupConst();

@ -37,17 +39,23 @@ public:
            return false;

        Context ct(ctx);
-        Number sn(ct); sn.SetModInverse(ct, s, c.order);
-        Number u1(ct); u1.SetModMul(ct, sn, message, c.order);
-        Number u2(ct); u2.SetModMul(ct, sn, r, c.order);
+        Number sn(ct), u1(ct), u2(ct), xrn(ct);
+        sn.SetModInverse(ct, s, c.order);
+        u1.SetModMul(ct, sn, message, c.order);
+        u2.SetModMul(ct, sn, r, c.order);
        GroupElemJac pr; ECMult(ct, pr, pubkey, u2, u1);
        if (pr.IsInfinity())
            return false;
        FieldElem xr; pr.GetX(xr);
        unsigned char xrb[32]; xr.GetBytes(xrb);
-        Number xrn(ct); xrn.SetBytes(xrb,32); xrn.SetMod(ct,xrn,c.order);
+        xrn.SetBytes(xrb,32); xrn.SetMod(ct,xrn,c.order);
        return xrn.Compare(r) == 0;
    }
+
+    void SetRS(const Number &rin, const Number &sin) {
+        r = rin;
+        s = sin;
+    }
 };

 }
--- a/num.h
+++ b/num.h
@ -127,6 +127,9 @@ public:
    void SetHex(const std::string &str) {
        BN_hex2bn(&bn, str.c_str());
    }
+    void SetPseudoRand(const Number &max) {
+        BN_pseudo_rand_range(bn, max.bn);
+    }
    void SplitInto(Context &ctx, int bits, Number &low, Number &high) const {
        BN_copy(low.bn, bn);
        BN_mask_bits(low.bn, bits);
--- a/secp256k1.cpp
+++ b/secp256k1.cpp
@ -10,31 +10,31 @@ using namespace secp256k1;

 int main() {
    Context ctx;
-    FieldElem x,y;
+    FieldElem x;
    const Number &order = GetGroupConst().order;
-    x.SetHex("8b30bbe9ae2a990696b22f670709dff3727fd8bc04d3362c6c7bf458e2846004");
-    y.SetHex("a357ae915c4a65281309edf20504740f0eb3343990216b4f81063cb65f2f7e0f");
-    GroupElemJac a(x,y);
-    printf("a=%s\n", a.ToString().c_str());
-    Number an(ctx);
-    an.SetHex("8b30bce9ad2a890696b23f671709eff3727fd8cc04d3362c6c7bf458f2846fff");
-    Number af(ctx);
-    af.SetHex("1337");
-    printf("an=%s\n", an.ToString().c_str());
-    Number gn(ctx);
-    gn.SetHex("f557be925d4b65381409fdf30514750f1eb4343a91216a4f71163cb35f2f6e0e");
-    Number gf(ctx);
-    gf.SetHex("7113");
-    printf("gn=%s\n", gn.ToString().c_str());
+    Number r(ctx), s(ctx), m(ctx);
+    Signature sig(ctx);
+    x.SetHex("a357ae915c4a65281309edf20504740f0eb3343990216b4f81063cb65f2f7e0f");
+    int cnt = 0;
+    int good = 0;
    for (int i=0; i<1000000; i++) {
-        ECMult(ctx, a, a, an, gn);
+//        ECMult(ctx, a, a, an, gn);
 //        an.SetModMul(ctx, af, order);
 //        gn.SetModMul(ctx, gf, order);
-          an.Inc();
-          gn.Inc();
+//          an.Inc();
+//          gn.Inc();
+        r.SetPseudoRand(order);
+        s.SetPseudoRand(order);
+        if (i == 0)
+            x.SetSquare(x);
+        m.SetPseudoRand(order);
+        sig.SetRS(r,s);
+        GroupElemJac pubkey; pubkey.SetCompressed(x, true);
+        if (pubkey.IsValid()) {
+            cnt++;
+            good += sig.Verify(ctx, pubkey, m);
+        }
    }
-    printf("%s\n", an.ToString().c_str());
-    printf("%s\n", gn.ToString().c_str());
-    printf("%s\n", a.ToString().c_str());
+    printf("%i/%i\n", good, cnt);
    return 0;
 }