Browse Source

cryptopp recover public key

cl-refactor
subtly 10 years ago
parent
commit
98f3011aab
  1. 39
      libdevcrypto/EC.cpp
  2. 8
      test/crypto.cpp

39
libdevcrypto/EC.cpp

@ -153,24 +153,33 @@ bool crypto::verify(Public const& _p, Signature const& _sig, bytesConstRef _mess
Public crypto::recover(Signature _signature, bytesConstRef _message)
{
secp256k1_start();
Integer heInt(_message.data(), 32);
int pubkeylen = 65;
byte pubkey[pubkeylen];
if (!secp256k1_ecdsa_recover_compact(_message.data(), 32, _signature.data(), pubkey, &pubkeylen, 0, (int)_signature[64]))
return Public();
// a different curve would require additional check for v (aka, recid)
Integer r(_signature.data(), 32);
Integer s(_signature.data()+32, 32);
unsigned recid = _signature[64];
#if ETH_CRYPTO_TRACE
h256* sig = (h256 const*)_signature.data();
cout << "---- RECOVER -------------------------------" << endl;
cout << "MSG: " << _message << endl;
cout << "R S V: " << sig[0] << " " << sig[1] << " " << (int)(_signature[64] - 27) << "+27" << endl;
cout << "PUB: " << toHex(bytesConstRef(&(pubkey[1]), 64)) << endl;
#endif
byte encodedpoint[33];
encodedpoint[0] = recid|2;
memcpy(&encodedpoint[1], _signature.data(), 32);
ECP::Element x;
secp256k1Params.GetCurve().DecodePoint(x, encodedpoint, 33);
if (!secp256k1Params.GetCurve().VerifyPoint(x))
BOOST_THROW_EXCEPTION(InvalidState());
Public ret;
memcpy(&ret, &(pubkey[1]), sizeof(Public));
return ret;
Integer rn = r.InverseMod(secp256k1Params.GetGroupOrder());
Integer u1 = secp256k1Params.GetGroupOrder() - (rn.Times(heInt)).Modulo(secp256k1Params.GetGroupOrder());
Integer u2 = (rn.Times(s)).Modulo(secp256k1Params.GetGroupOrder());
ECP::Point p = secp256k1Params.GetCurve().CascadeMultiply(u2, x, u1, secp256k1Params.GetSubgroupGenerator());
byte recoveredbytes[65];
secp256k1Params.GetCurve().EncodePoint(recoveredbytes, p, false);
Public recovered;
memcpy(recovered.data(), &recoveredbytes[1], 64);
return recovered;
}
bool crypto::verifySecret(Secret const& _s, Public const& _p)

8
test/crypto.cpp

@ -172,19 +172,19 @@ BOOST_AUTO_TEST_CASE(cryptopp_ecdsa_sipaseckp256k1)
Integer nB(fromHex("f2ee15ea639b73fa3db9b34a245bdfa015c260c598b211bf05a1ecc4b3e3b4f2").data(), 32);
BOOST_REQUIRE(nHex == nB);
bytes sbytes(fromHex("0x01"));
bytes sbytes(fromHex("0xFFFF"));
Secret secret(sha3(sbytes)); // 5fe7f977e71dba2ea1a68e21057beebb9be2ac30c6410aa38d4f3fbe41dcffd2
KeyPair key(secret);
bytes m(fromHex("0x01"));
int tests = 2;
bytes m(fromHex("0xFF"));
int tests = 3;
while (m[0]++, tests--)
{
h256 hm(sha3(m));
Integer hInt(hm.asBytes().data(), 32);
h256 k(hm ^ key.sec());
Integer kInt(k.asBytes().data(), 32);
// raw sign w/cryptopp (doesn't pass through cryptopp hash filter)
ECDSA<ECP, SHA3_256>::Signer signer;
pp::initializeDLScheme(key.sec(), signer);

Loading…
Cancel
Save