Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make Ecdsa.verify() more flexible #15

Open
windsurfer1122 opened this issue Feb 10, 2020 · 1 comment
Open

Make Ecdsa.verify() more flexible #15

windsurfer1122 opened this issue Feb 10, 2020 · 1 comment

Comments

@windsurfer1122
Copy link

Issue:
Having the conversion to "byte string", the hashing plus conversion to integer inside the Ecdsa.verify() function is highly unflexible and can be performing badly.
There are multiple reasons why you want to do this outside Ecdsa.verify().

One example is huge data that you want to hash in parts and not to keep completely in memory.
With the current implementation of Ecdsa.verify() this is not possible.
Another example would be verifying the ECDSA signature multiple times with different public keys, then all the conversions are done multiple times which is wasting performance.

Suggestion:
Create a new function called Ecdsa.verifyNumber() that directly takes an integer value "numberMessage" as a parameter def verifyNumber(cls, numberMessage, signature, publicKey), which skips all these conversions (typically for "prehashed" values).
Additionally enhance the existing Ecdsa.verify() function to handle different variable types of the message parameter.

Ecdsa.sign() could profit from the same changes.

Code (not tested, but shall be compatible with Python 3 and 2.7)

## Python 2 future-compatible workarounds: (see: http://python-future.org/compatible_idioms.html)
## interpret long as int, support int.from_bytes()
from builtins import int
## support bytes()
from builtins import bytes

...
    @classmethod
    def verifyNumber(cls, numberMessage, signature, publicKey):
        curve = publicKey.curve
        sigR = signature.r
        sigS = signature.s
        inv = Math.inv(sigS, curve.N)
        u1 = Math.multiply(curve.G, n=(numberMessage * inv) % curve.N, A=curve.A, P=curve.P, N=curve.N)
        u2 = Math.multiply(publicKey.point, n=(sigR * inv) % curve.N, A=curve.A, P=curve.P, N=curve.N)
        add = Math.add(u1, u2, P=curve.P, A=curve.A)
        return sigR == add.x

    @classmethod
    def verify(cls, message, signature, publicKey, hashfunc=sha256):
        if isinstance(message, int):
            numberMessage = message
        elif isinstance(message, bytes) \
        or isinstance(message, bytearray):
            if not hashfunc is None:
                hashMessage = hashfunc(message).digest()
            else:
                hashMessage = message
            # TODO: numberMessage = int.from_bytes(hashMessage, byteorder="big")
            numberMessage = BinaryAscii.numberFromString(hashMessage)
        else:
            hashMessage = hashfunc(toBytes(message)).digest()
            # TODO: numberMessage = int.from_bytes(hashMessage, byteorder="big")
            numberMessage = BinaryAscii.numberFromString(hashMessage)
        #
        return verifyNumber(numberMessage, signature, publicKey)
@vsgobbi
Copy link

vsgobbi commented Feb 10, 2020

Greetings @windsurfer1122, thanks for your feedback.
The Stark Bank development team will analyze your point and will make the best to optimize and improve our source code.
Best regards, Vitor

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vsgobbi @windsurfer1122