javascript的椭圆库和golang的ecdsa库之间的互操作性 [英] Interoperability between javascript's elliptic library and golang's ecdsa library
问题描述
我在使用golang的ecdsa库验证由椭圆形javascript库生成的签名时遇到困难。使用的椭圆曲线是secp256k1。
I am experiencing difficulty validating a signature generated with the elliptic javascript library using the ecdsa library from golang.The elliptic curve being used is the secp256k1.
以下是一些代码片段:
打字稿实用程序功能:
import * as bigInt from 'big-integer';
declare const require: any;
var EC = require('elliptic').ec;
var ec = new EC('secp256k1');
const SHA256 = require("crypto-js/sha256");
const generatePrivateKey = function(): string {
return ec.genKeyPair().getPrivate().toString();
}
const generatePublicKey = function(privateKey: string): PublicKey {
const publicKey: any = ec.keyFromPrivate(privateKey).getPublic();
return new PublicKey(
publicKey.getX().toString("hex"),
publicKey.getY().toString("hex")
);
}
const signMessage = function(message: string, privateKey: string): Signature {
message = SHA256(message).toString();
const key = ec.keyFromPrivate(privateKey);
const signature: Signature = JSON.parse(JSON.stringify(key.sign(message)));
return new Signature(signature.r, signature.s, signature.recoveryParam);
}
const verifyMessage = function(message: string, publicKey: PublicKey, signature: Signature): boolean {
message = SHA256(message).toString();
const key = ec.keyFromPublic(publicKey, 'hex');
return key.verify(message, signature);
}
class PublicKey {
constructor(
public x: string,
public y: string
) { }
}
class Signature {
constructor(
public r: string,
public s: string,
public recoveryParam: number
) { }
}
使用上述函数生成的样本签名:
Sample signature generated using function above:
// Private Key
const privateKey = "87447468790127269743127941512029311682561810964950681691418579250915022213638"
// Public Key
const publicKey = {
x: 'fe0f1982436d08bfc2a603d85738bc874cbc4d2108e63eca0264afd8e62244df',
y: '199b6155f2532aa5d6404c32ea5fb7de1c9af741b99d75dcb73285bfd8525176'
}
// Sample message
const message = "hello world"
// Generated Signature
const signature = {
r: 'be4022f929aa1aef40e563a0e30e1b23b9ca5a73d510cf9d95a2a51db4f52965',
s: 'c27b747099192bda25985fdd5dd588de44c40b15aa038aa65399aa5e9e5ec7b',
recoveryParam: 1
}
用于验证签名的代码:
xVal := new(big.Int)
xVal.SetString("fe0f1982436d08bfc2a603d85738bc874cbc4d2108e63eca0264afd8e62244df", 16)
yVal := new(big.Int)
yVal.SetString("199b6155f2532aa5d6404c32ea5fb7de1c9af741b99d75dcb73285bfd8525176", 16)
rVal := new(big.Int)
rVal.SetString("be4022f929aa1aef40e563a0e30e1b23b9ca5a73d510cf9d95a2a51db4f52965", 16)
sVal := new(big.Int)
sVal.SetString("c27b747099192bda25985fdd5dd588de44c40b15aa038aa65399aa5e9e5ec7b", 16)
hash := fmt.Sprintf(
"%x",
sha256.Sum256([]byte("hello world")),
)
pubKey := ecdsa.PublicKey{
Curve: secp256k1.S256(),
X: xVal,
Y: yVal,
}
fmt.Printf("SIG VERIFICATION: %v", ecdsa.Verify(&pubKey, []byte(hash), rVal, sVal))
输出为:
SIG VERIFICATION: false
输出应为true。如果对其他详细信息有疑问,请通知我。
The output should be true. If there are any questions on further details please notify me.
推荐答案
解决方案是使用DecodeString函数对消息哈希进行哈希处理。以下是该解决方案的更新代码:
The solution is to hash the message hash using the DecodeString function. Below is the updated code for the solution:
xVal := new(big.Int)
xVal.SetString("fe0f1982436d08bfc2a603d85738bc874cbc4d2108e63eca0264afd8e62244df", 16)
yVal := new(big.Int)
yVal.SetString("199b6155f2532aa5d6404c32ea5fb7de1c9af741b99d75dcb73285bfd8525176", 16)
rVal := new(big.Int)
rVal.SetString("be4022f929aa1aef40e563a0e30e1b23b9ca5a73d510cf9d95a2a51db4f52965", 16)
sVal := new(big.Int)
sVal.SetString("c27b747099192bda25985fdd5dd588de44c40b15aa038aa65399aa5e9e5ec7b", 16)
msgHash := fmt.Sprintf(
"%x",
sha256.Sum256([]byte("hello world")),
)
pubKey := ecdsa.PublicKey{
Curve: secp256k1.S256(),
X: xVal,
Y: yVal,
}
hash, hashDecodeError := hex.DecodeString(msgHash)
if hashDecodeError != nil {
log.Println(hashDecodeError)
panic("internal server error")
}
fmt.Printf("SIG VERIFICATION: %v", ecdsa.Verify(&pubKey, hash, rVal, sVal))
使用上述代码的验证结果为true。
The verification using the code above will evaluate to true.
对用户mh-cbon 。
这篇关于javascript的椭圆库和golang的ecdsa库之间的互操作性的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!