alpcentaur
/
basabuuka_prototyp
1
0
Fork 0
Code Issues 0 Pull Requests 0 Projects 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
4.1 GiB
Tree: b919ddd513
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b919ddd513'
${ noResults }
basabuuka_prototyp/venv/lib/python3.5/site-packages/ecdsa/rfc6979.py

103 lines
2.7 KiB
Raw Normal View History

initial commit
4 years ago
 
  1. '''

  2. RFC 6979:
  3.     Deterministic Usage of the Digital Signature Algorithm (DSA) and
  4.     Elliptic Curve Digital Signature Algorithm (ECDSA)
  5. 

  6.     http://tools.ietf.org/html/rfc6979
  7. 

  8. Many thanks to Coda Hale for his implementation in Go language:
  9.     https://github.com/codahale/rfc6979
  10. '''

  11. 

  12. import hmac
  13. from binascii import hexlify
  14. from .util import number_to_string, number_to_string_crop
  15. from .six import b
  16. 

  17. try:
  18.     bin(0)
  19. except NameError:
  20.     binmap = {"0": "0000", "1": "0001", "2": "0010", "3": "0011",
  21.               "4": "0100", "5": "0101", "6": "0110", "7": "0111",
  22.               "8": "1000", "9": "1001", "a": "1010", "b": "1011",
  23.               "c": "1100", "d": "1101", "e": "1110", "f": "1111"}
  24.     def bin(value): # for python2.5
  25.         v = "".join(binmap[x] for x in "%x"%abs(value)).lstrip("0")
  26.         if value < 0:
  27.             return "-0b" + v
  28.         return "0b" + v
  29. 

  30. def bit_length(num):
  31.     # http://docs.python.org/dev/library/stdtypes.html#int.bit_length
  32.     s = bin(num)  # binary representation:  bin(-37) --> '-0b100101'
  33.     s = s.lstrip('-0b')  # remove leading zeros and minus sign
  34.     return len(s)  # len('100101') --> 6
  35. 

  36. def bits2int(data, qlen):
  37.     x = int(hexlify(data), 16)
  38.     l = len(data) * 8
  39. 

  40.     if l > qlen:
  41.         return x >> (l-qlen)
  42.     return x
  43. 

  44. def bits2octets(data, order):
  45.     z1 = bits2int(data, bit_length(order))
  46.     z2 = z1 - order
  47. 

  48.     if z2 < 0:
  49.         z2 = z1
  50. 

  51.     return number_to_string_crop(z2, order)
  52. 

  53. # https://tools.ietf.org/html/rfc6979#section-3.2
  54. def generate_k(order, secexp, hash_func, data):
  55.     '''

  56.         order - order of the DSA generator used in the signature
  57.         secexp - secure exponent (private key) in numeric form
  58.         hash_func - reference to the same hash function used for generating hash
  59.         data - hash in binary form of the signing data
  60.     '''

  61. 

  62.     qlen = bit_length(order)
  63.     holen = hash_func().digest_size
  64.     rolen = (qlen + 7) / 8
  65.     bx = number_to_string(secexp, order) + bits2octets(data, order)
  66. 

  67.     # Step B
  68.     v = b('\x01') * holen
  69. 

  70.     # Step C
  71.     k = b('\x00') * holen
  72. 

  73.     # Step D
  74. 

  75.     k = hmac.new(k, v+b('\x00')+bx, hash_func).digest()
  76. 

  77.     # Step E
  78.     v = hmac.new(k, v, hash_func).digest()
  79. 

  80.     # Step F
  81.     k = hmac.new(k, v+b('\x01')+bx, hash_func).digest()
  82. 

  83.     # Step G
  84.     v = hmac.new(k, v, hash_func).digest()
  85. 

  86.     # Step H
  87.     while True:
  88.         # Step H1
  89.         t = b('')
  90. 

  91.         # Step H2
  92.         while len(t) < rolen:
  93.             v = hmac.new(k, v, hash_func).digest()
  94.             t += v
  95. 

  96.         # Step H3
  97.         secret = bits2int(t, qlen)
  98. 

  99.         if secret >= 1 and secret < order:
  100.             return secret
  101. 

  102.         k = hmac.new(k, v+b('\x00'), hash_func).digest()
  103.         v = hmac.new(k, v, hash_func).digest()