-
-
Save dendisuhubdy/f4eb1c33cad02976d7a2550dac734896 to your computer and use it in GitHub Desktop.
Revisions
-
justmoon revised this gist
Aug 21, 2012 . 1 changed file with 50 additions and 21 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -26,9 +26,9 @@ return S; } var z1z1 = S.z.square(), h = T.x.mul(z1z1).sub(S.x), s2 = T.y.mul(S.z).mul(z1z1); if (h.equals(0)) { if (S.y.equals(T.y.mul(z1z1.mul(S.z)))) { @@ -40,34 +40,63 @@ } } var hh = h.square(), i = hh.mul(4), j = h.mul(i), r = s2.sub(S.y).mul(2), v = S.x.mul(i), x = r.square().sub(j).sub(v.mul(2)), y = r.mul(v.sub(x)).sub(S.y.mul(j).mul(2)), z = S.z.add(h).square().sub(z1z1).sub(hh); return new sjcl.ecc.pointJac(this.curve,x,y,z); }; sjcl.ecc.pointJac.prototype.doubl = function () { if (this.isIdentity) { return this; } var a = this.x.square(), b = this.y.square(), c = b.square(), d = this.x.add(b).square().sub(a).sub(c).mul(2), e = a.mul(3), f = e.square(), x = f.sub(d.mul(2)), y = e.mul(d.sub(x)).sub(c.mul(8)), z = this.y.mul(this.z).mul(2); return new sjcl.ecc.pointJac(this.curve, x, y, z); }; sjcl.ecc.ecdsa.secretKey.prototype = { sign: function(hash, paranoia) { var R = this._curve.r, l = R.bitLength(), k = sjcl.bn.random(R.sub(1), paranoia).add(1), r = this._curve.G.mult(k).x.mod(R), s = k.inverseMod(R).mul(sjcl.bn.fromBits(hash).add(r.mul(this._exponent))).mod(R); return sjcl.bitArray.concat(r.toBits(l), s.toBits(l)); } }; sjcl.ecc.ecdsa.publicKey.prototype = { verify: function(hash, rs) { var w = sjcl.bitArray, R = this._curve.r, l = R.bitLength(), r = sjcl.bn.fromBits(w.bitSlice(rs,0,l)), s = sjcl.bn.fromBits(w.bitSlice(rs,l,2*l)), c = s.inverseMod(R), hG = sjcl.bn.fromBits(hash).mul(c).mod(R), hA = r.mul(c).mod(R), r2 = this._curve.G.mult2(hG, hA, this._point).x; if (r.equals(0) || s.equals(0) || r.greaterEquals(R) || s.greaterEquals(R) || !r2.equals(r)) { throw (new sjcl.exception.corrupt("signature didn't check out")); } return true; } }; var keys = sjcl.ecc.ecdsa.generateKeys(256,0); var hash = sjcl.hash.sha256.hash("The quick brown fox jumps over the lazy dog."); var signature = keys.sec.sign(hash,0); -
Aug 20, 2012 . 1 changed file with 56 additions and 0 deletions.There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -12,6 +12,62 @@ "0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8" ); // Replace point addition and doubling algorithms // NIST-P256 is a=-3, we need algorithms for a=0 sjcl.ecc.pointJac.prototype.add = function(T) { var S = this; if (S.curve !== T.curve) { throw("sjcl.ecc.add(): Points must be on the same curve to add them!"); } if (S.isIdentity) { return T.toJac(); } else if (T.isIdentity) { return S; } var z1z1 = S.z.square(); var h = T.x.mul(z1z1).sub(S.x); var s2 = T.y.mul(S.z).mul(z1z1); if (h.equals(0)) { if (S.y.equals(T.y.mul(z1z1.mul(S.z)))) { // same point return S.doubl(); } else { // inverses return new sjcl.ecc.pointJac(S.curve); } } var hh = h.square(); var i = hh.mul(4); var j = h.mul(i); var r = s2.sub(S.y).mul(2); var v = S.x.mul(i); var x = r.square().sub(j).sub(v.mul(2)); var y = r.mul(v.sub(x)).sub(S.y.mul(j).mul(2)); var z = S.z.add(h).square().sub(z1z1).sub(hh); return new sjcl.ecc.pointJac(this.curve,x,y,z); }; sjcl.ecc.pointJac.prototype.doubl = function () { if (this.isIdentity) { return this; } var a = this.x.square(); var b = this.y.square(); var c = b.square(); var d = this.x.add(b).square().sub(a).sub(c).mul(2); var e = a.mul(3); var f = e.square(); var x = f.sub(d.mul(2)); var y = e.mul(d.sub(x)).sub(c.mul(8)); var z = this.y.mul(this.z).mul(2); return new sjcl.ecc.pointJac(this.curve, x, y, z); }; var keys = sjcl.ecc.ecdsa.generateKeys(256,0); var hash = sjcl.hash.sha256.hash("The quick brown fox jumps over the lazy dog."); var signature = keys.sec.sign(hash,0); -
Aug 19, 2012 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,25 @@ <script src="https://raw.github.com/bitwiseshiftleft/sjcl/master/sjcl.js"></script> <script src="https://raw.github.com/bitwiseshiftleft/sjcl/master/core/bn.js"></script> <script src="https://raw.github.com/bitwiseshiftleft/sjcl/master/core/ecc.js"></script> <script> // Overwrite NIST-P256 with secp256k1 sjcl.ecc.curves.c256 = new sjcl.ecc.curve( sjcl.bn.pseudoMersennePrime(256, [[0,-1],[4,-1],[6,-1],[7,-1],[8,-1],[9,-1],[32,-1]]), "0x14551231950b75fc4402da1722fc9baee", 0, 7, "0x79be667ef9dcbbac55a06295ce870b07029bfcdb2dce28d959f2815b16f81798", "0x483ada7726a3c4655da4fbfc0e1108a8fd17b448a68554199c47d08ffb10d4b8" ); var keys = sjcl.ecc.ecdsa.generateKeys(256,0); var hash = sjcl.hash.sha256.hash("The quick brown fox jumps over the lazy dog."); var signature = keys.sec.sign(hash,0); console.log("priv:", ""+keys.sec._exponent); console.log("pub:", sjcl.codec.hex.fromBits(keys.pub._point.toBits())); keys.pub.verify(hash, signature); console.log("pass"); </script>