Shevek (OP)
|
|
May 24, 2013, 03:37:00 PM |
|
The only information about how bitcoin handles ECDSA-signatures, I've found here: https://en.bitcoin.it/wiki/ECDSAIf your read the link, It is said that Signatures are are either 73, 72, or 71 bytes long, But it does not make sense: signatures are pair of numbers (r,s), each of 32 bytes; so, 64 byte total. Plus an eventual id. prefix, 65 bytes maximum. If you want to add extra CRC-like stuff, then 65+4=69 bytes (and length fixed, because all leading '0's in the binary chain of (r,s) should be counted up). So where the numbres "73,72,71" come from!? TIA
|
Proposals for improving bitcoin are like asses: everybody has one 1SheveKuPHpzpLqSvPSavik9wnC51voBa
|
|
|
|
|
|
|
"Your bitcoin is secured in a way that is physically impossible for others to access, no matter for what reason, no matter how good the excuse, no matter a majority of miners, no matter what." -- Greg Maxwell
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1233
May Bitcoin be touched by his Noodly Appendage
|
|
May 24, 2013, 03:49:14 PM |
|
Look for DER format
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1233
May Bitcoin be touched by his Noodly Appendage
|
|
May 24, 2013, 07:03:34 PM |
|
Sorry, I was on my mobile phone It's 30 + len(z) + 02 + len(r) + r + 02 + len(s) + s, z being what follows its size, ie 02+len(r)+r+02+len(s)+s
Beware: r and s are unsigned, so if first byte of r is > 7f: r='\x00'+r Same for s r and s are 32 bytes numbers, so, as it can one additional byte because of above, you have size(r)=0x20 or 0x21
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
Shevek (OP)
|
|
May 24, 2013, 09:23:36 PM |
|
Sorry, I was on my mobile phone It's 30 + len(z) + 02 + len(r) + r + 02 + len(s) + s, z being what follows its size, ie 02+len(r)+r+02+len(s)+s
Wow, it make sense now. Beware: r and s are unsigned, so if first byte of r is > 7f: r='\x00'+r
I don't see the logic behind this null addition. Unsigned is unsigned, so you can occupy the highest bit without permission.... Same for s r and s are 32 bytes numbers, so, as it can one additional byte because of above, you have size(r)=0x20 or 0x21
So, I guess 0x1F, 0x1E, 0x1D... are allowed. Thanks a lot!
|
Proposals for improving bitcoin are like asses: everybody has one 1SheveKuPHpzpLqSvPSavik9wnC51voBa
|
|
|
scintill
|
|
May 24, 2013, 09:37:50 PM |
|
I don't see the logic behind this null addition. Unsigned is unsigned, so you can occupy the highest bit without permission.... I think he means they are unsigned, but the encoding specifies signed if the most significant bit is 1. So you have to make sure the MSB is never 1 and pad with a zero if it would be. It might be worth a look at https://github.com/bitcoin/bitcoin/blob/ef9acc5124459b111d8643323a71d8198d0eaae8/src/script.cpp#L245 (which includes making sure the most significant bit is never 1) to make sure you are passing these checks. My understanding is that they would otherwise be valid DER encodings but are considered non-standard and may eventually be invalid.
|
1SCiN5kqkAbxxwesKMsH9GvyWnWP5YK2W | donations
|
|
|
jackjack
Legendary
Offline
Activity: 1176
Merit: 1233
May Bitcoin be touched by his Noodly Appendage
|
|
May 24, 2013, 10:26:08 PM |
|
Beware: r and s are unsigned, so if first byte of r is > 7f: r='\x00'+r
I don't see the logic behind this null addition. Unsigned is unsigned, so you can occupy the highest bit without permission.... It's a concatenation Same for s r and s are 32 bytes numbers, so, as it can one additional byte because of above, you have size(r)=0x20 or 0x21
So, I guess 0x1F, 0x1E, 0x1D... are allowed. Thanks a lot! I never thought about that, but now you mention it I think so
|
Own address: 19QkqAza7BHFTuoz9N8UQkryP4E9jHo4N3 - Pywallet support: 1AQDfx22pKGgXnUZFL1e4UKos3QqvRzNh5 - Bitcointalk++ script support: 1Pxeccscj1ygseTdSV1qUqQCanp2B2NMM2 Pywallet: instructions. Encrypted wallet support, export/import keys/addresses, backup wallets, export/import CSV data from/into wallet, merge wallets, delete/import addresses and transactions, recover altcoins sent to bitcoin addresses, sign/verify messages and files with Bitcoin addresses, recover deleted wallets, etc.
|
|
|
|