|
doof
|
 |
September 20, 2013, 12:39:15 AM |
|
Java implementation he is adding 2 bit ints r & s. The c# out of the box class doesn't have these, so ill have to wrap it.
public static class ECDSASignature {
public BigInteger r, s;
public ECDSASignature(BigInteger r, BigInteger s) {
this.r = r;
this.s = s;
}
|
|
|
|
|
|
doof
|
|
September 20, 2013, 12:42:01 AM |
|
It just does a double hash.. ComputeHash(ComputeHash(data)) I believe
Ahhh... cool. Was thinking from type Double, lol |
|
|
|
|
|
doof
|
|
September 20, 2013, 12:47:41 AM |
|
|
|
|
|
|
|
slothbag (OP)
|
|
September 20, 2013, 12:52:32 AM |
|
From memory the one or two Util functions I needed I just moved into the class that needed them. Not fussed if you want to keep them in a separate Util file or not. |
|
|
|
|
|
doof
|
|
September 20, 2013, 12:54:45 AM |
|
Done. Slothbag, can you pm me your email? I cant commit to github until tonight. Ill email you the .cs files.
Also, ill look at bitcoinj and see if he has any unit tests. there's a few (logical) assumptions to be made, but I cant verify the implementation performs exactly the same without unit tests.
|
|
|
|
|
|
slothbag (OP)
|
|
September 20, 2013, 01:08:06 AM |
|
Done. Slothbag, can you pm me your email? I cant commit to github until tonight. Ill email you the .cs files.
Also, ill look at bitcoinj and see if he has any unit tests. there's a few (logical) assumptions to be made, but I cant verify the implementation performs exactly the same without unit tests.
Here is a very simple C++ message sign verify program https://github.com/Bobalot/bitcoin-signature-toolsI was just planning to generate 100 random addresses and get the C++ and the C# programs to run through them all and compare the results. Not super thorough but probably enough for my purposes |
|
|
|
|
|
doof
|
|
September 20, 2013, 01:10:02 AM |
|
Ok, ill take a look.
Who did the original conversion? The commented out code creates a BigInt type on "sig".
Java creates an ECDSASignature class. Not sure which way to go.
ECDSASignature sig = sign(hash, aesKey);
// Now we have to work backwards to figure out the recId needed to recover the signature.
int recId = -1;
for (int i = 0; i < 4; i++) {
ECKey k = ECKey.recoverFromSignature(i, sig, hash, isCompressed());
if (k != null && Arrays.equals(k.pub, pub)) {
recId = i;
break;
}
}
|
|
|
|
|
|
slothbag (OP)
|
|
September 20, 2013, 01:12:41 AM |
|
The commented out part I could have stuffed up... safest to delete it and re-translate the BitcoinJ version.
|
|
|
|
|
|
doof
|
|
September 20, 2013, 01:17:55 AM |
|
All good
Method on Line 393 needs adding too.
public ECDSASignature sign(Sha256Hash input, KeyParameter aesKey)
|
|
|
|
|
|
doof
|
|
September 20, 2013, 01:48:50 AM |
|
It builds, but looking at the java code, there's a lot that's different.
For example SignMessage on the java return is string, this is byte[]
|
|
|
|
|
|
slothbag (OP)
|
|
September 20, 2013, 01:54:48 AM |
|
byte array or string is not a big deal.. not hard to convert to base64 string..
|
|
|
|
|
|
slothbag (OP)
|
|
September 20, 2013, 01:54:13 PM |
|
Bounty still available for any takers.
|
|
|
|
|
|
r3wt
|
|
September 20, 2013, 01:56:15 PM |
|
i think doof deserve the bounty.
|
My negative trust rating is reflective of a personal vendetta by someone on default trust.
|
|
|
|
slothbag (OP)
|
|
September 21, 2013, 02:15:48 AM |
|
Doof's submission is not complete, I haven't heard from him so thought I'd open it back up.
|
|
|
|
|
|
slothbag (OP)
|
|
September 26, 2013, 12:32:34 PM |
|
I was hoping to use the bitcoin-qt style message sign & verify with compressed signatures... but for the time being I think I can use the signData, verifySignature from mb300sb' library to achieve what I need (albeit with much longer signatures).
Nevertheless, It would be nice to have a working C# implementation somewhere, so the bounty remains if any C# crypto experts want to take a crack at it.
|
|
|
|
|
knocte
Newbie
 Offline
Activity: 44
Merit: 0
|
|
September 27, 2013, 12:34:21 PM |
|
I don't intend to earn the bounty but I know of a .NET bitcoin implementation, which maybe already works for you: https://github.com/jkoberg/FCoinLet me know if it is helpful to you! I cannot test it now due to lack of time* Cheers * However, in some months I will be much more free, and I'm interested on having some developer contacts interested around Bitcoin in the .NET/Mono framework, PM me! |
|
|
|
|
|
Eternity
|
|
September 27, 2013, 12:52:17 PM |
|
You want working solution right ?
|
|
|
|
|
|
|
|
slothbag (OP)
|
|
September 27, 2013, 11:47:19 PM |
|
Thanks knocte, that looks like what I'm after, although not f# but it might not be hard to translate. I'll test it out tonight. Thanks tfk, I hadn't heard of spongy castle. |
|
|
|
|
|
slothbag (OP)
|
|
September 28, 2013, 12:32:43 PM |
|
Thanks knocte, that looks like what I'm after, although not f# but it might not be hard to translate. I'll test it out tonight. The project I have up on GitHub is very close to having a working solution, the only bit I cant get working is the function "recoverFromSignature" which also includes "decompressKey".. they contain some pretty funky crypto arithmetic which was why I offered up this bounty, for someone to finish it off. The amusing part, is that F# implementation by jkoberg looks to have completely skipped the recoverFromSignature routine and he simply loops through the 4 recId iterations doing a verifyMessage call each pass to see if the hashes match and assuming the current recId is correct.. Not exactly optimized when you have to perform 4 ECDSA verification calls to sign one message. To be honest this Bitcoin specific compressed signature format is proving to be more trouble than its worth, i'm thinking it may be better to retain a longer signature just to be more standard complient and compatible with existing ECDSA libraries. |
|
|
|
|
|
