Comments (2)
This is a somewhat dangerous API in that failure to use a hash function on the input message can lead to arbitrary signature forgeries. For that reason we do not provide a high-level interface to it.
If you really, really need such an API, you'll need to use the low-level SignPrimitive
API:
https://docs.rs/ecdsa/latest/ecdsa/hazmat/trait.SignPrimitive.html
You can compute a scalar from a known existing digest using <Scalar as Reduce<U256>>::from_be_bytes
. See the implementation of DigestSigner
as an example:
https://docs.rs/ecdsa/latest/src/ecdsa/sign.rs.html#179-181
from elliptic-curves.
I managed to have something working.
This is a reference for who tries to do something similar:
use ecdsa::{
elliptic_curve::{
generic_array::{typenum::U32, GenericArray},
ops::Reduce,
},
hazmat::{rfc6979_generate_k, SignPrimitive},
signature::PrehashSignature,
RecoveryId,
};
use k256::{
ecdsa::{Signature, SigningKey},
NonZeroScalar, Scalar, U256,
};
use rand::rngs::OsRng;
fn sign_prehashed(hash: [u8; 32]) -> (Signature, Option<RecoveryId>) {
let signing_key = SigningKey::random(&mut OsRng);
let hash_array: GenericArray<u8, U32> = GenericArray::from_slice(&hash).clone();
let hash_scalar = <Scalar as Reduce<U256>>::from_be_bytes_reduced(hash_array);
let priv_bytes = signing_key.to_bytes();
let priv_scalar = <NonZeroScalar as Reduce<U256>>::from_be_bytes_reduced(priv_bytes);
let k = rfc6979_generate_k::<_, <Signature as PrehashSignature>::Digest>(
&priv_scalar,
&hash_scalar,
&[],
);
priv_scalar.try_sign_prehashed(**k, hash_scalar).unwrap()
}
from elliptic-curves.
Related Issues (20)
- p256+p384: `Scalar::sqrt` test failures HOT 1
- Public key cryptographic algorithm SM2 based on elliptic curves HOT 4
- p384: Missing `Scalar::from_le_slice()` in v0.13 HOT 3
- [].iter().product() returns 0 instead of 1
- primeorder: have `impl_mont_field_element!` define inversions
- Benchmarking: k256 falls short to fiat-crypto and crypto-bigint HOT 7
- bp384: `Scalar::sqrt` is unimplemented
- How to run the tests in hash2curve? HOT 2
- p256 point multiplication got ~25% slower in 0.12 HOT 5
- sm2 sign method seems got same result when use same secret_key HOT 2
- k256 signal: 10, SIGBUS: access to undefined memory HOT 1
- unresolved import `p256::ecdh`: could not find `ecdh` in `p256` HOT 1
- Tweaking a pubkey using a scalar HOT 3
- BP256 and BP384 v0.6.1 docs.rs build fails HOT 1
- p384 - signal: 11, SIGSEGV: invalid memory reference HOT 1
- As of 0.12 k256 no longer requires ECDSA signatures have minimum s HOT 1
- Considering audit of p256 curve HOT 1
- k256: missing check in `PrehashVerifier` impl for `schnorr::VerifyingKey`? HOT 1
- Why are ECDSA P-384 signatures not different for the same message? HOT 1
- bign256: WideFieldElement HOT 11
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from elliptic-curves.