1

我正在尝试使用 SawTooth SDK 来对 Secp256k1 密钥对进行签名/验证。当我尝试验证时,每个人似乎都期待结束:

let context = Secp256k1Context()

//PrivateKey init
let privateKey = Secp256k1PrivateKey.init(privKey: [0x..,0x..,0x..,0x..,0x..,0x..,0x..,0x..,0x..,0x..,0x..,0xf4,0x27,0x86,0xb5,0xdd,0x7b,0x76,0xba,0xea,0x42,0xa9,0xaa,0x60,0xff,0x4c,0x31,0x23,0xfa,0xf0,0x9b,0x8a])

//PublicKey init
let publicKey = Secp256k1PublicKey.init(pubKey: [0x..,0x..,0x..,0x..,0x..,0x..,0x..,0x..,0x..,0x..,0x..,0x6c,0xd0,0x7b,0xd5,0xa3,0x85,0x6f,0x92,0xe7,0xbc,0x15,0xf3,0x40,0x8a,0xa5,0x4f,0x6c,0x3c,0x11,0x55,0x25,0x37,0x48,0xc9,0x93,0x0d,0x7a,0x18,0x4b,0x29,0x30,0xde,0xcd,0xbf,0xb3,0x94,0x4c,0x7f,0xdf,0xd2,0xda,0x51,0xcd,0x87,0xb5,0x00,0x8a,0x15,0xc5,0x16,0x1c,0x73,0xca])

let message_string = "hello"
let message_bytes: [UInt8] = Array(message_string.utf8)

let signer = Signer(context: context, privateKey: privateKey)

do {
    let signature = try signer.sign(data: message_bytes)
    let verif = try context.verify(signature: signature, data: message_bytes, publicKey: publicKey)
    print(verif)
}
catch {
    print("Verification failed..")
}

我总是得到“验证失败......”知道我做错了什么吗?谢谢!

4

1 回答 1

1

根据我们上面的讨论添加答案。

是的,你完全正确。

secp256r1是一条曲线,定义为:

y^2 = x^3-3x+41058363725152142129326129780047268409114441015993725554835256314039467401291

这些常数来自我们在 NSA 的朋友。

secp256k1另一方面是由等式定义的曲线:

y^2 = x^3+0x+7

x对于满足两个曲线方程的坐标,可能存在一些交叉y,但是,对于上述签名过程,公钥对于签名上下文是不可互换的。

请记住,ECC 中的私钥只是256-bit数字,但是每条曲线都有自己定义的生成点G,它必须用标量乘以私钥才能获得公钥(这只是曲线本身的一个点)。

因此,您只需将私钥定义为一个256-bit数字,然后将其乘以y^2 = x^3+0x+7曲线生成点,02 79BE667E F9DCBBAC 55A06295 CE870B07 029BFCDB 2DCE28D9 59F2815B 16F81798

顺便说一句,以上是找到公钥所需的原始数学,在您的 中sawtooth SDK,您可以使用方法从私钥派生公钥。

于 2020-04-17T09:24:11.653 回答