Examples with Signature - tech.pegasys.signers.secp256k1.api.Signature

Example 1 with Signature

use of tech.pegasys.signers.secp256k1.api.Signature in project signers by ConsenSys.

the class AzureKeyVaultSignerTest method azureWithoutHashingDoesntHashData.

@Test
void azureWithoutHashingDoesntHashData() throws SignatureException {
    final AzureConfig config = new AzureConfig(keyVaultName, KEY_NAME, "", clientId, clientSecret, tenantId);
    final Signer azureNonHashedDataSigner = new AzureKeyVaultSignerFactory(false).createSigner(config);
    final BigInteger publicKey = Numeric.toBigInt(EthPublicKeyUtils.toByteArray(azureNonHashedDataSigner.getPublicKey()));
    final byte[] dataToSign = "Hello World".getBytes(UTF_8);
    // manual hash before sending to remote signing
    final byte[] hashedData = Hash.sha3(dataToSign);
    final Signature signature = azureNonHashedDataSigner.sign(hashedData);
    // Determine if Web3j thinks the signature comes from the public key used (really proves
    // that the hashedData isn't hashed a second time).
    final SignatureData sigData = new SignatureData(signature.getV().toByteArray(), Numeric.toBytesPadded(signature.getR(), 32), Numeric.toBytesPadded(signature.getS(), 32));
    final BigInteger recoveredPublicKey = Sign.signedMessageHashToKey(hashedData, sigData);
    assertThat(recoveredPublicKey).isEqualTo(publicKey);
}

Also used : Signer(tech.pegasys.signers.secp256k1.api.Signer) SignatureData(org.web3j.crypto.Sign.SignatureData) Signature(tech.pegasys.signers.secp256k1.api.Signature) BigInteger(java.math.BigInteger) Test(org.junit.jupiter.api.Test)

Example 2 with Signature

use of tech.pegasys.signers.secp256k1.api.Signature in project signers by ConsenSys.

the class AzureKeyVaultSigner method sign.

@Override
public Signature sign(byte[] data) {
    final AzureKeyVault vault;
    try {
        vault = createUsingClientSecretCredentials(config.getClientId(), config.getClientSecret(), config.getTenantId(), config.getKeyVaultName());
    } catch (final Exception e) {
        LOG.error("Failed to connect to vault", e);
        throw new SignerInitializationException(INACCESSIBLE_KEY_ERROR, e);
    }
    final CryptographyClient cryptoClient = vault.fetchKey(config.getKeyName(), config.getKeyVersion());
    final byte[] dataToSign = needsToHash ? Hash.sha3(data) : data;
    final SignResult result = cryptoClient.sign(signingAlgo, dataToSign);
    final byte[] signature = result.getSignature();
    if (signature.length != 64) {
        throw new RuntimeException("Invalid signature from the key vault signing service, must be 64 bytes long");
    }
    // reference: blog by Tomislav Markovski
    // https://tomislav.tech/2018-02-05-ethereum-keyvault-signing-transactions/
    // The output of this will be a 64 byte array. The first 32 are the value for R and the rest is
    // S.
    final BigInteger R = new BigInteger(1, Arrays.copyOfRange(signature, 0, 32));
    final BigInteger S = new BigInteger(1, Arrays.copyOfRange(signature, 32, 64));
    // The Azure Signature MAY be in the "top" of the curve, which is illegal in Ethereum
    // thus it must be transposed to the lower intersection.
    final ECDSASignature initialSignature = new ECDSASignature(R, S);
    final ECDSASignature canonicalSignature = initialSignature.toCanonicalised();
    // Now we have to work backwards to figure out the recId needed to recover the signature.
    final int recId = recoverKeyIndex(canonicalSignature, dataToSign);
    if (recId == -1) {
        throw new RuntimeException("Could not construct a recoverable key. Are your credentials valid?");
    }
    final int headerByte = recId + 27;
    return new Signature(BigInteger.valueOf(headerByte), canonicalSignature.r, canonicalSignature.s);
}

Also used : SignerInitializationException(tech.pegasys.signers.secp256k1.common.SignerInitializationException) SignResult(com.azure.security.keyvault.keys.cryptography.models.SignResult) Signature(tech.pegasys.signers.secp256k1.api.Signature) ECDSASignature(org.web3j.crypto.ECDSASignature) BigInteger(java.math.BigInteger) ECDSASignature(org.web3j.crypto.ECDSASignature) AzureKeyVault(tech.pegasys.signers.azure.AzureKeyVault) CryptographyClient(com.azure.security.keyvault.keys.cryptography.CryptographyClient) SignerInitializationException(tech.pegasys.signers.secp256k1.common.SignerInitializationException)

Example 3 with Signature

use of tech.pegasys.signers.secp256k1.api.Signature in project web3signer by ConsenSys.

the class FcSecpArtifactSignerTest method signsData.

@ParameterizedTest
@CsvSource({ "'',E+f4UauYmVPEL7+PUr/GL819Euww2Qy6/WJ2AQd5x8okioQiu8UbhRwUNjtLxw6ukdTBdLKwA3KkkkghqwSgxAA=", "NDI=,4ZDlbvzXtjFnGAnkmnAXImN7KmE+OdW3KbCn+UIHJwY3hEbodjS0VIVBiPUxRWbhJOMao3Sx7GWb4myEsYouJgA=" })
void signsData(final String message, final String expectedSignature) {
    final SecpArtifactSignature signature = fcSecpArtifactSigner.sign(Bytes.fromBase64String(message));
    assertThat(signature).isInstanceOf(SecpArtifactSignature.class);
    final Signature signatureData = signature.getSignatureData();
    final Bytes signatureValue = Bytes.concatenate(Bytes32.leftPad(Bytes.wrap(ByteUtils.bigIntegerToBytes(signatureData.getR()))), Bytes32.leftPad(Bytes.wrap(ByteUtils.bigIntegerToBytes(signatureData.getS()))), Bytes.wrap(ByteUtils.bigIntegerToBytes(signatureData.getV())));
    assertThat(signatureValue.toBase64String()).isEqualTo(expectedSignature);
}

Also used : Bytes(org.apache.tuweni.bytes.Bytes) Signature(tech.pegasys.signers.secp256k1.api.Signature) CsvSource(org.junit.jupiter.params.provider.CsvSource) ParameterizedTest(org.junit.jupiter.params.ParameterizedTest)

Example 4 with Signature

use of tech.pegasys.signers.secp256k1.api.Signature in project web3signer by ConsenSys.

the class FcSecpArtifactSigner method sign.

@Override
public SecpArtifactSignature sign(final Bytes message) {
    final Bytes dataHash = Blake2b.sum256(message);
    final Signature ethSignature = signer.sign(dataHash.toArray());
    // signer performs an Ethereum signing - thus the "V" value is 27 or 28 (not 0 or 1).
    final Signature fcSignature = new Signature(ethSignature.getV().subtract(BigInteger.valueOf(ETHEREUM_V_OFFSET)), ethSignature.getR(), ethSignature.getS());
    return new SecpArtifactSignature(fcSignature);
}

Also used : Bytes(org.apache.tuweni.bytes.Bytes) Signature(tech.pegasys.signers.secp256k1.api.Signature)

Example 5 with Signature

use of tech.pegasys.signers.secp256k1.api.Signature in project web3signer by ConsenSys.

the class EthSecpArtifactSignerTest method signsData.

@Test
void signsData() {
    final ECKeyPair ecKeyPair = new ECKeyPair(Numeric.toBigInt(PRIVATE_KEY), Numeric.toBigInt(PUBLIC_KEY));
    final Credentials credentials = Credentials.create(ecKeyPair);
    final EthSecpArtifactSigner ethSecpArtifactSigner = new EthSecpArtifactSigner(new CredentialSigner(credentials));
    final Bytes message = Bytes.wrap("Hello, world!".getBytes(UTF_8));
    final SecpArtifactSignature signature = ethSecpArtifactSigner.sign(message);
    final SignatureData expectedSignature = Sign.signMessage(message.toArrayUnsafe(), ecKeyPair);
    final Signature signatureData = signature.getSignatureData();
    assertThat(signatureData.getR()).isEqualTo(Numeric.toBigInt(expectedSignature.getR()));
    assertThat(signatureData.getS()).isEqualTo(Numeric.toBigInt(expectedSignature.getS()));
    assertThat(signatureData.getV()).isEqualTo(Numeric.toBigInt(expectedSignature.getV()));
}

Also used : SignatureData(org.web3j.crypto.Sign.SignatureData) Bytes(org.apache.tuweni.bytes.Bytes) CredentialSigner(tech.pegasys.signers.secp256k1.filebased.CredentialSigner) ECKeyPair(org.web3j.crypto.ECKeyPair) Signature(tech.pegasys.signers.secp256k1.api.Signature) Credentials(org.web3j.crypto.Credentials) Test(org.junit.jupiter.api.Test)

Aggregations

Signature (tech.pegasys.signers.secp256k1.api.Signature)13 Bytes (org.apache.tuweni.bytes.Bytes)10 BigInteger (java.math.BigInteger)3 Test (org.junit.jupiter.api.Test)3 SignatureData (org.web3j.crypto.Sign.SignatureData)3 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)2 CsvSource (org.junit.jupiter.params.provider.CsvSource)2 Credentials (org.web3j.crypto.Credentials)2 ECDSASignature (org.web3j.crypto.ECDSASignature)2 ECKeyPair (org.web3j.crypto.ECKeyPair)2 Signer (tech.pegasys.signers.secp256k1.api.Signer)2 CredentialSigner (tech.pegasys.signers.secp256k1.filebased.CredentialSigner)2 BLSSignature (tech.pegasys.teku.bls.BLSSignature)2 CryptographyClient (com.azure.security.keyvault.keys.cryptography.CryptographyClient)1 SignResult (com.azure.security.keyvault.keys.cryptography.models.SignResult)1 ECPublicKey (java.security.interfaces.ECPublicKey)1 AzureKeyVault (tech.pegasys.signers.azure.AzureKeyVault)1 PublicKeySignerIdentifier (tech.pegasys.signers.secp256k1.common.PublicKeySignerIdentifier)1 SignerInitializationException (tech.pegasys.signers.secp256k1.common.SignerInitializationException)1 BlsArtifactSignature (tech.pegasys.web3signer.core.signing.BlsArtifactSignature)1