ecdsa 0.1.2 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +14 -3
- data/lib/ecdsa/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: c0121dec834c8271050e3f0ac28a4cabd7992312
|
|
4
|
+
data.tar.gz: 164644a297bbfba485495e665b93fa88b9e038ee
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 8ac219b31a4c03e2d25e0abb85d5c3fef74cca7911e0846f72278cfb7eadb3f1e2592fabacb32419deff5c7f67358a769e22a3a788e960edfdcff40f855e4548
|
|
7
|
+
data.tar.gz: 0fea14c24369c83051b5aacc69cd437eae7426e4f47147f524ea5cedb45809ebfc4bdcabac8896b104bcde09badefa6da8cb4a07c449fa9f27ed0a3a9a527a7d
|
data/README.md
CHANGED
|
@@ -14,6 +14,13 @@ use a pre-existing group object such as `ECDSA::Group::Secp256k1`.
|
|
|
14
14
|
The pre-existing groups can be seen in the `lib/ecdsa/group` folder, and include all the curves
|
|
15
15
|
defined in [SEC2](http://www.secg.org/collateral/sec2_final.pdf) and [NIST's Recommended Elliptic Curves for Federal Government Use](http://csrc.nist.gov/groups/ST/toolkit/documents/dss/NISTReCur.pdf).
|
|
16
16
|
|
|
17
|
+
This gem does not use any randomness; all the algorithms are deterministic.
|
|
18
|
+
In order to sign an ECDSA message, you must generate a secure random number _k_ between 0
|
|
19
|
+
and the order of the group and pass it as an argument to `ECDSA.sign`.
|
|
20
|
+
You should take measures to ensure that you never use the same random number to sign
|
|
21
|
+
two different messages, or else it would be easy for anyone to compute your
|
|
22
|
+
private key from those two signatures.
|
|
23
|
+
|
|
17
24
|
This gem is hosted at the [DavidEGrayson/ruby_ecdsa github repository](https://github.com/DavidEGrayson/ruby_ecdsa).
|
|
18
25
|
|
|
19
26
|
## Current limitations
|
|
@@ -23,7 +30,11 @@ This gem is hosted at the [DavidEGrayson/ruby_ecdsa github repository](https://g
|
|
|
23
30
|
- This gem can only compute square roots in prime fields over a prime _p_
|
|
24
31
|
that is one less than a multiple of 4.
|
|
25
32
|
Computing a square root is required for parsing public keys stored in compressed form.
|
|
26
|
-
- There is no documentation. If you know ECDSA and know how to read
|
|
27
|
-
you can probably figure it out though.
|
|
33
|
+
- There is no documentation. If you know a little bit about ECDSA and know how to read
|
|
34
|
+
Ruby source code, you can probably figure it out though.
|
|
28
35
|
- The algorithms have not been optimized for speed, and will probably never be, because that
|
|
29
|
-
would hinder the goal of helping people understand ECDSA.
|
|
36
|
+
would hinder the goal of helping people understand ECDSA.
|
|
37
|
+
|
|
38
|
+
This gem was not written by a cryptography expert and has not been carefully checked.
|
|
39
|
+
It is provided "as is" and it is the user's responsibility to make sure it will be
|
|
40
|
+
suitable for the desired purpose.
|
data/lib/ecdsa/version.rb
CHANGED