ecdsa_ext 0.3.2 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: f677f4ad2748b8deece8f2372fc76ffcbcf0f2e951914ea621a97b7654cf847b
-  data.tar.gz: fd05c8a9404150adb80d34ac25ded983509739c6cdb8e96abc59305c18873629
+  metadata.gz: 84f032825c120367ced4c69a3faf2f25c519b0591a6fe2e6a9ebe21e1456a66b
+  data.tar.gz: af328ff04a086fabaf93652cab94400c95a1dfba85daff6667defca0c112b2a1
 SHA512:
-  metadata.gz: 0b2f252817dbb9f94a6fd0f23dffc2d6351450bf8a7c1a324c8e200e9b7aa573be30af9b2b20c5d2ac9d3ca407a50d3988d74a6f6bebeecf2f622a3577e44f7e
-  data.tar.gz: ef7b1b7db62bc607729cbee51114a6096cc715062d31680ec28af61165f6b95f03a126627c4a69a3ef520520bd0518426cc916f6dc45d633740223d10effb619
+  metadata.gz: c1c83beba1a26a89ba958f0b1f3f75ea48ad4777f252c1430294997cf44385c205559876354fe62d728f714fc162606af4975535c813a18595623d8ed6944d09
+  data.tar.gz: e32b28574ec1c21cc336039e9a66a780784a7a5d3ea2a1fa20796799c2077f24b6db0dcb8853d0b7067bba4b6b41d7196214df10b7175037ab118828a74934ba

data/README.md

@@ -82,4 +82,13 @@ affine_point = projective_point4.to_affine
 Jacobian coordinates have been supported since 0.3.0.
 
 When using Jacobian coordinates, use `ECDSA::Ext::JacobianPoint` instead of `ECDSA::Ext::ProjectivePoint`.
-In addition, `ECDSA::Point` now has a `to_jacobian` method that convert affine coordinates to jacobian coordinates.
+In addition, `ECDSA::Point` now has a `to_jacobian` method that convert affine coordinates to jacobian coordinates.
+
+### Apply jacobian coordinates to existing ECDSA sign/verify
+
+If you want the existing ECDSA gem to generate and verify signatures in Jacobian coordinates,
+add the following code. This code is a monkey patch to do the existing process in Jacobian coordinates.
+
+```ruby
+require 'ecdsa/ext/sign_verify'
+```

data/lib/ecdsa/ext/abstract_point.rb

@@ -0,0 +1,104 @@
+# frozen_string_literal: true
+
+module ECDSA
+  module Ext
+    # Abstract class of point
+    class AbstractPoint
+      attr_reader :group, :x, :y, :z, :infinity
+
+      # Create new instance.
+      # @param [ECDSA::Group] group
+      # @param [Array] args [x, y, z]
+      # @return [ECDSA::Ext::AbstractPoint]
+      def initialize(group, *args)
+        @group = group
+        if args == [:infinity]
+          @infinity = true
+        else
+          @infinity = false
+          @x, @y, @z = args
+          raise ArgumentError, "Invalid x: #{x.inspect}" unless x.is_a?(Integer)
+          raise ArgumentError, "Invalid y: #{y.inspect}" unless y.is_a?(Integer)
+          raise ArgumentError, "Invalid z: #{z.inspect}" unless z.is_a?(Integer)
+        end
+      end
+
+      # Get filed of this group.
+      # @return [ECDSA::PrimeField]
+      def field
+        group.field
+      end
+
+      # Convert coordinates from affine.
+      # @param [ECDSA::Point] point
+      # @return [ECDSA::Ext::AbstractPoint]
+      def self.from_affine(point)
+        if point.infinity?
+          infinity_point(point.group)
+        else
+          new(point.group, point.x, point.y, 1)
+        end
+      end
+
+      # Create infinity point
+      # @return [ECDSA::Ext::AbstractPoint]
+      def self.infinity_point(group)
+        new(group, :infinity)
+      end
+
+      # Check whether infinity point or not.
+      # @return [Boolean]
+      def infinity?
+        @infinity
+      end
+
+      # Return additive inverse of the point.
+      # @return [ECDSA::Ext::AbstractPoint]
+      def negate
+        return self if infinity?
+        self.class.new(group, x, field.mod(-y), z)
+      end
+
+      # Return coordinates.
+      # @return [Array] (x, y , z)
+      def coords
+        [x, y, z]
+      end
+
+      # Return the point multiplied by a non-negative integer.
+      # @param [Integer] x
+      # @return [ECDSA::Ext::ProjectivePoint]
+      def multiply_by_scalar(x)
+        raise ArgumentError, "Scalar is not an integer." unless x.is_a?(Integer)
+        raise ArgumentError, "Scalar is negative." if x.negative?
+
+        q = self.class.infinity_point(group)
+        v = self
+        i = x
+        while i.positive?
+          q = q.add_to_point(v) if i.odd?
+          v = v.double
+          i >>= 1
+        end
+        q
+      end
+      alias * multiply_by_scalar
+
+      def add_to_point(other)
+        raise NotImplementedError
+      end
+
+      def double
+        raise NotImplementedError
+      end
+
+      def to_affine
+        raise NotImplementedError
+      end
+
+      def ==(other)
+        raise NotImplementedError
+      end
+    end
+  end
+end

data/lib/ecdsa/ext/jacobian_point.rb

@@ -3,53 +3,9 @@
 module ECDSA
   module Ext
     # Point of Jacobian coordinates
-    class JacobianPoint
+    class JacobianPoint < AbstractPoint
       include JacobianArithmetic
 
-      attr_reader :group, :x, :y, :z
-
-      # Create new instance of jacobian
-      # @param [ECDSA::Group] group
-      # @param [Array] args [x, y, z]
-      # @return [ECDSA::Ext::ProjectivePoint]
-      def initialize(group, *args)
-        @group = group
-        @x, @y, @z = args
-        raise ArgumentError, "Invalid x: #{x.inspect}" unless x.is_a?(Integer)
-        raise ArgumentError, "Invalid y: #{y.inspect}" unless y.is_a?(Integer)
-        raise ArgumentError, "Invalid z: #{z.inspect}" unless z.is_a?(Integer)
-      end
-
-      # Get filed of this group.
-      # @return [ECDSA::PrimeField]
-      def field
-        group.field
-      end
-
-      # Convert coordinates from affine to jacobian.
-      # @param [ECDSA::Point] point
-      # @return [ECDSA::Ext::JacobianPoint]
-      def self.from_affine(point)
-        if point.infinity?
-          JacobianPoint.infinity(point.group)
-        else
-          new(point.group, point.x, point.y, 1)
-        end
-      end
-
-      # Create infinity point
-      # @return [ECDSA::Ext::JacobianPoint]
-      def self.infinity(group)
-        # new(group, :infinity)
-        new(group, 0, 1, 0)
-      end
-
-      # Check whether infinity point or not.
-      # @return [Boolean]
-      def infinity?
-        x.zero? && y == 1 && z.zero?
-      end
-
       # Add this point to another point on the same curve.
       # @param [ECDSA::Ext::JacobianPoint] other
       # @return [ECDSA::Ext::JacobianPoint]
@@ -65,7 +21,7 @@ module ECDSA
         return self if other.infinity?
 
         if x == other.x && y == field.mod(-other.y) && z == other.z
-          return JacobianPoint.infinity(group)
+          return JacobianPoint.infinity_point(group)
         end
 
         return other if y.zero? || z.zero?
@@ -106,25 +62,6 @@ module ECDSA
         JacobianPoint.new(group, t, y3, z3)
       end
 
-      # Return the point multiplied by a non-negative integer.
-      # @param [Integer] x
-      # @return [ECDSA::Ext::JacobianPoint]
-      def multiply_by_scalar(x)
-        raise ArgumentError, "Scalar is not an integer." unless x.is_a?(Integer)
-        raise ArgumentError, "Scalar is negative." if x.negative?
-
-        q = JacobianPoint.infinity(group)
-        v = self
-        i = x
-        while i.positive?
-          q = q.add_to_point(v) if i.odd?
-          v = v.double
-          i >>= 1
-        end
-        q
-      end
-      alias * multiply_by_scalar
-
       # Convert this coordinates to affine coordinates.
       # @return [ECDSA::Point]
       def to_affine
@@ -139,19 +76,6 @@ module ECDSA
         end
       end
 
-      # Return additive inverse of the point.
-      # @return [ECDSA::Ext::JacobianPoint]
-      def negate
-        return self if infinity?
-        JacobianPoint.new(group, x, field.mod(-y), z)
-      end
-
-      # Return coordinates.
-      # @return [Array] (x, y , z)
-      def coords
-        [x, y, z]
-      end
-
       # Check whether same jacobian point or not.
       # @param [ECDSA::Ext::JacobianPoint] other
       # @return [Boolean]

data/lib/ecdsa/ext/projective_point.rb

@@ -3,53 +3,9 @@
 module ECDSA
   module Ext
     # Representing a point on elliptic curves using projective coordinates.
-    class ProjectivePoint
+    class ProjectivePoint < AbstractPoint
       include ProjectiveArithmetic
 
-      attr_reader :group, :x, :y, :z
-
-      # Create new instance of projective
-      # @param [ECDSA::Group] group
-      # @param [Array] args [x, y, z]
-      # @return [ECDSA::Ext::ProjectivePoint]
-      def initialize(group, *args)
-        @group = group
-        @x, @y, @z = args
-        raise ArgumentError, "Invalid x: #{x.inspect}" unless x.is_a?(Integer)
-        raise ArgumentError, "Invalid y: #{y.inspect}" unless y.is_a?(Integer)
-        raise ArgumentError, "Invalid z: #{z.inspect}" unless z.is_a?(Integer)
-      end
-
-      # Get filed of this group.
-      # @return [ECDSA::PrimeField]
-      def field
-        group.field
-      end
-
-      # Convert coordinates from affine to projective.
-      # @param [ECDSA::Point] point
-      # @return [ECDSA::Ext::ProjectivePoint]
-      def self.from_affine(point)
-        if point.infinity?
-          ProjectivePoint.infinity(point.group)
-        else
-          new(point.group, point.x, point.y, 1)
-        end
-      end
-
-      # Create infinity
-      # @return [ECDSA::Ext::ProjectivePoint]
-      def self.infinity(group)
-        # new(group, :infinity)
-        new(group, 0, 1, 0)
-      end
-
-      # Check whether infinity point or not.
-      # @return [Boolean]
-      def infinity?
-        x.zero? && y == 1 && z.zero?
-      end
-
       # Add this point to another point on the same curve.
       # @param [ECDSA::Ext::ProjectivePoint] other
       # @return [ECDSA::Ext::ProjectivePoint]
@@ -65,7 +21,7 @@ module ECDSA
         return self if other.infinity?
 
         if x == other.x && y == field.mod(-other.y) && z == other.z
-          return ProjectivePoint.infinity(group)
+          return ProjectivePoint.infinity_point(group)
         end
 
         unless x == other.x
@@ -108,38 +64,6 @@ module ECDSA
         end
       end
 
-      # Return the point multiplied by a non-negative integer.
-      # @param [Integer] x
-      # @return [ECDSA::Ext::ProjectivePoint]
-      def multiply_by_scalar(x)
-        raise ArgumentError, "Scalar is not an integer." unless x.is_a?(Integer)
-        raise ArgumentError, "Scalar is negative." if x.negative?
-
-        q = ProjectivePoint.infinity(group)
-        v = self
-        i = x
-        while i.positive?
-          q = q.add_to_point(v) if i.odd?
-          v = v.double
-          i >>= 1
-        end
-        q
-      end
-      alias * multiply_by_scalar
-
-      # Return additive inverse of the point.
-      # @return [ECDSA::Ext::ProjectivePoint]
-      def negate
-        return self if infinity?
-        ProjectivePoint.new(group, x, field.mod(-y), z)
-      end
-
-      # Return coordinates.
-      # @return [Array] (x, y , z)
-      def coords
-        [x, y, z]
-      end
-
       def ==(other)
         return false unless other.is_a?(ProjectivePoint)
         return true if infinity? && other.infinity?

data/lib/ecdsa/ext/sign_verify.rb

@@ -0,0 +1,76 @@
+# frozen_string_literal: true
+
+# A monkey patch to allow signature generation and verification of existing ECDSA with Jacobian coordinates.
+module ECDSA
+  def self.sign(group, private_key, digest, temporary_key)
+    # Second part of step 1: Select ephemeral elliptic curve key pair
+    # temporary_key was already selected for us by the caller
+    r_point = (group.generator.to_jacobian * temporary_key).to_affine
+
+    # Steps 2 and 3
+    point_field = PrimeField.new(group.order)
+    r = point_field.mod(r_point.x)
+    return nil if r.zero?
+
+    # Step 4, calculating the hash, was already performed by the caller.
+
+    # Step 5
+    e = normalize_digest(digest, group.bit_length)
+
+    # Step 6
+    s =
+      point_field.mod(
+        point_field.inverse(temporary_key) * (e + r * private_key)
+      )
+    return nil if s.zero?
+
+    Signature.new r, s
+  end
+
+  def self.check_signature!(public_key, digest, signature)
+    group = public_key.group
+    field = group.field
+
+    # Step 1: r and s must be in the field and non-zero
+    unless field.include?(signature.r)
+      raise InvalidSignatureError, "Invalid signature: r is not in the field."
+    end
+    unless field.include?(signature.s)
+      raise InvalidSignatureError, "Invalid signature: s is not in the field."
+    end
+    if signature.r.zero?
+      raise InvalidSignatureError, "Invalid signature: r is zero."
+    end
+    if signature.s.zero?
+      raise InvalidSignatureError, "Invalid signature: s is zero."
+    end
+
+    # Step 2 was already performed when the digest of the message was computed.
+
+    # Step 3: Convert octet string to number and take leftmost bits.
+    e = normalize_digest(digest, group.bit_length)
+
+    # Step 4
+    point_field = PrimeField.new(group.order)
+    s_inverted = point_field.inverse(signature.s)
+    u1 = point_field.mod(e * s_inverted)
+    u2 = point_field.mod(signature.r * s_inverted)
+
+    # Step 5
+    r =
+      (group.generator.to_jacobian * u1 + public_key.to_jacobian * u2).to_affine
+    if r.infinity?
+      raise InvalidSignatureError, "Invalid signature: r is infinity in step 5."
+    end
+
+    # Steps 6 and 7
+    v = point_field.mod r.x
+
+    # Step 8
+    if v != signature.r
+      raise InvalidSignatureError, "Invalid signature: v does not equal r."
+    end
+
+    true
+  end
+end

data/lib/ecdsa/ext/version.rb

@@ -2,6 +2,6 @@
 
 module ECDSA
   module Ext
-    VERSION = "0.3.2"
+    VERSION = "0.4.0"
   end
 end

data/lib/ecdsa/ext.rb

@@ -4,6 +4,7 @@ require_relative "ext/point"
 module ECDSA
   # Extension for ecdsa gem.
   module Ext
+    autoload :AbstractPoint, "ecdsa/ext/abstract_point"
     autoload :ProjectiveArithmetic, "ecdsa/ext/projective_arithmetic"
     autoload :ProjectivePoint, "ecdsa/ext/projective_point"
     autoload :JacobianArithmetic, "ecdsa/ext/jacobian_arithmetic"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: ecdsa_ext
 version: !ruby/object:Gem::Version
-  version: 0.3.2
+  version: 0.4.0
 platform: ruby
 authors:
 - azuchi
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2023-03-06 00:00:00.000000000 Z
+date: 2023-03-27 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ecdsa
@@ -46,11 +46,13 @@ files:
 - bin/setup
 - ecdsa_ext.gemspec
 - lib/ecdsa/ext.rb
+- lib/ecdsa/ext/abstract_point.rb
 - lib/ecdsa/ext/jacobian_arithmetic.rb
 - lib/ecdsa/ext/jacobian_point.rb
 - lib/ecdsa/ext/point.rb
 - lib/ecdsa/ext/projective_arithmetic.rb
 - lib/ecdsa/ext/projective_point.rb
+- lib/ecdsa/ext/sign_verify.rb
 - lib/ecdsa/ext/version.rb
 - lib/ecdsa_ext.rb
 - sig/ecdsa_ext.rbs