sCrypt 中的 ECDSA 签名验证

sCrypt实现的ECDSA签名验证:超越OP_CHECKSIG
最新推荐文章于 2024-08-23 18:16:20 发布
原创 最新推荐文章于 2024-08-23 18:16:20 发布 · 3.6k 阅读 · 1 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。

本文介绍了如何使用sCrypt语言实现ECDSA签名验证算法,无需额外操作码,与BCH上的OP_DATASIGVERIFY对比,并详细展示了ECDSA验证过程和关键函数。

我们使用 sCrypt 语言实现了 ECDSA 签名验证算法。它可以验证任意消息是否由与给定公钥对应的私钥签名,而 OP_CHECKSIG 只能在消息是当前花费交易时验证签名¹。令人惊讶的是,这是并不需要引入任何新操作码。而在 BCH 上,需要引入额外的操作码 OP_DATASIGVERIFY(又名 OP_CHECKDATASIG))完成相同的功能的。

在这里插入图片描述

椭圆曲线数字签名算法 (ECDSA)

ECDSA 是比特币中用于签名生成和验证的算法。下面列出了验证算法。

在这里插入图片描述

实现

如下所示,我们已经实现了该算法,使用我们之前发布的椭圆曲线库。

首先,我们需要从以 DER 格式编码的签名中提取 rs 分量。由于它们是大端编码,我们必须转换为 小端编码,这就是数据在 Script / sCrypt 中的编码方式。

在这里插入图片描述

在检索到 rs 后,我们只需运行标准的 ECDSA 验证算法。


import "ec.scrypt";
import "util.scrypt";

struct RSPair {
    int r;
    int s;
}

// ECDSA signatures verification for secp256k1, for arbitrary message @msg
contract ECDSA {
    public function verify(Sig sig, PubKey pubKey, bytes msg,
        int invS, Point P, int lambda, Point U1, PointMulAux u1Aux, Point U2, PointMulAux u2Aux) {

        // extract (r, s) from sig
        RSPair rs = parseDERSig(sig);
        int r = rs.r;
        int s = rs.s;
        // within range
        require(r >= 1 && r < EC.n);
        require(s >= 1 && s < EC.n);

        // verify invS
        require((s * invS) % EC.n == 1);
        
        int e = unpack(sha256(msg));
        int u1 = (e * invS) % EC.n;
        int u2 = (r * invS) % EC.n;

        // U1 = u1 * G
        require(EC.isMul(EC.G, u1, U1, u1Aux));

        Point Q = pubKey2Point(pubKey);
        // U2 = u2 * Q
        require(EC.isMul(Q, u2, U2, u2Aux));

        // P == U1 + U2
        require(EC.isSum(U1, U2, lambda, P));
        // cannot be identify
        require(P != EC.ZERO);

        require((P.x - r) % EC.n == 0);
    }

    // parse signature in DER format to get (r, s) pair
    static function parseDERSig(Sig sig) : RSPair {
        int rLen = unpack(sig[3 : 4]);
        int r = fromBESigned(sig[4 : 4 + rLen]);

        int sLen = unpack(sig[6 + rLen : 7 + rLen]);
        int s = fromBESigned(sig[7 + rLen : 7 + rLen + sLen]);

        return { r , s };
    }

    // r & s are signed big endian
    static function fromBESigned(bytes b) : int {
        // convert big-endian to little-endian: either 32 or 33 bytes
        bytes bLE = len(b) == 32 ? reverseBytes(b, 32) : reverseBytes(b, 33);
        return unpack(bLE);
    }

    // convert public key to a point, assuming it's uncompressed
    static function pubKey2Point(PubKey pubKey) : Point {
        require(pubKey[: 1] == b'04');
        return { unpack(pubKey[1 : 33]), unpack(pubKey[33 : 65]) };
    }
}
ECDSA 合约

[1] 更准确地说,它针对 sighash 验证签名。

Rabin 数字签名
aaron67的博客
07-12 1850
https://aaron67.cc/2021/07/10/rabin-signatures/ 本文将详细介绍 Rabin 数字签名的算法细节。在开始之前,你需要对模运算、同余和模逆元的概念有一些了解。 算法过程 质数 ppp 和 qqq,且有 p≡3(mod4)p \equiv 3 \pmod{4}p≡3(mod4),q≡3(mod4)q \equiv 3 \pmod{4}q≡3(mod4)。 组合 (p,q)(p, q)(p,q) 为私钥,两数的乘积 n=pqn = pqn=pq 为对应的公钥。 使.
使用ECDSA密钥对签名验签(ArkTS)
RZer的博客
04-20 645
调用cryptoFramework.createVerify,指定字符串参数’ECC256|SHA256’,创建非对称密钥类型为ECC256、摘要算法为SHA256的Verify实例,用于完成验签操作。调用cryptoFramework.createSign,指定字符串参数’ECC256|SHA256’,创建非对称密钥类型为ECC256、摘要算法为SHA256的Sign实例,用于完成签名操作。调用Sign.update,传入待签名的数据。调用Sign.sign,生成数据签名
ECDSA签名+验签
热门推荐
andylau00j的专栏
08-14 1万+
    ECDSA签名每次结果不同。      原因:ECDSA签名过程中混入随机值,生成签名结果不同。     公钥证书验签没问题。   1. 签名过程     假设要签名的消息是一个字符串:“Hello World!”。DSA签名的第一个步骤是对待签名的消息生成一个消息摘要。不同的签名算法使用不同的消息摘要算法。比如,DSS使用SHA1来生成160比特的摘要,而ECDSA256使用S...
【区块链】椭圆曲线数字签名算法(ECDSA
qq_64585761的博客
04-27 9398
椭圆曲线数字签名算法的原理。
ECDSA算法签名与验签的程序实现
HX_CODER
08-23 2090
ECDSA(Elliptic Curve Digital Signature Algorithm)是一种基于椭圆曲线密码学的数字签名算法。它利用椭圆曲线上的点构成的阿贝尔群的性质,以及椭圆曲线离散对数问题的计算难度来确保签名的安全性。ECDSA的密钥和签名相比RSA等传统算法更短,但提供相同甚至更高的安全性。例如,256位的ECDSA签名具有与3072位的RSA签名相当的安全强度。这里采用PC端验证的,也可直接移植到单片机中,
ECDSA签名【利用ECDSA签名算法实现密码加密】
03-29
ECDSA签名是美国联邦的标准,此加密算法利用签名保存公钥和私钥,代码很简单!
sCrypt 智能合约中访问区块链数据(无需预言机)
sCrypt Web3 应用开发
11-27 4781
智能合约对外部世界一无所知,一般必须依靠预言机来导入外部数据。我们之前已经展示了两种基于 Rabin 签名ECDSA 从预言机导入数据的方法。在本文中,我们将展示如何在没有预言机的情况下访问特定类型的外部数据,即区块链上的数据(例如区块头和交易),同时仍然保持数据完整性。通过允许智能合约以最少信任原则访问链上数据,将为所有新的比特币智能合约提供无限的机会。 访问区块头 顾名思义,比特币区块链由很多个区块链接而成。一个区块有两部分数据:区块头和交易。 一个块和它的头 区块头包含区块的元数据,有六个字段,
精选资源
开发人员实用密码学书:开发人员实用密码学:哈希,MAC,密钥派生,DHKE,对称和非对称密码,公钥密码系统,RSA,椭圆曲线,ECC,secp256k1,ECDH,ECIES,数字签名ECDSA ,EDDSA
02-05
一本关于密码学的现代实用书籍,为开发人员提供了代码示例,涵盖了以下核心概念:哈希(例如SHA-3和BLAKE2), MAC代码(例如HMAC和GMAC),密钥派生功能(例如Scrypt,Argon2),密钥协议(例如DHKE,ECDH),对称...
区块链技术中的哈希原语与数字签名
### 区块链技术中的哈希原语与数字签名 在区块链技术的发展进程中,哈希原语和数字签名扮演着至关重要的角色。它们为区块链的安全性、隐私性和可靠性提供了坚实的保障。...在网络中出现的交易需要经过验证
区块链中的哈希函数与数字签名算法解析
# 区块链中的哈希函数与数字签名算法解析 ## 1. 哈希函数概述 哈希函数在区块链技术中扮演着至关重要的角色,它可以将任意长度的输入转换为固定长度的输出,常用于消息认证、防篡改等场景。接收者可以重新计算消息...
threshold-signaturesECDSA的阈值签名方案
02-05
threshold-signaturesECDSA的阈值签名方案
ECDSA快速验签算法
12-17
快速验签算法,Verification of ECDSA signatures is considerably slower than generation of ECDSA signatures. This paper describes a method that can be used to accelerate verification of ECDSA signatures by more than 40% with virtually no added implementation complexity. The method can also be used to accelerate verification for other ElGamal-like signature algorithms, including DSA
ECDSA 签名 验签
luopandeng的专栏
10-09 419
ECDSA 签名 验签
ECDSA数字签名算法
PUPPET4的博客
04-15 6837
一、ECDSA概述 椭圆曲线数字签名算法(ECDSA)是使用椭圆曲线密码(ECC)对数字签名算法(DSA)的模拟。ECDSA于1999年成为ANSI标准,并于2000年成为IEEE和NIST标准。 它在1998年既已为ISO所接受,并且包含它的其他一些标准亦在ISO的考虑之中。与普通的离散对数问题(discrete logarithm problem DLP)和大数分解问题(integer fac......
ECDSA数字签名算法(java实现ECDSA签名验签)
xujunkai66的博客
03-11 9151
一、ECDSA概述 椭圆曲线数字签名算法(ECDSA)是使用椭圆曲线密码(ECC)对数字签名算法(DSA)的模拟。ECDSA于1999年成为ANSI标准,并于2000年成为IEEE和NIST标准。它在1998年既已为ISO所接受,并且包含它的其他一些标准亦在ISO的考虑之中。与普通的离散对数问题(discrete logarithm problem DLP)和大数分解问题(inte...
密码学系列 - 椭圆曲线 ECDSA - 签名与验签
搬砖魁首的博客
01-06 5347
数字签名的生成 数字签名验证 公钥恢复
ECDSA算法加解密验签
qq_39562689的博客
11-30 1271
前段时间,因为公司业务需求研究了一下加密验签算法,找到了网上一位大佬的研究代码参考 Java中加密算法介绍及其实现 - 枫飘雪落 - 博客园 在大佬的研究中说明中找到了我需要的算法介绍,但是下载了大佬的源码发现没有相关的实现(或者是我没找到?),就自己写了一个,再此处记录一下,也希望能帮到其他需要的同行。 最后附上我写的源码地址:Learning_algorithm: 算法学习 加解密验签算法参考: https://www.cnblogs.com/yanlong300/p/8884150.html
ECDSA 签名的内在延展性(“重放“攻击)学习
Timmbe的博客
08-29 2233
ECDSA 签名内在延展性
理解以太坊签名算法——ECDSA
weixin_43867940的博客
04-20 2960
ECDSA 算法的介绍及其在以太坊中的应用
/* * This file is part of the openHiTLS project. * * openHiTLS is licensed under the Mulan PSL v2. * You can use this software according to the terms and conditions of the Mulan PSL v2. * You may obtain a copy of Mulan PSL v2 at: * * http://license.coscl.org.cn/MulanPSL2 * * THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, * EITHER EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, * MERCHANTABILITY OR FIT FOR A PARTICULAR PURPOSE. * See the Mulan PSL v2 for more details. */ /** * @defgroup crypt * @brief crypto module */ /** * @defgroup crypt_algid * @ingroup crypt * @brief id of algorithms */ #ifndef CRYPT_ALGID_H #define CRYPT_ALGID_H #include "bsl_obj.h" #ifdef __cplusplus extern "C" { #endif // __cplusplus /** * @ingroup crypt_algid * * RAND algorithm ID */ typedef enum { CRYPT_RAND_SHA1 = BSL_CID_RAND_SHA1, CRYPT_RAND_SHA224 = BSL_CID_RAND_SHA224, CRYPT_RAND_SHA256 = BSL_CID_RAND_SHA256, CRYPT_RAND_SHA384 = BSL_CID_RAND_SHA384, CRYPT_RAND_SHA512 = BSL_CID_RAND_SHA512, CRYPT_RAND_HMAC_SHA1 = BSL_CID_RAND_HMAC_SHA1, CRYPT_RAND_HMAC_SHA224 = BSL_CID_RAND_HMAC_SHA224, CRYPT_RAND_HMAC_SHA256 = BSL_CID_RAND_HMAC_SHA256, CRYPT_RAND_HMAC_SHA384 = BSL_CID_RAND_HMAC_SHA384, CRYPT_RAND_HMAC_SHA512 = BSL_CID_RAND_HMAC_SHA512, CRYPT_RAND_AES128_CTR = BSL_CID_RAND_AES128_CTR, CRYPT_RAND_AES192_CTR = BSL_CID_RAND_AES192_CTR, CRYPT_RAND_AES256_CTR = BSL_CID_RAND_AES256_CTR, CRYPT_RAND_AES128_CTR_DF = BSL_CID_RAND_AES128_CTR_DF, CRYPT_RAND_AES192_CTR_DF = BSL_CID_RAND_AES192_CTR_DF, CRYPT_RAND_AES256_CTR_DF = BSL_CID_RAND_AES256_CTR_DF, CRYPT_RAND_SM3 = BSL_CID_RAND_SM3, CRYPT_RAND_SM4_CTR_DF = BSL_CID_RAND_SM4_CTR_DF, CRYPT_RAND_ALGID_MAX = BSL_CID_UNKNOWN } CRYPT_RAND_AlgId; /** * @ingroup crypt_algid * * Hash algorithm ID */ typedef enum { CRYPT_MD_MD5 = BSL_CID_MD5, CRYPT_MD_SHA1 = BSL_CID_SHA1, CRYPT_MD_SHA224 = BSL_CID_SHA224, CRYPT_MD_SHA256 = BSL_CID_SHA256, CRYPT_MD_SHA384 = BSL_CID_SHA384, CRYPT_MD_SHA512 = BSL_CID_SHA512, CRYPT_MD_SHA3_224 = BSL_CID_SHA3_224, CRYPT_MD_SHA3_256 = BSL_CID_SHA3_256, CRYPT_MD_SHA3_384 = BSL_CID_SHA3_384, CRYPT_MD_SHA3_512 = BSL_CID_SHA3_512, CRYPT_MD_SHAKE128 = BSL_CID_SHAKE128, CRYPT_MD_SHAKE256 = BSL_CID_SHAKE256, CRYPT_MD_SM3 = BSL_CID_SM3, CRYPT_MD_MAX = BSL_CID_UNKNOWN } CRYPT_MD_AlgId; /** * @ingroup crypt_algid * * MAC algorithm ID */ typedef enum { CRYPT_MAC_HMAC_MD5 = BSL_CID_HMAC_MD5, CRYPT_MAC_HMAC_SHA1 = BSL_CID_HMAC_SHA1, CRYPT_MAC_HMAC_SHA224 = BSL_CID_HMAC_SHA224, CRYPT_MAC_HMAC_SHA256 = BSL_CID_HMAC_SHA256, CRYPT_MAC_HMAC_SHA384 = BSL_CID_HMAC_SHA384, CRYPT_MAC_HMAC_SHA512 = BSL_CID_HMAC_SHA512, CRYPT_MAC_HMAC_SHA3_224 = BSL_CID_HMAC_SHA3_224, CRYPT_MAC_HMAC_SHA3_256 = BSL_CID_HMAC_SHA3_256, CRYPT_MAC_HMAC_SHA3_384 = BSL_CID_HMAC_SHA3_384, CRYPT_MAC_HMAC_SHA3_512 = BSL_CID_HMAC_SHA3_512, CRYPT_MAC_HMAC_SM3 = BSL_CID_HMAC_SM3, CRYPT_MAC_CMAC_AES128 = BSL_CID_CMAC_AES128, CRYPT_MAC_CMAC_AES192 = BSL_CID_CMAC_AES192, CRYPT_MAC_CMAC_AES256 = BSL_CID_CMAC_AES256, CRYPT_MAC_CMAC_SM4 = BSL_CID_CMAC_SM4, CRYPT_MAC_CBC_MAC_SM4 = BSL_CID_CBC_MAC_SM4, CRYPT_MAC_GMAC_AES128 = BSL_CID_GMAC_AES128, CRYPT_MAC_GMAC_AES192 = BSL_CID_GMAC_AES192, CRYPT_MAC_GMAC_AES256 = BSL_CID_GMAC_AES256, CRYPT_MAC_SIPHASH64 = BSL_CID_SIPHASH64, CRYPT_MAC_SIPHASH128 = BSL_CID_SIPHASH128, CRYPT_MAC_MAX = BSL_CID_UNKNOWN } CRYPT_MAC_AlgId; /** * @ingroup crypt_algid * * Asymmetric algorithm ID */ typedef enum { CRYPT_PKEY_DSA = BSL_CID_DSA, CRYPT_PKEY_ED25519 = BSL_CID_ED25519, CRYPT_PKEY_X25519 = BSL_CID_X25519, CRYPT_PKEY_RSA = BSL_CID_RSA, CRYPT_PKEY_DH = BSL_CID_DH, CRYPT_PKEY_ECDSA = BSL_CID_ECDSA, CRYPT_PKEY_ECDH = BSL_CID_ECDH, CRYPT_PKEY_SM2 = BSL_CID_SM2DSA, CRYPT_PKEY_PAILLIER = BSL_CID_PAILLIER, CRYPT_PKEY_ELGAMAL = BSL_CID_ELGAMAL, CRYPT_PKEY_SLH_DSA = BSL_CID_SLH_DSA, CRYPT_PKEY_ML_KEM = BSL_CID_ML_KEM, CRYPT_PKEY_ML_DSA = BSL_CID_ML_DSA, CRYPT_PKEY_HYBRID_KEM = BSL_CID_HYBRID_KEM, CRYPT_PKEY_XMSS = BSL_CID_XMSS, CRYPT_PKEY_MAX = BSL_CID_UNKNOWN } CRYPT_PKEY_AlgId; /** * @ingroup cipher_algid * @brief Symmetric algorithm mode ID * * There is a mapping relationship with the g_ealCipherMethod list. Attention any modification must be synchronized. */ typedef enum { CRYPT_CIPHER_AES128_CBC = BSL_CID_AES128_CBC, CRYPT_CIPHER_AES192_CBC = BSL_CID_AES192_CBC, CRYPT_CIPHER_AES256_CBC = BSL_CID_AES256_CBC, CRYPT_CIPHER_AES128_CTR = BSL_CID_AES128_CTR, CRYPT_CIPHER_AES192_CTR = BSL_CID_AES192_CTR, CRYPT_CIPHER_AES256_CTR = BSL_CID_AES256_CTR, CRYPT_CIPHER_AES128_ECB = BSL_CID_AES128_ECB, CRYPT_CIPHER_AES192_ECB = BSL_CID_AES192_ECB, CRYPT_CIPHER_AES256_ECB = BSL_CID_AES256_ECB, CRYPT_CIPHER_AES128_XTS = BSL_CID_AES128_XTS, CRYPT_CIPHER_AES256_XTS = BSL_CID_AES256_XTS, CRYPT_CIPHER_AES128_CCM = BSL_CID_AES128_CCM, CRYPT_CIPHER_AES192_CCM = BSL_CID_AES192_CCM, CRYPT_CIPHER_AES256_CCM = BSL_CID_AES256_CCM, CRYPT_CIPHER_AES128_GCM = BSL_CID_AES128_GCM, CRYPT_CIPHER_AES192_GCM = BSL_CID_AES192_GCM, CRYPT_CIPHER_AES256_GCM = BSL_CID_AES256_GCM, CRYPT_CIPHER_CHACHA20_POLY1305 = BSL_CID_CHACHA20_POLY1305, CRYPT_CIPHER_SM4_XTS = BSL_CID_SM4_XTS, CRYPT_CIPHER_SM4_CBC = BSL_CID_SM4_CBC, CRYPT_CIPHER_SM4_ECB = BSL_CID_SM4_ECB, CRYPT_CIPHER_SM4_CTR = BSL_CID_SM4_CTR, CRYPT_CIPHER_SM4_GCM = BSL_CID_SM4_GCM, CRYPT_CIPHER_SM4_CFB = BSL_CID_SM4_CFB, CRYPT_CIPHER_SM4_OFB = BSL_CID_SM4_OFB, CRYPT_CIPHER_AES128_CFB = BSL_CID_AES128_CFB, CRYPT_CIPHER_AES192_CFB = BSL_CID_AES192_CFB, CRYPT_CIPHER_AES256_CFB = BSL_CID_AES256_CFB, CRYPT_CIPHER_AES128_OFB = BSL_CID_AES128_OFB, CRYPT_CIPHER_AES192_OFB = BSL_CID_AES192_OFB, CRYPT_CIPHER_AES256_OFB = BSL_CID_AES256_OFB, CRYPT_CIPHER_MAX = BSL_CID_UNKNOWN, } CRYPT_CIPHER_AlgId; /** * @ingroup crypt_algid * * Parameter ID of an asymmetric algorithm. The most significant 16 bits indicate the algorithm ID, * and the least significant 16 bits map the ID definition of the algorithm LowLevel. */ typedef enum { CRYPT_DH_RFC2409_768 = BSL_CID_DH_RFC2409_768, CRYPT_DH_RFC2409_1024 = BSL_CID_DH_RFC2409_1024, CRYPT_DH_RFC3526_1536 = BSL_CID_DH_RFC3526_1536, CRYPT_DH_RFC3526_2048 = BSL_CID_DH_RFC3526_2048, CRYPT_DH_RFC3526_3072 = BSL_CID_DH_RFC3526_3072, CRYPT_DH_RFC3526_4096 = BSL_CID_DH_RFC3526_4096, CRYPT_DH_RFC3526_6144 = BSL_CID_DH_RFC3526_6144, CRYPT_DH_RFC3526_8192 = BSL_CID_DH_RFC3526_8192, CRYPT_DH_RFC7919_2048 = BSL_CID_DH_RFC7919_2048, CRYPT_DH_RFC7919_3072 = BSL_CID_DH_RFC7919_3072, CRYPT_DH_RFC7919_4096 = BSL_CID_DH_RFC7919_4096, CRYPT_DH_RFC7919_6144 = BSL_CID_DH_RFC7919_6144, CRYPT_DH_RFC7919_8192 = BSL_CID_DH_RFC7919_8192, CRYPT_ECC_NISTP224 = BSL_CID_NIST_PRIME224, CRYPT_ECC_NISTP256 = BSL_CID_PRIME256V1, CRYPT_ECC_NISTP384 = BSL_CID_SECP384R1, CRYPT_ECC_NISTP521 = BSL_CID_SECP521R1, CRYPT_ECC_BRAINPOOLP256R1 = BSL_CID_ECC_BRAINPOOLP256R1, CRYPT_ECC_BRAINPOOLP384R1 = BSL_CID_ECC_BRAINPOOLP384R1, CRYPT_ECC_BRAINPOOLP512R1 = BSL_CID_ECC_BRAINPOOLP512R1, CRYPT_ECC_SM2 = BSL_CID_SM2PRIME256, CRYPT_HYBRID_X25519_MLKEM512 = BSL_CID_X25519_MLKEM512, CRYPT_HYBRID_X25519_MLKEM768 = BSL_CID_X25519_MLKEM768, CRYPT_HYBRID_X25519_MLKEM1024 = BSL_CID_X25519_MLKEM1024, CRYPT_HYBRID_ECDH_NISTP256_MLKEM512 = BSL_CID_ECDH_NISTP256_MLKEM512, CRYPT_HYBRID_ECDH_NISTP256_MLKEM768 = BSL_CID_ECDH_NISTP256_MLKEM768, CRYPT_HYBRID_ECDH_NISTP256_MLKEM1024 = BSL_CID_ECDH_NISTP256_MLKEM1024, CRYPT_HYBRID_ECDH_NISTP384_MLKEM512 = BSL_CID_ECDH_NISTP384_MLKEM512, CRYPT_HYBRID_ECDH_NISTP384_MLKEM768 = BSL_CID_ECDH_NISTP384_MLKEM768, CRYPT_HYBRID_ECDH_NISTP384_MLKEM1024 = BSL_CID_ECDH_NISTP384_MLKEM1024, CRYPT_HYBRID_ECDH_NISTP521_MLKEM512 = BSL_CID_ECDH_NISTP521_MLKEM512, CRYPT_HYBRID_ECDH_NISTP521_MLKEM768 = BSL_CID_ECDH_NISTP521_MLKEM768, CRYPT_HYBRID_ECDH_NISTP521_MLKEM1024 = BSL_CID_ECDH_NISTP521_MLKEM1024, CRYPT_MLDSA_TYPE_MLDSA_44 = BSL_CID_ML_DSA_44, CRYPT_MLDSA_TYPE_MLDSA_65 = BSL_CID_ML_DSA_65, CRYPT_MLDSA_TYPE_MLDSA_87 = BSL_CID_ML_DSA_87, CRYPT_KEM_TYPE_MLKEM_512 = BSL_CID_ML_KEM_512, CRYPT_KEM_TYPE_MLKEM_768 = BSL_CID_ML_KEM_768, CRYPT_KEM_TYPE_MLKEM_1024 = BSL_CID_ML_KEM_1024, CRYPT_SLH_DSA_SHA2_128S = BSL_CID_SLH_DSA_SHA2_128S, CRYPT_SLH_DSA_SHAKE_128S = BSL_CID_SLH_DSA_SHAKE_128S, CRYPT_SLH_DSA_SHA2_128F = BSL_CID_SLH_DSA_SHA2_128F, CRYPT_SLH_DSA_SHAKE_128F = BSL_CID_SLH_DSA_SHAKE_128F, CRYPT_SLH_DSA_SHA2_192S = BSL_CID_SLH_DSA_SHA2_192S, CRYPT_SLH_DSA_SHAKE_192S = BSL_CID_SLH_DSA_SHAKE_192S, CRYPT_SLH_DSA_SHA2_192F = BSL_CID_SLH_DSA_SHA2_192F, CRYPT_SLH_DSA_SHAKE_192F = BSL_CID_SLH_DSA_SHAKE_192F, CRYPT_SLH_DSA_SHA2_256S = BSL_CID_SLH_DSA_SHA2_256S, CRYPT_SLH_DSA_SHAKE_256S = BSL_CID_SLH_DSA_SHAKE_256S, CRYPT_SLH_DSA_SHA2_256F = BSL_CID_SLH_DSA_SHA2_256F, CRYPT_SLH_DSA_SHAKE_256F = BSL_CID_SLH_DSA_SHAKE_256F, CRYPT_XMSS_SHA2_10_256 = BSL_CID_XMSS_SHA2_10_256, CRYPT_XMSS_SHA2_16_256 = BSL_CID_XMSS_SHA2_16_256, CRYPT_XMSS_SHA2_20_256 = BSL_CID_XMSS_SHA2_20_256, CRYPT_XMSS_SHA2_10_512 = BSL_CID_XMSS_SHA2_10_512, CRYPT_XMSS_SHA2_16_512 = BSL_CID_XMSS_SHA2_16_512, CRYPT_XMSS_SHA2_20_512 = BSL_CID_XMSS_SHA2_20_512, CRYPT_XMSS_SHAKE_10_256 = BSL_CID_XMSS_SHAKE_10_256, CRYPT_XMSS_SHAKE_16_256 = BSL_CID_XMSS_SHAKE_16_256, CRYPT_XMSS_SHAKE_20_256 = BSL_CID_XMSS_SHAKE_20_256, CRYPT_XMSS_SHAKE_10_512 = BSL_CID_XMSS_SHAKE_10_512, CRYPT_XMSS_SHAKE_16_512 = BSL_CID_XMSS_SHAKE_16_512, CRYPT_XMSS_SHAKE_20_512 = BSL_CID_XMSS_SHAKE_20_512, CRYPT_XMSS_SHA2_10_192 = BSL_CID_XMSS_SHA2_10_192, CRYPT_XMSS_SHA2_16_192 = BSL_CID_XMSS_SHA2_16_192, CRYPT_XMSS_SHA2_20_192 = BSL_CID_XMSS_SHA2_20_192, CRYPT_XMSS_SHAKE256_10_256 = BSL_CID_XMSS_SHAKE256_10_256, CRYPT_XMSS_SHAKE256_16_256 = BSL_CID_XMSS_SHAKE256_16_256, CRYPT_XMSS_SHAKE256_20_256 = BSL_CID_XMSS_SHAKE256_20_256, CRYPT_XMSS_SHAKE256_10_192 = BSL_CID_XMSS_SHAKE256_10_192, CRYPT_XMSS_SHAKE256_16_192 = BSL_CID_XMSS_SHAKE256_16_192, CRYPT_XMSS_SHAKE256_20_192 = BSL_CID_XMSS_SHAKE256_20_192, CRYPT_XMSSMT_SHA2_20_2_256 = BSL_CID_XMSSMT_SHA2_20_2_256, CRYPT_XMSSMT_SHA2_20_4_256 = BSL_CID_XMSSMT_SHA2_20_4_256, CRYPT_XMSSMT_SHA2_40_2_256 = BSL_CID_XMSSMT_SHA2_40_2_256, CRYPT_XMSSMT_SHA2_40_4_256 = BSL_CID_XMSSMT_SHA2_40_4_256, CRYPT_XMSSMT_SHA2_40_8_256 = BSL_CID_XMSSMT_SHA2_40_8_256, CRYPT_XMSSMT_SHA2_60_3_256 = BSL_CID_XMSSMT_SHA2_60_3_256, CRYPT_XMSSMT_SHA2_60_6_256 = BSL_CID_XMSSMT_SHA2_60_6_256, CRYPT_XMSSMT_SHA2_60_12_256 = BSL_CID_XMSSMT_SHA2_60_12_256, CRYPT_XMSSMT_SHA2_20_2_512 = BSL_CID_XMSSMT_SHA2_20_2_512, CRYPT_XMSSMT_SHA2_20_4_512 = BSL_CID_XMSSMT_SHA2_20_4_512, CRYPT_XMSSMT_SHA2_40_2_512 = BSL_CID_XMSSMT_SHA2_40_2_512, CRYPT_XMSSMT_SHA2_40_4_512 = BSL_CID_XMSSMT_SHA2_40_4_512, CRYPT_XMSSMT_SHA2_40_8_512 = BSL_CID_XMSSMT_SHA2_40_8_512, CRYPT_XMSSMT_SHA2_60_3_512 = BSL_CID_XMSSMT_SHA2_60_3_512, CRYPT_XMSSMT_SHA2_60_6_512 = BSL_CID_XMSSMT_SHA2_60_6_512, CRYPT_XMSSMT_SHA2_60_12_512 = BSL_CID_XMSSMT_SHA2_60_12_512, CRYPT_XMSSMT_SHAKE_20_2_256 = BSL_CID_XMSSMT_SHAKE_20_2_256, CRYPT_XMSSMT_SHAKE_20_4_256 = BSL_CID_XMSSMT_SHAKE_20_4_256, CRYPT_XMSSMT_SHAKE_40_2_256 = BSL_CID_XMSSMT_SHAKE_40_2_256, CRYPT_XMSSMT_SHAKE_40_4_256 = BSL_CID_XMSSMT_SHAKE_40_4_256, CRYPT_XMSSMT_SHAKE_40_8_256 = BSL_CID_XMSSMT_SHAKE_40_8_256, CRYPT_XMSSMT_SHAKE_60_3_256 = BSL_CID_XMSSMT_SHAKE_60_3_256, CRYPT_XMSSMT_SHAKE_60_6_256 = BSL_CID_XMSSMT_SHAKE_60_6_256, CRYPT_XMSSMT_SHAKE_60_12_256 = BSL_CID_XMSSMT_SHAKE_60_12_256, CRYPT_XMSSMT_SHAKE_20_2_512 = BSL_CID_XMSSMT_SHAKE_20_2_512, CRYPT_XMSSMT_SHAKE_20_4_512 = BSL_CID_XMSSMT_SHAKE_20_4_512, CRYPT_XMSSMT_SHAKE_40_2_512 = BSL_CID_XMSSMT_SHAKE_40_2_512, CRYPT_XMSSMT_SHAKE_40_4_512 = BSL_CID_XMSSMT_SHAKE_40_4_512, CRYPT_XMSSMT_SHAKE_40_8_512 = BSL_CID_XMSSMT_SHAKE_40_8_512, CRYPT_XMSSMT_SHAKE_60_3_512 = BSL_CID_XMSSMT_SHAKE_60_3_512, CRYPT_XMSSMT_SHAKE_60_6_512 = BSL_CID_XMSSMT_SHAKE_60_6_512, CRYPT_XMSSMT_SHAKE_60_12_512 = BSL_CID_XMSSMT_SHAKE_60_12_512, CRYPT_XMSSMT_SHA2_20_2_192 = BSL_CID_XMSSMT_SHA2_20_2_192, CRYPT_XMSSMT_SHA2_20_4_192 = BSL_CID_XMSSMT_SHA2_20_4_192, CRYPT_XMSSMT_SHA2_40_2_192 = BSL_CID_XMSSMT_SHA2_40_2_192, CRYPT_XMSSMT_SHA2_40_4_192 = BSL_CID_XMSSMT_SHA2_40_4_192, CRYPT_XMSSMT_SHA2_40_8_192 = BSL_CID_XMSSMT_SHA2_40_8_192, CRYPT_XMSSMT_SHA2_60_3_192 = BSL_CID_XMSSMT_SHA2_60_3_192, CRYPT_XMSSMT_SHA2_60_6_192 = BSL_CID_XMSSMT_SHA2_60_6_192, CRYPT_XMSSMT_SHA2_60_12_192 = BSL_CID_XMSSMT_SHA2_60_12_192, CRYPT_XMSSMT_SHAKE256_20_2_256 = BSL_CID_XMSSMT_SHAKE256_20_2_256, CRYPT_XMSSMT_SHAKE256_20_4_256 = BSL_CID_XMSSMT_SHAKE256_20_4_256, CRYPT_XMSSMT_SHAKE256_40_2_256 = BSL_CID_XMSSMT_SHAKE256_40_2_256, CRYPT_XMSSMT_SHAKE256_40_4_256 = BSL_CID_XMSSMT_SHAKE256_40_4_256, CRYPT_XMSSMT_SHAKE256_40_8_256 = BSL_CID_XMSSMT_SHAKE256_40_8_256, CRYPT_XMSSMT_SHAKE256_60_3_256 = BSL_CID_XMSSMT_SHAKE256_60_3_256, CRYPT_XMSSMT_SHAKE256_60_6_256 = BSL_CID_XMSSMT_SHAKE256_60_6_256, CRYPT_XMSSMT_SHAKE256_60_12_256 = BSL_CID_XMSSMT_SHAKE256_60_12_256, CRYPT_XMSSMT_SHAKE256_20_2_192 = BSL_CID_XMSSMT_SHAKE256_20_2_192, CRYPT_XMSSMT_SHAKE256_20_4_192 = BSL_CID_XMSSMT_SHAKE256_20_4_192, CRYPT_XMSSMT_SHAKE256_40_2_192 = BSL_CID_XMSSMT_SHAKE256_40_2_192, CRYPT_XMSSMT_SHAKE256_40_4_192 = BSL_CID_XMSSMT_SHAKE256_40_4_192, CRYPT_XMSSMT_SHAKE256_40_8_192 = BSL_CID_XMSSMT_SHAKE256_40_8_192, CRYPT_XMSSMT_SHAKE256_60_3_192 = BSL_CID_XMSSMT_SHAKE256_60_3_192, CRYPT_XMSSMT_SHAKE256_60_6_192 = BSL_CID_XMSSMT_SHAKE256_60_6_192, CRYPT_XMSSMT_SHAKE256_60_12_192 = BSL_CID_XMSSMT_SHAKE256_60_12_192, CRYPT_PKEY_PARAID_MAX = BSL_CID_UNKNOWN } CRYPT_PKEY_ParaId; /** * @ingroup crypt_algid * * Elliptic Curve Point Encoding Format */ typedef enum { CRYPT_POINT_COMPRESSED, CRYPT_POINT_UNCOMPRESSED, /**< default format. */ CRYPT_POINT_HYBRID, CRYPT_POINT_MAX } CRYPT_PKEY_PointFormat; /** * @ingroup crypt_algid * * KDF algorithm ID */ typedef enum { CRYPT_KDF_SCRYPT = BSL_CID_SCRYPT, CRYPT_KDF_PBKDF2 = BSL_CID_PBKDF2, CRYPT_KDF_KDFTLS12 = BSL_CID_KDFTLS12, CRYPT_KDF_HKDF = BSL_CID_HKDF, CRYPT_KDF_MAX = BSL_CID_UNKNOWN } CRYPT_KDF_AlgId; #ifdef __cplusplus } #endif // __cplusplus #endif // CRYPT_ALGID_H 所有的头文件在这里,根据openHiTLS库再写一个RSA-2048签名验签的demo
最新发布
09-07
printf("✗ 签名验证失败 (错误码:0x%x)\n", ret); } cleanup: // 7. 清理资源 if (rsa_ctx) openHiTLS_RSA_free(rsa_ctx); openHiTLS_crypto_cleanup(); return (ret == OPENHITLS_SUCCESS) ? 0 : 1; } ``` ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

sCrypt Web3应用开发

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值