标签：私钥 临时 data curve sigs 密钥 arg type ecdsa

#!/usr/bin/env python3

# Random demo data generator for Lattice ECDSA Attack
# Copyright (C) 2021  Antoine Ferron - BitLogiK
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program.  If not, see <https://www.gnu.org/licenses/>.
#

#python命令行、随机数、json库
import argparse
import random
import json
#椭圆曲线数字签名算法基本计算的函数
import ecdsa_lib

#生成签名
def generates_signatures(number_sigs, message, kbits, data_type, curve):
    print("准备数据中……")
    #设立私钥是d_key
    d_key = random.randrange(ecdsa_lib.curve_n(curve))
    print("私钥已经被设定（随机生成）:")
    print(hex(d_key))
    #签名
    sigs = []
    sz_curve = ecdsa_lib.curve_size(curve)
    kbi = int(2 ** kbits)
    print(f"利用 {curve.upper()} 生成 {number_sigs} 个签名 ")
    print(f" 在 ({data_type}) 个临时密钥中泄露 {kbits} 比特 ……")
    if message is not None:
        msg = message.encode("utf8")
        #一直用sha256对消息生成消息摘要
        hash_int = ecdsa_lib.sha2_int(msg)
    for _ in range(number_sigs):
        if message is None:
            hash_int = random.randrange(ecdsa_lib.curve_n(curve))
        #计算签名信息
        sig_info = ecdsa_lib.ecdsa_sign_kout(hash_int, d_key, curve)
        # pack and save data as : r, s, k%(2^bits) (partial k : "kp")
        sigs.append(
            {
                "r": sig_info[0],
                "s": sig_info[1],
                "kp": sig_info[2] % kbi
                if data_type == "LSB"
                else sig_info[2] >> (sz_curve - kbits),
            }
        )
        if message is None:
            sigs[-1]["hash"] = hash_int
    ret = {
        "curve": curve.upper(),
        "public_key": ecdsa_lib.privkey_to_pubkey(d_key, curve),
        "known_type": data_type,
        "known_bits": kbits,
        "signatures": sigs,
    }
    if message is not None:
        ret["message"] = list(msg)
    return ret

#主函数
if __name__ == "__main__":
    parser = argparse.ArgumentParser(
        description="为对ECDSA实行攻击产生随机数。"
    )
    parser.add_argument(
        "-f",
        default="data.json",
        help="File name output",
        metavar="fileout",
    )
    parser.add_argument(
        "-m",
        help="Message string",
        metavar="msg",
    )
    parser.add_argument(
        "-c", default="secp256k1", help="Elliptic curve name", metavar="curve"
    )
    parser.add_argument(
        "-b",
        default=6,
        type=int,
        help="Number of known bits (at least 4)",
        metavar="nbits",
    )
    parser.add_argument(
        "-t", default="LSB", help="bits type : MSB or LSB", metavar="type"
    )
    parser.add_argument(
        "-n",
        default=1000,
        type=int,
        help="Number of signatures to generate",
        metavar="num",
    )
    arg = parser.parse_args()
    sigs_data = generates_signatures(arg.n, arg.m, arg.b, arg.t, arg.c)
    with open(arg.f, "w") as fout:
        json.dump(sigs_data, fout)
    print(f"文件 {arg.f} 写入所有数据……")

标签：私钥,临时,data,curve,sigs,密钥,arg,type,ecdsa
来源： https://blog.csdn.net/weixin_45454398/article/details/123594318

本站声明： 1. iCode9 技术分享网（下文简称本站）提供的所有内容，仅供技术学习、探讨和分享；
2. 关于本站的所有留言、评论、转载及引用，纯属内容发起人的个人观点，与本站观点和立场无关；
3. 关于本站的所有言论和文字，纯属内容发起人的个人观点，与本站观点和立场无关；
4. 本站文章均是网友提供，不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属；如您发现该文章侵犯了您的权益，可联系我们第一时间进行删除；
5. 本站为非盈利性的个人网站，所有内容不会用来进行牟利，也不会利用任何形式的广告来间接获益，纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。