Python ECDSA Same Public Key(generated with ecdsa.VerifyingKey) 不验证
Python ECDSA Same Public Key(generated with ecdsa.VerifyingKey) Does not verify
如果我直接从使用 sk.get_verifying_key()
的签名密钥生成 public 密钥
它工作正常并验证它,但是如果我出于某种原因尝试使用 ecdsa.VerifyingKey.from_string 手动创建 public 密钥,它不会验证它并且 returns 错误。
复制粘贴下面的代码,运行你会发现奇怪的区别
import random
import string
import sys
import ecdsa
import hashlib
import binascii
# randomly generate secret and public keys
sk = ecdsa.SigningKey.generate(curve=ecdsa.NIST256p, hashfunc = hashlib.sha256)
pk = sk.get_verifying_key()
publicKeyVerifyObject = ecdsa.VerifyingKey.from_string(bytes.fromhex(binascii.hexlify(pk.to_string()).decode('utf-8')), curve=ecdsa.NIST256p)
print("public key:", binascii.hexlify(pk.to_string()))
print("public key:", binascii.hexlify(publicKeyVerifyObject.to_string()))
# a message to sign
name = "lastpeony"
# signature of the message
signature = sk.sign(name.encode('utf-8'))
#first test
try:
print (publicKeyVerifyObject.verify(signature, name.encode('utf-8')))
except ecdsa.BadSignatureError:
print (False)
#second test
try:
print (pk.verify(signature, name.encode('utf-8')))
except ecdsa.BadSignatureError:
print (False)
我期望的是两个测试的 True True 输出。
您在 publicKeyVerifyObject 中缺少 hashfunc = hashlib.sha256,默认为 sha1。
尝试
publicKeyVerifyObject = ecdsa.VerifyingKey.from_string(bytes.fromhex(binascii.hexlify(pk.to_string()).decode('utf-8')), curve=ecdsa.NIST256p, hashfunc = hashlib.sha256)
结果:
public key: b'659ee7dcc3905b7be2969ec1c09824d81d85f54202865eeee3e5a950f585d092b90727759bded7caad24825a501e6e4bf2cb05726d9a153de7a3cc3a58ccc7c7'
public key: b'659ee7dcc3905b7be2969ec1c09824d81d85f54202865eeee3e5a950f585d092b90727759bded7caad24825a501e6e4bf2cb05726d9a153de7a3cc3a58ccc7c7'
True
True
如果我直接从使用 sk.get_verifying_key()
它工作正常并验证它,但是如果我出于某种原因尝试使用 ecdsa.VerifyingKey.from_string 手动创建 public 密钥,它不会验证它并且 returns 错误。
复制粘贴下面的代码,运行你会发现奇怪的区别
import random
import string
import sys
import ecdsa
import hashlib
import binascii
# randomly generate secret and public keys
sk = ecdsa.SigningKey.generate(curve=ecdsa.NIST256p, hashfunc = hashlib.sha256)
pk = sk.get_verifying_key()
publicKeyVerifyObject = ecdsa.VerifyingKey.from_string(bytes.fromhex(binascii.hexlify(pk.to_string()).decode('utf-8')), curve=ecdsa.NIST256p)
print("public key:", binascii.hexlify(pk.to_string()))
print("public key:", binascii.hexlify(publicKeyVerifyObject.to_string()))
# a message to sign
name = "lastpeony"
# signature of the message
signature = sk.sign(name.encode('utf-8'))
#first test
try:
print (publicKeyVerifyObject.verify(signature, name.encode('utf-8')))
except ecdsa.BadSignatureError:
print (False)
#second test
try:
print (pk.verify(signature, name.encode('utf-8')))
except ecdsa.BadSignatureError:
print (False)
我期望的是两个测试的 True True 输出。
您在 publicKeyVerifyObject 中缺少 hashfunc = hashlib.sha256,默认为 sha1。
尝试
publicKeyVerifyObject = ecdsa.VerifyingKey.from_string(bytes.fromhex(binascii.hexlify(pk.to_string()).decode('utf-8')), curve=ecdsa.NIST256p, hashfunc = hashlib.sha256)
结果:
public key: b'659ee7dcc3905b7be2969ec1c09824d81d85f54202865eeee3e5a950f585d092b90727759bded7caad24825a501e6e4bf2cb05726d9a153de7a3cc3a58ccc7c7'
public key: b'659ee7dcc3905b7be2969ec1c09824d81d85f54202865eeee3e5a950f585d092b90727759bded7caad24825a501e6e4bf2cb05726d9a153de7a3cc3a58ccc7c7'
True
True