Class: CryptoToolchain::Tools::DSARecoverNonceFromSignatures

Inherits:

Object

Object
CryptoToolchain::Tools::DSARecoverNonceFromSignatures

show all

Defined in:: lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb

Overview

Recovers private key from message signatures signed with the same nonce (k) This means that they have the same r values

Defined Under Namespace

Classes: Input

Instance Attribute Summary collapse

#q ⇒ Object readonly

Returns the value of attribute q.
#targets ⇒ Object readonly

Returns the value of attribute targets.

Instance Method Summary collapse

#execute(params: true) ⇒ Object
#initialize(inputs, q: DSA_Q) ⇒ DSARecoverNonceFromSignatures constructor

A new instance of DSARecoverNonceFromSignatures.
#targets_for(inputs) ⇒ Object
#validate_targets! ⇒ Object

Constructor Details

#initialize(inputs, q: DSA_Q) ⇒ `DSARecoverNonceFromSignatures`

Returns a new instance of DSARecoverNonceFromSignatures.

# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 16

def initialize(inputs, q: DSA_Q)
  @targets = targets_for(inputs)
  validate_targets!
  @q = q
end

Instance Attribute Details

#q ⇒ `Object` (readonly)

Returns the value of attribute q.



21
22
23

# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 21

def q
  @q
end

#targets ⇒ `Object` (readonly)

Returns the value of attribute targets.



21
22
23

# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 21

def targets
  @targets
end

Instance Method Details

#execute(params: true) ⇒ `Object`

# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 23

def execute(params: true)
  t1 = targets.first
  t2 = targets.last
  m1 = t1.hash.hex
  m2 = t2.hash.hex
  s1 = t1.s
  s2 = t2.s
  # (a + b) mod n = [(a mod n) + (b mod n)] mod n.
  top = (m1 - m2) % q
  k = top * (s1 - s2).invmod(q)
  # numerator = ((m1 % q) - (m2 % q)) % q
  k
end

#targets_for(inputs) ⇒ `Object`

# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 44

def targets_for(inputs)
  inputs.
    group_by {|inp| inp.r }.
    select {|k, v| v.length > 1 }.
    values.
    first
end

#validate_targets! ⇒ `Object`

# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 37

def validate_targets!
  r1 = targets.first.r
  targets[1..-1].each do |t|
    raise ArgumentError.new("All r-values must be identical") unless t.r == r1
  end
end