Class: CryptoToolchain::Tools::DSARecoverNonceFromSignatures
- Defined in:
- lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb
Overview
Recovers private key from message signatures signed with the same nonce (k) This means that they have the same r values
Defined Under Namespace
Classes: Input
Instance Attribute Summary collapse
-
#q ⇒ Object
readonly
Returns the value of attribute q.
-
#targets ⇒ Object
readonly
Returns the value of attribute targets.
Instance Method Summary collapse
- #execute(params: true) ⇒ Object
-
#initialize(inputs, q: DSA_Q) ⇒ DSARecoverNonceFromSignatures
constructor
A new instance of DSARecoverNonceFromSignatures.
- #targets_for(inputs) ⇒ Object
- #validate_targets! ⇒ Object
Constructor Details
#initialize(inputs, q: DSA_Q) ⇒ DSARecoverNonceFromSignatures
Returns a new instance of DSARecoverNonceFromSignatures.
16 17 18 19 20 |
# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 16 def initialize(inputs, q: DSA_Q) @targets = targets_for(inputs) validate_targets! @q = q end |
Instance Attribute Details
#q ⇒ Object (readonly)
Returns the value of attribute q.
21 22 23 |
# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 21 def q @q end |
#targets ⇒ Object (readonly)
Returns the value of attribute targets.
21 22 23 |
# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 21 def targets @targets end |
Instance Method Details
#execute(params: true) ⇒ Object
23 24 25 26 27 28 29 30 31 32 33 34 35 |
# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 23 def execute(params: true) t1 = targets.first t2 = targets.last m1 = t1.hash.hex m2 = t2.hash.hex s1 = t1.s s2 = t2.s # (a + b) mod n = [(a mod n) + (b mod n)] mod n. top = (m1 - m2) % q k = top * (s1 - s2).invmod(q) # numerator = ((m1 % q) - (m2 % q)) % q k end |
#targets_for(inputs) ⇒ Object
44 45 46 47 48 49 50 |
# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 44 def targets_for(inputs) inputs. group_by {|inp| inp.r }. select {|k, v| v.length > 1 }. values. first end |
#validate_targets! ⇒ Object
37 38 39 40 41 42 |
# File 'lib/crypto_toolchain/tools/dsa_recover_nonce_from_signatures.rb', line 37 def validate_targets! r1 = targets.first.r targets[1..-1].each do |t| raise ArgumentError.new("All r-values must be identical") unless t.r == r1 end end |