Giters

tintinweb / ecdsa-private-key-recovery

A simple library to recover the private key of ECDSA and DSA signatures sharing the same nonce k and therefore having identical signature parameter r

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

My private keys are too long

kyisoethin opened this issue · comments

commented

Hi
I have recovered private keys.
I got it in DER format and I convert it to hex and again to int.
And I sign with the following code

require 'ecdsa'
require 'securerandom'
require 'base64'
require 'ecdsa/signature'
$group = ECDSA::Group::Secp256k1
$private_key=28144789692471553500376343270508742413340831233397617706262474154100941906786747703908242901015406360453636083006042780581215203050848186070426724974394505409078745250434472399285330927579969290762885299277581283580547054451834431547110831546258209459244651833351969402794813868734108
$public_key = "\x04\xac\xc1\x94\x8d\xb1\xdc\x11\xfe\xc6\x93\xd8\x15\x38\xe9\x56\x76\xa4\x9a\x19\xcd\x18\x84\x4e\x47\x04\xfa\xa1\xa2\x78\x81\x50\x6f\x0c\x4f\x1e\x40\x4f\xb9\xb1\xb6\xec\xa7\x42\x4c\x9d\x31\xe3\x9c\x88\x7c\xaf\xbf\x25\x34\x81\xff\x35\x51\x6f\x6e\x75\xe7\xf6\x9c"
point = ECDSA::Format::PointOctetString.decode($public_key,$group)
def verify?(str,signature,ec)
    digest = Digest::SHA256.digest(str)
    ECDSA.valid_signature?(ec, digest, signature)
end
def sign(str)
    digest = Digest::SHA256.digest(str) 
    temp_key = str.size 
    signature = ECDSA.sign($group, $private_key, digest, temp_key)
end

sig=sign("poker")
sig=Base64.strict_encode64("poker"+"--"+ECDSA::Format::SignatureDerString.encode(sig))
print(sig)

And I get signature.
But when I verify with public key, it showed "too long " error in decodind der string.

user="poker"
sig=Base64.decode64("cG9rZXItLTBFAiAvi95NGgcgk1W0pyUKXFEo6IuEvdxhmrfLqNVpskDv5AIhAKq+insf/zmHW46z+36PQpRAY7gJFGLWYa4aX/qW8TVg")
sig=ECDSA::Format::SignatureDerString.decode(sig)
if verify?(user,sig,point)
  print("OK")
end

Can you help me with this?

commented

Hi @kyisoethin,

I will probably need some more context to actually help you. How does your question relate to this project?

cheers,
tin

commented

Hi @tintinweb
I am sorry for asking you not related question.
But I just want to know how to use recovered private keys in my code ,that is how to read from pem format.

require 'ecdsa'
def sign(str)
    digest = Digest::SHA256.digest(str) 
    temp_key = str.size 
    signature = ECDSA.sign($group, $private_key, digest, temp_key)
end

If this question is not related, you can leave it.

Thanks.

commented

Hi @kyisoethin,

please refer to the documentation https://www.rubydoc.info/gems/ecdsa/ECDSA.sign or see this answer (probably your question) https://stackoverflow.com/questions/53734440/how-to-sign-ecdsa-with-pem-private-key

cheers,
tin

commented

Thanks