bool verify(CryptoPP::ECPPoint Q, byte *message, unsigned message_length, CryptoPP::Integer r, CryptoPP::Integer s){
auto ec = common::ec_parameters().GetCurve();
auto G = common::ec_parameters().GetSubgroupGenerator();
auto n = common::ec_parameters().GetGroupOrder();
Integer z = hash_m_to_int(message, message_length, n.ByteCount());
// verify
if (Q == ec.Identity()){
cerr << "Q == O" << endl;
return false;
}
if (!(ec.Multiply(n, Q) == ec.Identity())){
cerr << "n x Q != O" << endl;
return false;
}
if (r <= 0 || r >= n){
cerr << "incorrect r" << endl;
return false;
}
if (s <= 0 || s >= n){
cerr << "incorrect s" << endl;
return false;
}
Integer w = s.InverseMod(n);
Integer u1 = a_times_b_mod_c(z, w, n);
Integer u2 = a_times_b_mod_c(r, w, n);
ECPPoint P2 = ec.Add(ec.Multiply(u1, G), ec.Multiply(u2, Q));
if (P2.x != r){
cerr << "P2.x != r" << endl;
return false;
}
return true;
}
SecureBinaryData CryptoECDSA::InvMod(const SecureBinaryData& m)
{
static BinaryData N = BinaryData::CreateFromHex(
"fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141");
CryptoPP::Integer cppM;
CryptoPP::Integer cppModulo;
cppM.Decode(m.getPtr(), m.getSize(), UNSIGNED);
cppModulo.Decode(N.getPtr(), N.getSize(), UNSIGNED);
CryptoPP::Integer cppResult = cppM.InverseMod(cppModulo);
SecureBinaryData result(32);
cppResult.Encode(result.getPtr(), result.getSize(), UNSIGNED);
return result;
}