0
我注意到,如果我使用ECDsa.SignData
方法,我总是会得到不同的ECDSA签名。ECDSA签名 - 是否可以使用已用密钥的结论?
所以我不知道是否有可能从ECDSA签名到已用密钥的结论?
如果Alice向Bob1和Bob2发送消息,Eve可以在没有来自Alice的公众的情况下确定该签名来自同一个发送者?
public static byte[] SignData(KeyPair privateKeyPair, byte[] data)
{
var ecDsa = ECDsa.Create(ECCurve.NamedCurves.brainpoolP320r1);
ecDsa.ImportParameters(privateKeyPair.CreateECParameters());
return ecDsa.SignData(data, HashAlgorithmName.SHA512);
}
public static bool VerifyData(KeyPair signedKeyPair, byte[] data, byte[] signature)
{
var ecDsa = ECDsa.Create(ECCurve.NamedCurves.brainpoolP320r1);
ecDsa.ImportParameters(signedKeyPair.CreateECParameters());
return ecDsa.VerifyData(data,signature, HashAlgorithmName.SHA512);
}
var plainMsg = Encoding.UTF8.GetBytes("Hello World");
var keyPair = BrainpoolKeyGenerator.CreateKeyPair(true);
var signature1 = SignData(keyPair, plainMsg);
var signature2 = SignData(keyPair, plainMsg);
Assert.That(signature1,Is.Not.EquivalentTo(signature2), "Signature #1 and #2 are NOT equal");
Assert.That(VerifyData(keyPair.ExportPublicKey(), plainMsg, signature1), "Signature of #1 is valid");
Assert.That(VerifyData(keyPair.ExportPublicKey(), plainMsg, signature2), "Signature of #2 is valid");