test for p256 sign

dyne · Nov 14, 2023 · a341851 · a341851
1 parent e891597
commit a341851
Show file tree

Hide file tree

Showing 7 changed files with 195 additions and 26 deletions.
diff --git a/.editorconfig b/.editorconfig
@@ -23,11 +23,11 @@ indent_style = tab
 indent_style = space
 indent_size = 4
 
-[test/**.lua]
+[test/**/*.lua]
 indent_style = space
 indent_size = 4
 
-[test/**.bats]
+[test/**/*.bats]
 indent_style = space
 indent_size = 4
 

diff --git a/src/p256-m.c b/src/p256-m.c
@@ -1200,7 +1200,7 @@ static int scalar_from_bytes(uint32_t s[8], const uint8_t p[32])
  *      return 0 if OK, -1 on failure
  *      sbytes, s, x, y must be discarded when returning non-zero.
  */
-static int scalar_gen_with_pub(zenroom_t *Z, uint8_t sbytes[32], uint32_t s[8],
+static int scalar_gen_with_pub(zenroom_t *Z, octet *k, uint8_t sbytes[32], uint32_t s[8],
 			       uint32_t x[8], uint32_t y[8])
 {
 	/* generate a random valid scalar */
@@ -1210,10 +1210,20 @@ static int scalar_gen_with_pub(zenroom_t *Z, uint8_t sbytes[32], uint32_t s[8],
 	{
 		if (nb_tried++ >= 4)
 			return -1;
-		octet o;
-		o.val = sbytes;
-		o.len = o.max = 32;
-		OCT_rand(&o, Z->random_generator, 32);
+		if(k) {
+			if(k->len < 32) {
+				return -1;
+			}
+			int i;
+			for(i=0;i<32;i++){
+				sbytes[i]=k->val[i];
+			}
+		} else {
+			octet o;
+			o.val = (char*)sbytes;
+			o.len = o.max = 32;
+			OCT_rand(&o, Z->random_generator, 32);
+		}
 
 		ret = scalar_from_bytes(s, sbytes);
 	} while (ret != 0);
@@ -1227,10 +1237,10 @@ static int scalar_gen_with_pub(zenroom_t *Z, uint8_t sbytes[32], uint32_t s[8],
 /*
  * ECDH/ECDSA generate pair
  */
-int p256_gen_keypair(zenroom_t *Z, uint8_t priv[32], uint8_t pub[64])
+int p256_gen_keypair(zenroom_t *Z, octet *k, uint8_t priv[32], uint8_t pub[64])
 {
 	uint32_t s[8], x[8], y[8];
-	int ret = scalar_gen_with_pub(Z, priv, s, x, y);
+	int ret = scalar_gen_with_pub(Z, k, priv, s, x, y);
 	zeroize(s, sizeof s);
 	if (ret != 0)
 		return P256_RANDOM_FAILED;
@@ -1356,7 +1366,7 @@ static void ecdsa_m256_from_hash(uint32_t z[8],
 /*
  * ECDSA sign
  */
-int p256_ecdsa_sign(zenroom_t *Z, uint8_t sig[64], const uint8_t priv[32],
+int p256_ecdsa_sign(zenroom_t *Z, octet *kk, uint8_t sig[64], const uint8_t priv[32],
 		    const uint8_t *hash, size_t hlen)
 {
 	/*
@@ -1374,7 +1384,7 @@ int p256_ecdsa_sign(zenroom_t *Z, uint8_t sig[64], const uint8_t priv[32],
 	uint8_t *kb = (uint8_t *)t4;
 	/* kb will be erased by re-using t4 for dU - if we exit before that, we
 	 * haven't read the private key yet so we kb isn't sensitive yet */
-	ret = scalar_gen_with_pub(Z, kb, k, xr, t3); /* xr = x_coord(k * G) */
+	ret = scalar_gen_with_pub(Z, kk, kb, k, xr, t3); /* xr = x_coord(k * G) */
 	if (ret != 0)
 		return P256_RANDOM_FAILED;
 	m256_prep(k, &p256_n);

diff --git a/src/p256-m.h b/src/p256-m.h
@@ -11,6 +11,7 @@
 #include <stddef.h>
 
 #include <zenroom.h>
+#include <zen_octet.h>
 
 /* Status codes */
 #define P256_SUCCESS            0
@@ -23,16 +24,6 @@
 extern "C" {
 #endif
 
-/*
- * RNG function - must be provided externally and be cryptographically secure.
- *
- * in: output - must point to a writable buffer of at least output_size bytes.
- *     output_size - the number of random bytes to write to output.
- * out: output is filled with output_size random bytes.
- *      return 0 on success, non-zero on errors.
- */
-extern int p256_generate_random(uint8_t * output, unsigned output_size);
-
 /*
  * ECDH/ECDSA generate key pair
  *
@@ -43,7 +34,7 @@ extern int p256_generate_random(uint8_t * output, unsigned output_size);
  * return:  P256_SUCCESS on success
  *          P256_RANDOM_FAILED on failure
  */
-int p256_gen_keypair(zenroom_t *Z, uint8_t priv[32], uint8_t pub[64]);
+int p256_gen_keypair(zenroom_t *Z, octet *k, uint8_t priv[32], uint8_t pub[64]);
 
 /*
  * ECDH/ECDSA generate public key
@@ -83,7 +74,7 @@ int p256_ecdh_shared_secret(uint8_t secret[32],
  *          P256_RANDOM_FAILED on failure
  *          P256_INVALID_PRIVKEY if priv is invalid
  */
-int p256_ecdsa_sign(zenroom_t *Z, uint8_t sig[64], const uint8_t priv[32],
+int p256_ecdsa_sign(zenroom_t *Z, octet *k, uint8_t sig[64], const uint8_t priv[32],
                     const uint8_t *hash, size_t hlen);
 
 /*

diff --git a/src/zen_p256.c b/src/zen_p256.c
@@ -49,7 +49,7 @@ static int p256_keygen(lua_State *L)
 	uint8_t priv[32];
 	uint8_t pub[64];
 	Z(L);
-	p256_gen_keypair(Z, priv, pub);
+	p256_gen_keypair(Z, NULL, priv, pub);
 	// return a table
 	lua_createtable(L, 0, 2);
 	octet *pk = o_new(L, 64 + 4);
@@ -134,7 +134,7 @@ static int p256_sign(lua_State *L)
 	hash256 sha256;
 	char hash[HASH_SIZE];
 	char *failed_msg = NULL;
-	octet *sk = NULL, *m = NULL, *sig = NULL;
+	octet *sk = NULL, *m = NULL, *sig = NULL, *k = NULL;
 	sk = o_arg(L, 1);
 	if (!sk)
 	{
@@ -164,7 +164,15 @@ static int p256_sign(lua_State *L)
 	}
 	sig->len = SIG_SIZE;
 
-	int ret = p256_ecdsa_sign(Z, (uint8_t *)sig->val, (uint8_t *)sk->val,
+	if(lua_isnoneornil(L, 3)) {
+		k = o_arg(L, 3);
+		if(k == NULL) {
+			failed_msg = "Could not allocate ephemeral key";
+			goto end;
+		}
+	}
+
+	int ret = p256_ecdsa_sign(Z, k, (uint8_t *)sig->val, (uint8_t *)sk->val,
 				  (uint8_t *)hash, HASH_SIZE);
 	if (ret != 0)
 	{
@@ -175,6 +183,7 @@ static int p256_sign(lua_State *L)
 end:
 	o_free(L, m);
 	o_free(L, sk);
+	o_free(L, k);
 	if (failed_msg != NULL)
 	{
 		THROW(failed_msg);

diff --git a/test/vectors/check_ecdsa_p256_sign.lua b/test/vectors/check_ecdsa_p256_sign.lua
@@ -0,0 +1,35 @@
+local P256 = require('p256')
+
+-- this is a simple rsp parser by jaromil@dyne.org
+-- an rsp file must be loaded in DATA
+-- the kind of hash must be indicated in KEYS
+-- public domain (and thanks for all the NIST)
+
+local function newline_iter(text)
+	s = trim(text) -- implemented in zen_io.c
+	if s:sub(-1) ~= '\n' then
+		s = s .. '\n'
+	end
+	return s:gmatch('(.-)\n') -- iterators return functions
+end
+
+local test = { }
+local curr_fields = 0
+local nr = 0
+
+for line in newline_iter(DATA) do
+    local rule = strtok(line)
+    if #rule > 0 and rule[1] ~= "" and rule[1]:lower() ~= "count" and rule[1]:lower() ~= "mlen" and rule[1]:lower() ~= "smlen" then
+        curr_fields = curr_fields+1
+
+        test[rule[1]:lower()] = O.from_hex(rule[3])
+    end
+    if curr_fields == 7 then
+        assert(test.qx .. test.qy == P256.pubgen(test.d))
+        assert(test.r .. test.s == P256.sign(test.d, test.msg, test.k))
+        curr_fields = 0
+        test = {}
+    end
+
+end
+print(nr)
diff --git a/test/vectors/ecdsa_p256.bats b/test/vectors/ecdsa_p256.bats
@@ -7,3 +7,7 @@ load ../bats_setup
 @test "NIST ECDSA SigVerify" {
     ${ZENROOM_EXECUTABLE} -a $T/ecdsa_p256_SigVer.rsp $T/check_ecdsa_p256_verify.lua
 }
+
+@test "NIST ECDSA SigGen" {
+    ${ZENROOM_EXECUTABLE} -a $T/ecdsa_p256_SigGen.txt $T/check_ecdsa_p256_sign.lua
+}
diff --git a/test/vectors/ecdsa_p256_SigGen.txt b/test/vectors/ecdsa_p256_SigGen.txt
@@ -0,0 +1,120 @@
+Msg = 5905238877c77421f73e43ee3da6f2d9e2ccad5fc942dcec0cbd25482935faaf416983fe165b1a045ee2bcd2e6dca3bdf46c4310a7461f9a37960ca672d3feb5473e253605fb1ddfd28065b53cb5858a8ad28175bf9bd386a5e471ea7a65c17cc934a9d791e91491eb3754d03799790fe2d308d16146d5c9b0d0debd97d79ce8
+d = 519b423d715f8b581f4fa8ee59f4771a5b44c8130b4e3eacca54a56dda72b464
+Qx = 1ccbe91c075fc7f4f033bfa248db8fccd3565de94bbfb12f3c59ff46c271bf83
+Qy = ce4014c68811f9a21a1fdb2c0e6113e06db7ca93b7404e78dc7ccd5ca89a4ca9
+k = 94a1bbb14b906a61a280f245f9e93c7f3b4a6247824f5d33b9670787642a68de
+R = f3ac8061b514795b8843e3d6629527ed2afd6b1f6a555a7acabb5e6f79c8c2ac
+S = 8bf77819ca05a6b2786c76262bf7371cef97b218e96f175a3ccdda2acc058903
+
+Msg = c35e2f092553c55772926bdbe87c9796827d17024dbb9233a545366e2e5987dd344deb72df987144b8c6c43bc41b654b94cc856e16b96d7a821c8ec039b503e3d86728c494a967d83011a0e090b5d54cd47f4e366c0912bc808fbb2ea96efac88fb3ebec9342738e225f7c7c2b011ce375b56621a20642b4d36e060db4524af1
+d = 0f56db78ca460b055c500064824bed999a25aaf48ebb519ac201537b85479813
+Qx = e266ddfdc12668db30d4ca3e8f7749432c416044f2d2b8c10bf3d4012aeffa8a
+Qy = bfa86404a2e9ffe67d47c587ef7a97a7f456b863b4d02cfc6928973ab5b1cb39
+k = 6d3e71882c3b83b156bb14e0ab184aa9fb728068d3ae9fac421187ae0b2f34c6
+R = 976d3a4e9d23326dc0baa9fa560b7c4e53f42864f508483a6473b6a11079b2db
+S = 1b766e9ceb71ba6c01dcd46e0af462cd4cfa652ae5017d4555b8eeefe36e1932
+
+Msg = 3c054e333a94259c36af09ab5b4ff9beb3492f8d5b4282d16801daccb29f70fe61a0b37ffef5c04cd1b70e85b1f549a1c4dc672985e50f43ea037efa9964f096b5f62f7ffdf8d6bfb2cc859558f5a393cb949dbd48f269343b5263dcdb9c556eca074f2e98e6d94c2c29a677afaf806edf79b15a3fcd46e7067b7669f83188ee
+d = e283871239837e13b95f789e6e1af63bf61c918c992e62bca040d64cad1fc2ef
+Qx = 74ccd8a62fba0e667c50929a53f78c21b8ff0c3c737b0b40b1750b2302b0bde8
+Qy = 29074e21f3a0ef88b9efdf10d06aa4c295cc1671f758ca0e4cd108803d0f2614
+k = ad5e887eb2b380b8d8280ad6e5ff8a60f4d26243e0124c2f31a297b5d0835de2
+R = 35fb60f5ca0f3ca08542fb3cc641c8263a2cab7a90ee6a5e1583fac2bb6f6bd1
+S = ee59d81bc9db1055cc0ed97b159d8784af04e98511d0a9a407b99bb292572e96
+
+Msg = 0989122410d522af64ceb07da2c865219046b4c3d9d99b01278c07ff63eaf1039cb787ae9e2dd46436cc0415f280c562bebb83a23e639e476a02ec8cff7ea06cd12c86dcc3adefbf1a9e9a9b6646c7599ec631b0da9a60debeb9b3e19324977f3b4f36892c8a38671c8e1cc8e50fcd50f9e51deaf98272f9266fc702e4e57c30
+d = a3d2d3b7596f6592ce98b4bfe10d41837f10027a90d7bb75349490018cf72d07
+Qx = 322f80371bf6e044bc49391d97c1714ab87f990b949bc178cb7c43b7c22d89e1
+Qy = 3c15d54a5cc6b9f09de8457e873eb3deb1fceb54b0b295da6050294fae7fd999
+k = 24fc90e1da13f17ef9fe84cc96b9471ed1aaac17e3a4bae33a115df4e5834f18
+R = d7c562370af617b581c84a2468cc8bd50bb1cbf322de41b7887ce07c0e5884ca
+S = b46d9f2d8c4bf83546ff178f1d78937c008d64e8ecc5cbb825cb21d94d670d89
+
+Msg = dc66e39f9bbfd9865318531ffe9207f934fa615a5b285708a5e9c46b7775150e818d7f24d2a123df3672fff2094e3fd3df6fbe259e3989dd5edfcccbe7d45e26a775a5c4329a084f057c42c13f3248e3fd6f0c76678f890f513c32292dd306eaa84a59abe34b16cb5e38d0e885525d10336ca443e1682aa04a7af832b0eee4e7
+d = 53a0e8a8fe93db01e7ae94e1a9882a102ebd079b3a535827d583626c272d280d
+Qx = 1bcec4570e1ec2436596b8ded58f60c3b1ebc6a403bc5543040ba82963057244
+Qy = 8af62a4c683f096b28558320737bf83b9959a46ad2521004ef74cf85e67494e1
+k = 5d833e8d24cc7a402d7ee7ec852a3587cddeb48358cea71b0bedb8fabe84e0c4
+R = 18caaf7b663507a8bcd992b836dec9dc5703c080af5e51dfa3a9a7c387182604
+S = 77c68928ac3b88d985fb43fb615fb7ff45c18ba5c81af796c613dfa98352d29c
+
+Msg = 600974e7d8c5508e2c1aab0783ad0d7c4494ab2b4da265c2fe496421c4df238b0be25f25659157c8a225fb03953607f7df996acfd402f147e37aee2f1693e3bf1c35eab3ae360a2bd91d04622ea47f83d863d2dfecb618e8b8bdc39e17d15d672eee03bb4ce2cc5cf6b217e5faf3f336fdd87d972d3a8b8a593ba85955cc9d71
+d = 4af107e8e2194c830ffb712a65511bc9186a133007855b49ab4b3833aefc4a1d
+Qx = a32e50be3dae2c8ba3f5e4bdae14cf7645420d425ead94036c22dd6c4fc59e00
+Qy = d623bf641160c289d6742c6257ae6ba574446dd1d0e74db3aaa80900b78d4ae9
+k = e18f96f84dfa2fd3cdfaec9159d4c338cd54ad314134f0b31e20591fc238d0ab
+R = 8524c5024e2d9a73bde8c72d9129f57873bbad0ed05215a372a84fdbc78f2e68
+S = d18c2caf3b1072f87064ec5e8953f51301cada03469c640244760328eb5a05cb
+
+Msg = dfa6cb9b39adda6c74cc8b2a8b53a12c499ab9dee01b4123642b4f11af336a91a5c9ce0520eb2395a6190ecbf6169c4cba81941de8e76c9c908eb843b98ce95e0da29c5d4388040264e05e07030a577cc5d176387154eabae2af52a83e85c61c7c61da930c9b19e45d7e34c8516dc3c238fddd6e450a77455d534c48a152010b
+d = 78dfaa09f1076850b3e206e477494cddcfb822aaa0128475053592c48ebaf4ab
+Qx = 8bcfe2a721ca6d753968f564ec4315be4857e28bef1908f61a366b1f03c97479
+Qy = 0f67576a30b8e20d4232d8530b52fb4c89cbc589ede291e499ddd15fe870ab96
+k = 295544dbb2da3da170741c9b2c6551d40af7ed4e891445f11a02b66a5c258a77
+R = c5a186d72df452015480f7f338970bfe825087f05c0088d95305f87aacc9b254
+S = 84a58f9e9d9e735344b316b1aa1ab5185665b85147dc82d92e969d7bee31ca30
+
+Msg = 51d2547cbff92431174aa7fc7302139519d98071c755ff1c92e4694b58587ea560f72f32fc6dd4dee7d22bb7387381d0256e2862d0644cdf2c277c5d740fa089830eb52bf79d1e75b8596ecf0ea58a0b9df61e0c9754bfcd62efab6ea1bd216bf181c5593da79f10135a9bc6e164f1854bc8859734341aad237ba29a81a3fc8b
+d = 80e692e3eb9fcd8c7d44e7de9f7a5952686407f90025a1d87e52c7096a62618a
+Qx = a88bc8430279c8c0400a77d751f26c0abc93e5de4ad9a4166357952fe041e767
+Qy = 2d365a1eef25ead579cc9a069b6abc1b16b81c35f18785ce26a10ba6d1381185
+k = 7c80fd66d62cc076cef2d030c17c0a69c99611549cb32c4ff662475adbe84b22
+R = 9d0c6afb6df3bced455b459cc21387e14929392664bb8741a3693a1795ca6902
+S = d7f9ddd191f1f412869429209ee3814c75c72fa46a9cccf804a2f5cc0b7e739f
+
+Msg = 558c2ac13026402bad4a0a83ebc9468e50f7ffab06d6f981e5db1d082098065bcff6f21a7a74558b1e8612914b8b5a0aa28ed5b574c36ac4ea5868432a62bb8ef0695d27c1e3ceaf75c7b251c65ddb268696f07c16d2767973d85beb443f211e6445e7fe5d46f0dce70d58a4cd9fe70688c035688ea8c6baec65a5fc7e2c93e8
+d = 5e666c0db0214c3b627a8e48541cc84a8b6fd15f300da4dff5d18aec6c55b881
+Qx = 1bc487570f040dc94196c9befe8ab2b6de77208b1f38bdaae28f9645c4d2bc3a
+Qy = ec81602abd8345e71867c8210313737865b8aa186851e1b48eaca140320f5d8f
+k = 2e7625a48874d86c9e467f890aaa7cd6ebdf71c0102bfdcfa24565d6af3fdce9
+R = 2f9e2b4e9f747c657f705bffd124ee178bbc5391c86d056717b140c153570fd9
+S = f5413bfd85949da8d83de83ab0d19b2986613e224d1901d76919de23ccd03199
+
+Msg = 4d55c99ef6bd54621662c3d110c3cb627c03d6311393b264ab97b90a4b15214a5593ba2510a53d63fb34be251facb697c973e11b665cb7920f1684b0031b4dd370cb927ca7168b0bf8ad285e05e9e31e34bc24024739fdc10b78586f29eff94412034e3b606ed850ec2c1900e8e68151fc4aee5adebb066eb6da4eaa5681378e
+d = f73f455271c877c4d5334627e37c278f68d143014b0a05aa62f308b2101c5308
+Qx = b8188bd68701fc396dab53125d4d28ea33a91daf6d21485f4770f6ea8c565dde
+Qy = 423f058810f277f8fe076f6db56e9285a1bf2c2a1dae145095edd9c04970bc4a
+k = 62f8665fd6e26b3fa069e85281777a9b1f0dfd2c0b9f54a086d0c109ff9fd615
+R = 1cc628533d0004b2b20e7f4baad0b8bb5e0673db159bbccf92491aef61fc9620
+S = 880e0bbf82a8cf818ed46ba03cf0fc6c898e36fca36cc7fdb1d2db7503634430
+
+Msg = f8248ad47d97c18c984f1f5c10950dc1404713c56b6ea397e01e6dd925e903b4fadfe2c9e877169e71ce3c7fe5ce70ee4255d9cdc26f6943bf48687874de64f6cf30a012512e787b88059bbf561162bdcc23a3742c835ac144cc14167b1bd6727e940540a9c99f3cbb41fb1dcb00d76dda04995847c657f4c19d303eb09eb48a
+d = b20d705d9bd7c2b8dc60393a5357f632990e599a0975573ac67fd89b49187906
+Qx = 51f99d2d52d4a6e734484a018b7ca2f895c2929b6754a3a03224d07ae61166ce
+Qy = 4737da963c6ef7247fb88d19f9b0c667cac7fe12837fdab88c66f10d3c14cad1
+k = 72b656f6b35b9ccbc712c9f1f3b1a14cbbebaec41c4bca8da18f492a062d6f6f
+R = 9886ae46c1415c3bc959e82b760ad760aab66885a84e620aa339fdf102465c42
+S = 2bf3a80bc04faa35ebecc0f4864ac02d349f6f126e0f988501b8d3075409a26c
+
+Msg = 3b6ee2425940b3d240d35b97b6dcd61ed3423d8e71a0ada35d47b322d17b35ea0472f35edd1d252f87b8b65ef4b716669fc9ac28b00d34a9d66ad118c9d94e7f46d0b4f6c2b2d339fd6bcd351241a387cc82609057048c12c4ec3d85c661975c45b300cb96930d89370a327c98b67defaa89497aa8ef994c77f1130f752f94a4
+d = d4234bebfbc821050341a37e1240efe5e33763cbbb2ef76a1c79e24724e5a5e7
+Qx = 8fb287f0202ad57ae841aea35f29b2e1d53e196d0ddd9aec24813d64c0922fb7
+Qy = 1f6daff1aa2dd2d6d3741623eecb5e7b612997a1039aab2e5cf2de969cfea573
+k = d926fe10f1bfd9855610f4f5a3d666b1a149344057e35537373372ead8b1a778
+R = 490efd106be11fc365c7467eb89b8d39e15d65175356775deab211163c2504cb
+S = 644300fc0da4d40fb8c6ead510d14f0bd4e1321a469e9c0a581464c7186b7aa7
+
+Msg = c5204b81ec0a4df5b7e9fda3dc245f98082ae7f4efe81998dcaa286bd4507ca840a53d21b01e904f55e38f78c3757d5a5a4a44b1d5d4e480be3afb5b394a5d2840af42b1b4083d40afbfe22d702f370d32dbfd392e128ea4724d66a3701da41ae2f03bb4d91bb946c7969404cb544f71eb7a49eb4c4ec55799bda1eb545143a7
+d = b58f5211dff440626bb56d0ad483193d606cf21f36d9830543327292f4d25d8c
+Qx = 68229b48c2fe19d3db034e4c15077eb7471a66031f28a980821873915298ba76
+Qy = 303e8ee3742a893f78b810991da697083dd8f11128c47651c27a56740a80c24c
+k = e158bf4a2d19a99149d9cdb879294ccb7aaeae03d75ddd616ef8ae51a6dc1071
+R = e67a9717ccf96841489d6541f4f6adb12d17b59a6bef847b6183b8fcf16a32eb
+S = 9ae6ba6d637706849a6a9fc388cf0232d85c26ea0d1fe7437adb48de58364333
+
+Msg = 72e81fe221fb402148d8b7ab03549f1180bcc03d41ca59d7653801f0ba853add1f6d29edd7f9abc621b2d548f8dbf8979bd16608d2d8fc3260b4ebc0dd42482481d548c7075711b5759649c41f439fad69954956c9326841ea6492956829f9e0dc789f73633b40f6ac77bcae6dfc7930cfe89e526d1684365c5b0be2437fdb01
+d = 54c066711cdb061eda07e5275f7e95a9962c6764b84f6f1f3ab5a588e0a2afb1
+Qx = 0a7dbb8bf50cb605eb2268b081f26d6b08e012f952c4b70a5a1e6e7d46af98bb
+Qy = f26dd7d799930062480849962ccf5004edcfd307c044f4e8f667c9baa834eeae
+k = 646fe933e96c3b8f9f507498e907fdd201f08478d0202c752a7c2cfebf4d061a
+R = b53ce4da1aa7c0dc77a1896ab716b921499aed78df725b1504aba1597ba0c64b
+S = d7c246dc7ad0e67700c373edcfdd1c0a0495fc954549ad579df6ed1438840851
+
+Msg = 21188c3edd5de088dacc1076b9e1bcecd79de1003c2414c3866173054dc82dde85169baa77993adb20c269f60a5226111828578bcc7c29e6e8d2dae81806152c8ba0c6ada1986a1983ebeec1473a73a04795b6319d48662d40881c1723a706f516fe75300f92408aa1dc6ae4288d2046f23c1aa2e54b7fb6448a0da922bd7f34
+d = 34fa4682bf6cb5b16783adcd18f0e6879b92185f76d7c920409f904f522db4b1
+Qx = 105d22d9c626520faca13e7ced382dcbe93498315f00cc0ac39c4821d0d73737
+Qy = 6c47f3cbbfa97dfcebe16270b8c7d5d3a5900b888c42520d751e8faf3b401ef4
+k = a6f463ee72c9492bc792fe98163112837aebd07bab7a84aaed05be64db3086f4
+R = 542c40a18140a6266d6f0286e24e9a7bad7650e72ef0e2131e629c076d962663
+S = 4f7f65305e24a6bbb5cff714ba8f5a2cee5bdc89ba8d75dcbf21966ce38eb66f
+