* za, err := ZA(pub, uid) if err != nil { return } e, err := msgHash(za, msg) hash=e.getBytes() */
(pub *PublicKey, hash []byte, r, s *big.Int)
| 209 | hash=e.getBytes() |
| 210 | */ |
| 211 | func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool { |
| 212 | c := pub.Curve |
| 213 | N := c.Params().N |
| 214 | |
| 215 | if r.Sign() <= 0 || s.Sign() <= 0 { |
| 216 | return false |
| 217 | } |
| 218 | if r.Cmp(N) >= 0 || s.Cmp(N) >= 0 { |
| 219 | return false |
| 220 | } |
| 221 | |
| 222 | // 调整算法细节以实现SM2 |
| 223 | t := new(big.Int).Add(r, s) |
| 224 | t.Mod(t, N) |
| 225 | if t.Sign() == 0 { |
| 226 | return false |
| 227 | } |
| 228 | |
| 229 | var x *big.Int |
| 230 | x1, y1 := c.ScalarBaseMult(s.Bytes()) |
| 231 | x2, y2 := c.ScalarMult(pub.X, pub.Y, t.Bytes()) |
| 232 | x, _ = c.Add(x1, y1, x2, y2) |
| 233 | |
| 234 | e := new(big.Int).SetBytes(hash) |
| 235 | x.Add(x, e) |
| 236 | x.Mod(x, N) |
| 237 | return x.Cmp(r) == 0 |
| 238 | } |
| 239 | |
| 240 | /* |
| 241 | * sm2密文结构如下: |
nothing calls this directly
no test coverage detected
searching dependent graphs…