WoWInterface » Developer Discussions » Tutorials & Other Helpful Info. » DSA Signature Validation in LUA
Reply
 
Thread Tools Display Modes
Old 02-19-13, 03:59 PM   #1
elcius
A Defias Bandit
Join Date: Sep 2011
Posts: 3
DSA Signature Validation in LUA
Here is an example of using the Digital Signature Algorithm to sign and validate content that can be released P2P without it being compromised.

I used OpenSSL for key generation, but anything that conforms to the Digital Signature Standard (FIPS PUB 186-3) and supports Sha256 and ASN.1 storage should work fine, but i don't recommend using 2048 or more bit keys, as the BigNum library is quite poor the modular exponentiation for calculating v will take a very long time (1024bit keys take about 15 seconds, 2048bit upwards of 3 minutes)

There is currently a problem with calculating the correct modular inverse for s and q, i believe it's a problem with BigNum and its handling of negative numbers, I'll be replacing the entire library so I'm ignoring it for now, but if you sign a string and it shows as invalid, just try again, and hopefully you'll get a working random seed.

For the library's I used, Base64 and Sha-2 are cut and paste, i had to make ASN.1 and as such it's pretty bare bones, BigNum hardly operates and is way over coded.

Use DSA_validate() to start the validation, change __PAYLOAD to the string signed (payload.txt), and __SIG to the Base64 encoded ASN.1 signature (sigfile.txt).

current values are 'secret' as the payload and a working signature generated using the private key provided, obviously you will need to generate your own key pair for your own addons.

This will be useful to someone i hope.
Attached Files
File Type: zip DSATest.zip (18.8 KB, 136 views)
elcius is offline   Reply With Quote
Old 02-20-13, 05:31 AM   #2
Vlad
A Molten Giant
 
Vlad's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2005
Posts: 688
Just curious, how could this be used? I assume one could broadcast over the chat addon channel without others being able to look into the conversation or something, but in any case, it's some neat coding you've done.

I'll let the more math proficient reply.
__________________
Profile: Curse | Wowhead
Vlad is offline   Reply With Quote
Old 02-20-13, 05:50 AM   #3
elcius
A Defias Bandit
Join Date: Sep 2011
Posts: 3
Its primary purpose is to provide a way to release addon updates/content without the need for users to re-download the addon.
For example with bigwigs and deadly boss mods, new boss timers can be published in-game by the developer to friends/party/raid/chat channel, anyone who receives the update can validate that it is actually from the developer and that is hasn't been changed, then forward to more people who can do the same.
It's also secure enough to allow pure LUA code to be signed, broadcast and used, to provide core upgrades as well as content updates.
elcius is offline   Reply With Quote
Old 02-20-13, 06:55 AM   #4
Vlad
A Molten Giant
 
Vlad's Avatar
AddOn Author - Click to view addons
Join Date: Dec 2005
Posts: 688
Yeah, I had this in mind when I read your suggestion as well.

It's a neat idea, I hope it is doable in WoW lua, considering some small limitations, hehe.
__________________
Profile: Curse | Wowhead
Vlad is offline   Reply With Quote
Old 02-22-13, 07:44 PM   #5
elcius
A Defias Bandit
Join Date: Sep 2011
Posts: 3
here is a fix for BNmodInverse which removes the false negatives.
Code:
function BNnumBits( n )
	t = {[0]=3,3,2,2,1,1,1,1};
	h = BNToHex(n);
	return (strlen(h)*4)-(t[tonumber(h:sub(1,1),16)] or 0);
end
function BNToHex( n )
	if type(n) ~= "table" then n = BigNum.new(n); end
	local k,out = "0123456789ABCDEF","";
	n.signal = "+";
	while BigNum.mt.lt( 0, n ) do
		n, r = BigNum.mt.div( n, 16 );
		r = BigNum.mt.tostring(r)+1;
		out = k:sub(r,r)..out;
	end
	return out;
end
function BNrshift( bnum1, n )
	return BigNum.mt.div( bnum1, 2^n );
end
function BNlshift( bnum1, n )
	return BigNum.mt.mul( bnum1, 2^n );
end
function BNmodInverse( B, A )
	
	local n = BigNum.new(BigNum.mt.tostring(A));
	local M,T = 0,BigNum.new(0);
	local X = 1;
	local Y = 0;
	
	local D = 0;
	
	sign = false;
	
	while ( not BigNum.mt.eq(B,0) ) do
		if BNnumBits(A) == BNnumBits(B) then
			D = 1;
			M = BigNum.mt.sub(A, B);
		elseif BNnumBits(A) == BNnumBits(B) + 1 then
			T = BNlshift(B,1);
			if BigNum.mt.lt( A, T ) then
				D = 1;
				M = BigNum.mt.sub(A, B);
			else
				M = BigNum.mt.sub(A, T);
				D = BigNum.mt.add(T, B);
				if BigNum.mt.lt( A, D ) then
					D = 2;
				else
					D = 3;
					M = BigNum.mt.sub(M, B);
				end
			end
		else
			D,M = BigNum.mt.div(A, B);
		end
		
		local tmp = A;
		A = B;
		B = M;
		
		if BigNum.mt.eq(D,1) then
			tmp = BigNum.mt.add(X,Y);
		else
			if BigNum.mt.eq(D,2) then
				tmp = BNlshift(X,1);
			elseif BigNum.mt.eq(D,4) then
				tmp = BNlshift(X,2);
			elseif BigNum.mt.eq(D,1) then
				tmp = X;
				tmp = BigNum.mt.mul(tmp, D);
			else
				tmp = BigNum.mt.mul(D, X);
			end
			
			tmp = BigNum.mt.add(tmp,Y);
		end
		
		M=Y;
		Y=X;
		X=tmp;
		sign = not sign;
		coroutine.yield();
	end
	
	if not sign then
		Y = BigNum.mt.sub(n,Y)
	end
	
	return Y;
end
Last edited by elcius : 02-23-13 at 09:57 AM.
elcius is offline   Reply With Quote
Reply

Go BackWoWInterface » Developer Discussions » Tutorials & Other Helpful Info. » DSA Signature Validation in LUA
« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off