starkbank-ecdsa 1.0.0

.NET Standard 2.1

This package has at least one vulnerability with critical severity. It may lead to specific problems in your project. Try updating the package version.

Details

Advisory: https://github.com/advisories/GHSA-j3jw-j2j8-2wv9

Severity: critical

There is a newer version of this package available.
See the version list below for details.

dotnet add package starkbank-ecdsa --version 1.0.0

NuGet\Install-Package starkbank-ecdsa -Version 1.0.0

This command is intended to be used within the Package Manager Console in Visual Studio, as it uses the NuGet module's version of Install-Package.

<PackageReference Include="starkbank-ecdsa" Version="1.0.0" />

For projects that support PackageReference, copy this XML node into the project file to reference the package.

paket add starkbank-ecdsa --version 1.0.0

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

#r "nuget: starkbank-ecdsa, 1.0.0"

#r directive can be used in F# Interactive and Polyglot Notebooks. Copy this into the interactive tool or source code of the script to reference the package.

// Install starkbank-ecdsa as a Cake Addin
#addin nuget:?package=starkbank-ecdsa&version=1.0.0

// Install starkbank-ecdsa as a Cake Tool
#tool nuget:?package=starkbank-ecdsa&version=1.0.0

The NuGet Team does not provide support for this client. Please contact its maintainers for support.

A lightweight and fast ECDSA implementation

Overview

This is a pure C# implementation of the Elliptic Curve Digital Signature Algorithm. It is compatible with .NET Standard 2.1+. It is also compatible with OpenSSL. It uses some elegant math such as Jacobian Coordinates to speed up the ECDSA on pure C#.

Installation

To install StarkBank`s ECDSA-DotNet, get the package on nugget.

Curves

We currently support secp256k1, but it's super easy to add more curves to the project. Just add them on curve.cs

Speed

We ran a test on Node 13.1.0 on a MAC Pro i5 2019. The libraries ran 100 times and showed the average times displayed bellow:

Library	sign	verify
starkbank-ecdsa	3.5ms	6.5ms
nethereum	8.5ms	2.5ms

Sample Code

How to sign a json message for Stark Bank:

using System;
using EllipticCurve;


// Generate privateKey from PEM string
PrivateKey privateKey = PrivateKey.fromPem("-----BEGIN EC PARAMETERS-----\nBgUrgQQACg==\n-----END EC PARAMETERS-----\n-----BEGIN EC PRIVATE KEY-----\nMHQCAQEEIODvZuS34wFbt0X53+P5EnSj6tMjfVK01dD1dgDH02RzoAcGBSuBBAAK\noUQDQgAE/nvHu/SQQaos9TUljQsUuKI15Zr5SabPrbwtbfT/408rkVVzq8vAisbB\nRmpeRREXj5aog/Mq8RrdYy75W9q/Ig==\n-----END EC PRIVATE KEY-----\n");

// Create message from json
string message = "{\n    \"transfers\": [\n        {\n            \"amount\": 100000000,\n            \"taxId\": \"594.739.480-42\",\n            \"name\": \"Daenerys Targaryen Stormborn\",\n            \"bankCode\": \"341\",\n            \"branchCode\": \"2201\",\n            \"accountNumber\": \"76543-8\",\n            \"tags\": [\"daenerys\", \"targaryen\", \"transfer-1-external-id\"]\n        }\n    ]\n}";

Signature signature = Ecdsa.sign(message, privateKey);

// Generate Signature in base64. This result can be sent to Stark Bank in header as Digital-Signature parameter
Console.WriteLine(signature.toBase64());

// To double check if message matches the signature
PublicKey publicKey = privateKey.publicKey();

Console.WriteLine(Ecdsa.verify(message, signature, publicKey));

Simple use:

using System;
using EllipticCurve;


// Generate new Keys
PrivateKey privateKey = new PrivateKey();
PublicKey publicKey = privateKey.publicKey();

string message = "My test message";

// Generate Signature
Signature signature = Ecdsa.sign(message, privateKey);

// Verify if signature is valid
Console.WriteLine(Ecdsa.verify(message, signature, publicKey));

OpenSSL

This library is compatible with OpenSSL, so you can use it to generate keys:

openssl ecparam -name secp256k1 -genkey -out privateKey.pem
openssl ec -in privateKey.pem -pubout -out publicKey.pem

Create a message.txt file and sign it:

openssl dgst -sha256 -sign privateKey.pem -out signatureDer.txt message.txt

It's time to verify:

using System;
using EllipticCurve;


string publicKeyPem = EllipticCurve.Utils.File.read("publicKey.pem");
byte[] signatureDer = EllipticCurve.Utils.File.readBytes("signatureDer.txt");
string message = EllipticCurve.Utils.File.read("message.txt");

PublicKey publicKey = PublicKey.fromPem(publicKeyPem);
Signature signature = Signature.fromDer(signatureDer);

Console.WriteLine(Ecdsa.verify(message, signature, publicKey));

You can also verify it on terminal:

openssl dgst -sha256 -verify publicKey.pem -signature signatureDer.txt message.txt

NOTE: If you want to create a Digital Signature to use in the Stark Bank, you need to convert the binary signature to base64.

openssl base64 -in signatureDer.txt -out signatureBase64.txt

With this library, you can do it:

using System;
using EllipticCurve;


byte[] signatureDer = EllipticCurve.Utils.File.readBytes("signatureDer.txt");

Signature signature = Signature.fromDer(signatureDer);

Console.WriteLine(signature.toBase64());

Run all unit tests

Run StarkbankEcdsaTests on XUnit in Visual Studio

Product	Compatible and additional computed target framework versions.
.NET	net5.0 was computed. net5.0-windows was computed. net6.0 was computed. net6.0-android was computed. net6.0-ios was computed. net6.0-maccatalyst was computed. net6.0-macos was computed. net6.0-tvos was computed. net6.0-windows was computed. net7.0 was computed. net7.0-android was computed. net7.0-ios was computed. net7.0-maccatalyst was computed. net7.0-macos was computed. net7.0-tvos was computed. net7.0-windows was computed. net8.0 was computed. net8.0-android was computed. net8.0-browser was computed. net8.0-ios was computed. net8.0-maccatalyst was computed. net8.0-macos was computed. net8.0-tvos was computed. net8.0-windows was computed.
.NET Core	netcoreapp3.0 was computed. netcoreapp3.1 was computed.
.NET Standard	netstandard2.1 is compatible.
MonoAndroid	monoandroid was computed.
MonoMac	monomac was computed.
MonoTouch	monotouch was computed.
Tizen	tizen60 was computed.
Xamarin.iOS	xamarinios was computed.
Xamarin.Mac	xamarinmac was computed.
Xamarin.TVOS	xamarintvos was computed.
Xamarin.WatchOS	xamarinwatchos was computed.

Compatible target framework(s)

Included target framework(s) (in package)

Learn more about Target Frameworks and .NET Standard.

.NETStandard 2.1
- No dependencies.

NuGet packages (13)

Showing the top 5 NuGet packages that depend on starkbank-ecdsa:

Package	Downloads
SendGrid C# client library and examples for using Twilio SendGrid API's to send mail and access Web API v3 endpoints with .NET Standard 1.3 and .NET Core support.	135.3M
WATG.Common WATG library of commonly used and shared functionalities	134.7K
StarkBank Package Description	51.2K
starkcore Core functionalities for the StarkInfra and StarkBank Dotnet SDKs	11.0K
starkinfra SDK to facilitate C# (.NET) integrations with the Stark Infra API	6.3K

GitHub repositories (1)

Showing the top 1 popular GitHub repositories that depend on starkbank-ecdsa:

Repository	Stars
sendgrid/sendgrid-csharp The Official Twilio SendGrid C#, .NetStandard, .NetCore API Library	1.1K

Version	Downloads	Last updated
1.3.3	56,901,241	11/9/2021
1.3.2	298,148	11/4/2021
1.3.1	11,582,515	4/6/2021
1.3.0	117,252	1/26/2021
1.2.1	221,049	9/27/2020
1.2.0	18,465,881	6/23/2020
1.1.0	3,444	5/12/2020
1.0.0	3,392	4/15/2020
0.0.1	2,295	1/7/2020