Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unstable signature verification from c library #90

Closed
carnun opened this issue Jun 16, 2016 · 1 comment
Closed

Unstable signature verification from c library #90

carnun opened this issue Jun 16, 2016 · 1 comment
Assignees
@fanatid
Labels
question

Comments

@carnun
Copy link

carnun commented Jun 16, 2016

I am by no means a crypto expert, but on a recent project we were having issues tracing down problems verifying signatures. In the end we reduced it to the difference between the way the secp256k1 c library verified signatures vs the way elliptic.js verified signatures. I can't tell you what is going wrong on the maths side but hopefully the following test case can help:

msg = Buffer("7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069", 'hex');
sig = Buffer("3046022100c74b47f51776096053d01dea04bc67f77f1145df46a5b4c5c817aa2acdfad7ff022100efbbe32d7d7b2109365290427cf19bdbdc14304608441aaf19781216da53d6da", 'hex')
publicKey = Buffer("040db450c7aca2a501d6e8f04338f7e93f4fef29fa5881fcc180ec8324f3b40a1fa22bccd174898e2bcb5247f2d648ea899a95dae8bf84ba8a13e7dcc9cb7f08bd", 'hex')

var secp256k1 = require('secp256k1');

//this one fails
sigImport = secp256k1.signatureImport(sig);
if(secp256k1.verifySync(msg, sigImport, publicKey)) {
  console.log("sig ok");
} else {
  console.log("is not ok")
}

var EC = require("elliptic").ec;
//this one succeeds
var ec = new EC("secp256k1");
if (ec.verify(msg, sig, publicKey)) {
  console.log("sig ok");
} else {
  console.log("is not ok");
}
@fanatid fanatid self-assigned this Aug 5, 2016
@fanatid
Copy link
Member

fanatid commented Aug 7, 2016

@carnun it's happened because secp256k1 return false for non lower-s signatures,
so, working example:

var msg = Buffer('7f83b1657ff1fc53b92dc18148a1d65dfc2d4b1fa3d677284addd200126d9069', 'hex')
var sig = Buffer('3046022100c74b47f51776096053d01dea04bc67f77f1145df46a5b4c5c817aa2acdfad7ff022100efbbe32d7d7b2109365290427cf19bdbdc14304608441aaf19781216da53d6da', 'hex')
var publicKey = Buffer('040db450c7aca2a501d6e8f04338f7e93f4fef29fa5881fcc180ec8324f3b40a1fa22bccd174898e2bcb5247f2d648ea899a95dae8bf84ba8a13e7dcc9cb7f08bd', 'hex')

var secp256k1 = require('secp256k1')

// this one fails
var sigImport = secp256k1.signatureImport(sig)
var normalizedSig = secp256k1.signatureNormalize(sigImport)
if (secp256k1.verify(msg, normalizedSig, publicKey)) {
  console.log('sig ok')
} else {
  console.log('is not ok')
}

@fanatid fanatid closed this as completed Aug 7, 2016
@baumstern baumstern mentioned this issue Dec 5, 2018
Closed
@baumstern baumstern mentioned this issue Mar 3, 2019
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fanatid fanatid

Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@carnun @fanatid