fix: Correct implementation of ES256K signatures.

peacekeeper · peacekeeper · commit 33723ba33ba5 · 2021-07-25T11:43:51.000+02:00
diff --git a/src/main/java/com/danubetech/keyformats/crypto/impl/secp256k1_ES256K_PrivateKeySigner.java b/src/main/java/com/danubetech/keyformats/crypto/impl/secp256k1_ES256K_PrivateKeySigner.java
@@ -4,6 +4,7 @@
 import com.danubetech.keyformats.jose.JWSAlgorithm;
 import org.bitcoinj.core.ECKey;
 import org.bitcoinj.core.Sha256Hash;
+import org.bitcoinj.core.Utils;
 
 import java.security.GeneralSecurityException;
 
@@ -17,6 +18,13 @@ public secp256k1_ES256K_PrivateKeySigner(ECKey privateKey) {
     @Override
     public byte[] sign(byte[] content) throws GeneralSecurityException {
 
-        return this.getPrivateKey().sign(Sha256Hash.of(content)).encodeToDER();
+        ECKey.ECDSASignature ecdsaSignature = this.getPrivateKey().sign(Sha256Hash.of(content));
+        byte[] r = Utils.bigIntegerToBytes(ecdsaSignature.r, 32);
+        byte[] s = Utils.bigIntegerToBytes(ecdsaSignature.s, 32);
+
+        byte[] signatureBytes = new byte[64];
+        System.arraycopy(r, 0, signatureBytes, 0, r.length);
+        System.arraycopy(s, 0, signatureBytes, 32, s.length);
+        return signatureBytes;
     }
 }
diff --git a/src/main/java/com/danubetech/keyformats/crypto/impl/secp256k1_ES256K_PublicKeyVerifier.java b/src/main/java/com/danubetech/keyformats/crypto/impl/secp256k1_ES256K_PublicKeyVerifier.java
@@ -4,8 +4,8 @@
 import com.danubetech.keyformats.jose.JWSAlgorithm;
 import org.bitcoinj.core.ECKey;
 import org.bitcoinj.core.Sha256Hash;
-import org.bitcoinj.core.SignatureDecodeException;
 
+import java.math.BigInteger;
 import java.security.GeneralSecurityException;
 
 public class secp256k1_ES256K_PublicKeyVerifier extends PublicKeyVerifier<ECKey> {
@@ -18,12 +18,13 @@ public secp256k1_ES256K_PublicKeyVerifier(ECKey publicKey) {
     @Override
     public boolean verify(byte[] content, byte[] signature) throws GeneralSecurityException {
 
-        try {
+        byte[] r = new byte[32];
+        byte[] s = new byte[32];
+        System.arraycopy(signature, 0, r, 0, r.length);
+        System.arraycopy(signature, 32, s, 0, s.length);
 
-            return this.getPublicKey().verify(Sha256Hash.hash(content), signature);
-        } catch (SignatureDecodeException ex) {
+        ECKey.ECDSASignature ecdsaSignature = new ECKey.ECDSASignature(new BigInteger(1, r), new BigInteger(1, s));
 
-            throw new GeneralSecurityException(ex.getMessage(), ex);
-        }
+        return this.getPublicKey().verify(Sha256Hash.of(content), ecdsaSignature);
     }
 }
