Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Problem validating C509 test vectors -- ECC signature does not validate #192

Closed
derekatkins opened this issue Apr 20, 2022 · 1 comment
Closed

Problem validating C509 test vectors -- ECC signature does not validate #192

derekatkins opened this issue Apr 20, 2022 · 1 comment

Comments

@derekatkins
Copy link

Hi,
I am trying to implement CBOR.509 Certificates and I am trying to validate the test certificate in Appendix A.1.2 using the keys in A.1.3. The public key is compressed, but I've already verified that the decompression matches what uECC creates using uECC_compute_public_key(). However, I still can't get the validation to work properly.
When I compute the SHA256 of the message in the test-vector I get:
b5bca215e1d1478d2fe7728a54089f2032a4a1a245fafb5bd21d9eeb9d076aed
However the verification still does not succeed:

  uint8_t msg[] = {  0x00,
  0x43, 0x01, 0xF5, 0x0D,
  0x6B, 0x52, 0x46, 0x43, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x43, 0x41,
  0x1A, 0x5E, 0x0B, 0xE1, 0x00,
  0x1A, 0x60, 0x18, 0x96, 0x00,
  0x46, 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB,
  0x01,
  0x58, 0x21, 0x02, 0xB1, 0x21, 0x6A, 0xB9, 0x6E, 0x5B, 0x3B, 0x33, 0x40,
  0xF5, 0xBD, 0xF0, 0x2E, 0x69, 0x3F, 0x16, 0x21, 0x3A, 0x04, 0x52,
  0x5E, 0xD4, 0x44, 0x50, 0xB1, 0x01, 0x9C, 0x2D, 0xFD, 0x38, 0x38, 0xAB,
  0x01,
  0x00 };
  uint8_t test_issuerPublicKey[] = {
  0x02, 0xAE, 0x4C, 0xDB, 0x01, 0xF6, 0x14, 0xDE, 0xFC, 0x71, 0x21, 0x28,
  0x5F, 0xDC, 0x7F, 0x5C, 0x6D, 0x1D, 0x42, 0xC9, 0x56, 0x47, 0xF0,
  0x61, 0xBA, 0x00, 0x80, 0xDF, 0x67, 0x88, 0x67, 0x84, 0x5E
  };
  uint8_t test_issuerSignature[] = {
	0xB2, 0x7A, 0x0B, 0x78, 0x14, 0x55, 0xF7, 0x1B, 0x68, 0x29, 0x0F,
	0x6C, 0x2E, 0xC9, 0xA8, 0x97, 0xF1, 0x8F, 0xDE, 0x9B, 0x6C, 0x59,
	0x57, 0x59, 0x53, 0xBC, 0x67, 0x26, 0x8A, 0xB0, 0xE4, 0xDD, 0xE9,
	0x9D, 0x27, 0x3E, 0x04, 0xE4, 0x71, 0x53, 0x83, 0xAB, 0x22, 0x57,
	0xC6, 0xAA, 0xA3, 0x52, 0x84, 0xE5, 0xED, 0x18, 0xBD, 0xB9, 0x12,
	0x47, 0xE9, 0xF2, 0xC4, 0x33, 0x13, 0x64, 0x80, 0xB9 };
  uint8_t pubkey[64];
  uint8_t hash[32];
  SHA256Context hash_ctx;

  uECC_decompress(test_issuerPublicKey, pubkey, uECC_secp256r1());
  SHA256Reset(&hash_ctx);
  SHA256Input(&hash_ctx, msg, sizeof(msg));
  SHA256Result(&hash_ctx, hash);
  // this results in hash = { 0xb5, 0xbc, 0xa2, 0x15, 0xe1, 0xd1, 0x47, 0x8d, 0x2f, 0xe7, 0x72, 0x8a, 0x54, 0x08, 0x9f, 0x20, 0x32, 0xa4, 0xa1, 0xa2, 0x45, 0xfa, 0xfb, 0x5b, 0xd2, 0x1d, 0x9e, 0xeb, 0x9d, 0x07, 0x6a, 0xed };

  TEST_ASSERT_EQUAL(1, uECC_verify(pubkey, hash, sizeof(hash),
					  test_issuerSignature,
					  uECC_secp256r1()));

I'm at a loss for what's going on? I have reached out to the authors to validate the SHA256 to ensure I'm getting the right result.
@derekatkins
Copy link
Author

For the record, the test vector was wrong. Once replaced with a valid test vector, the validation succeeded.
So I am closing this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@derekatkins