-
Notifications
You must be signed in to change notification settings - Fork 141
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Block signature verification failure on unity tests #2446
Comments
I've checked produced public key, message, signature and verified them on netcore test, and they're correctly verified. |
Below seems to return false on correct signature, and state root hash. public bool VerifySignature(
ImmutableArray<byte>? signature,
HashDigest<SHA256> stateRootHash)
{
if (PublicKey is { } pubKey && signature is { } sig)
{
byte[] msg = Codec.Encode(MakeCandidateData(stateRootHash));
return pubKey.Verify(msg, sig);
}
else if (PublicKey is null)
{
return signature is null;
}
return false;
} I suspect not null pattern matching does not properly works on .NET Framework 4.7, but not sure. I'll make sure this with temporal throw statements. |
Found |
On
|
It wasn't due to some throw statements, instead, public virtual bool VerifySignature(byte[] message, BigInteger r, BigInteger s)
{
BigInteger n = key.Parameters.N;
if (r.SignValue < 1 || s.SignValue < 1 || r.CompareTo(n) >= 0 || s.CompareTo(n) >= 0)
{
return false;
}
BigInteger bigInteger = CalculateE(n, message);
BigInteger val = s.ModInverse(n);
BigInteger a = bigInteger.Multiply(val).Mod(n);
BigInteger b = r.Multiply(val).Mod(n);
ECPoint g = key.Parameters.G;
ECPoint q = ((ECPublicKeyParameters)key).Q;
ECPoint eCPoint = ECAlgorithms.SumOfTwoMultiplies(g, a, q, b);
if (eCPoint.IsInfinity)
{
return false;
}
ECCurve curve = eCPoint.Curve;
if (curve != null)
{
BigInteger cofactor = curve.Cofactor;
if (cofactor != null && cofactor.CompareTo(Eight) <= 0)
{
ECFieldElement denominator = GetDenominator(curve.CoordinateSystem, eCPoint);
if (denominator != null && !denominator.IsZero)
{
ECFieldElement xCoord = eCPoint.XCoord;
while (curve.IsValidFieldElement(r))
{
if (curve.FromBigInteger(r).Multiply(denominator).Equals(xCoord))
{
return true;
}
r = r.Add(n);
}
return false;
}
}
}
return eCPoint.Normalize().AffineXCoord.ToBigInteger().Mod(n).Equals(r);
}
|
Wrapping up,
Below is a sample of misjudged case. const string pubKey =
"03" +
"8ec8ef28ce8c9c16305aee6a8198da37" +
"93116bac755ff54a6103c08ad7f5de7e";
const string msg =
"647531303A646966666963756C747969" +
"316575353A696E64657869336575353A" +
"6E6F6E636531303A24D372E47FEEFF1B" +
"F5A67531333A70726576696F75735F68" +
"61736833323AD657CD14245B0BC40B28" +
"DC3BC564BAA8871549F5720C67BCBDDF" +
"C869AC5F43EA7531363A70726F746F63" +
"6F6C5F76657273696F6E693365753130" +
"3A7075626C69635F6B657933333A038E" +
"C8EF28CE8C9C16305AEE6A8198DA3793" +
"116BAC755FF54A6103C08AD7F5DE7E75" +
"31353A73746174655F726F6F745F6861" +
"736833323A1B16B1DF538BA12DC3F97E" +
"DBB85CAA7050D46C148134290FEBA80F" +
"8236C83DB975393A74696D657374616D" +
"707532373A323032322D31312D313154" +
"30353A34313A35332E3137383936335A" +
"7531363A746F74616C5F646966666963" +
"756C747969336565";
const string sig =
"304402206b8e2a9fdc7adbf121893e5c" +
"53390a3c43f8cd7329c9cad8315ad2da" +
"bd37f23102206bbdef6a81138ba915e1" +
"32369e86c29a604177436ee2ef5995c4" +
"7318a57fd72b"; Corresponding log is
|
If we are sure BouncyCastle is the culprit, maybe we can try a different version? 🤔 |
May be. |
BouncyCastle.Cryptography seems appreciate option for us. |
Sadly, #2571 doesn't seem to help. 😢 |
Sorry for the confusion. the above comment is related to #2569. 😅 |
There are also newer versions of BouncyCastle.NetCore. 🤔 |
So many tests are fails like following on unity test:
The text was updated successfully, but these errors were encountered: