Merge pull request from nspcc-dev/NEOFS_CRYPTO-4_Change_func_Verify_signature

- Before `func Verify*(pub *ecdsa.PublicKey, sig, msg []byte) error`
- After `func Verify*(pub *ecdsa.PublicKey, msg, sig []byte) error`
- Update tests and replace `hash` with `sign` for signatures

Fix issue 
This commit is contained in:
Evgeniy Kulikov 2019-11-12 16:41:17 +03:00 committed by GitHub
commit 21d0864dae
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 17 additions and 17 deletions

View file

@ -191,7 +191,7 @@ func hashBytes(data []byte) []byte {
// Verify verifies the signature of msg using the public key pub. It returns // Verify verifies the signature of msg using the public key pub. It returns
// nil only if signature is valid. // nil only if signature is valid.
func Verify(pub *ecdsa.PublicKey, sig, msg []byte) error { func Verify(pub *ecdsa.PublicKey, msg, sig []byte) error {
if r, s := unmarshalXY(sig); r == nil || s == nil { if r, s := unmarshalXY(sig); r == nil || s == nil {
return ErrCannotUnmarshal return ErrCannotUnmarshal
} else if pub == nil { } else if pub == nil {

View file

@ -112,13 +112,13 @@ func TestSignVerify(t *testing.T) {
r1, s1, err := ecdsa.Sign(rand.Reader, key, hashBytes(data)) r1, s1, err := ecdsa.Sign(rand.Reader, key, hashBytes(data))
require.NoError(t, err) require.NoError(t, err)
hash := marshalXY(r1, s1) sign := marshalXY(r1, s1)
UnmarshalPublicKey(hash) UnmarshalPublicKey(sign)
} }
{ // 3. bad big.Ints { // 3. bad big.Ints
hash := marshalXY(big.NewInt(0), big.NewInt(1)) sign := marshalXY(big.NewInt(0), big.NewInt(1))
UnmarshalPublicKey(hash) UnmarshalPublicKey(sign)
} }
}) })
}) })
@ -134,20 +134,20 @@ func TestSignVerify(t *testing.T) {
hashBytes(data)) hashBytes(data))
require.NoError(t, err) require.NoError(t, err)
hash := marshalXY(r1, s1) sign := marshalXY(r1, s1)
{ // This is just to validate, that we are on right way.. try to unmarshal R/S from hash { // This is just to validate, that we are on right way.. try to unmarshal R/S from sign
// validate bytes length // validate bytes length
byteLen := (curve.Params().BitSize + 7) >> 3 byteLen := (curve.Params().BitSize + 7) >> 3
require.Len(t, hash, 1+2*byteLen) require.Len(t, sign, 1+2*byteLen)
// uncompressed form? // uncompressed form?
require.Equal(t, byte(4), hash[0]) require.Equal(t, byte(4), sign[0])
// validate R / S // validate R / S
p := curve.Params().P p := curve.Params().P
r := new(big.Int).SetBytes(hash[1 : 1+byteLen]) r := new(big.Int).SetBytes(sign[1 : 1+byteLen])
s := new(big.Int).SetBytes(hash[1+byteLen:]) s := new(big.Int).SetBytes(sign[1+byteLen:])
require.True(t, r.Cmp(p) < 0) require.True(t, r.Cmp(p) < 0)
require.True(t, s.Cmp(p) < 0) require.True(t, s.Cmp(p) < 0)
@ -155,7 +155,7 @@ func TestSignVerify(t *testing.T) {
// require.True(t, curve.IsOnCurve(r, s)) // require.True(t, curve.IsOnCurve(r, s))
} }
r2, s2 := unmarshalXY(hash) r2, s2 := unmarshalXY(sign)
require.NotNil(t, r2) require.NotNil(t, r2)
require.NotNil(t, s2) require.NotNil(t, s2)
@ -169,11 +169,11 @@ func TestSignVerify(t *testing.T) {
key = test.DecodeKey(0) key = test.DecodeKey(0)
) )
hash, err := Sign(key, data) sign, err := Sign(key, data)
require.NoError(t, err) require.NoError(t, err)
for i := 0; i < 100; i++ { for i := 0; i < 100; i++ {
require.NoError(t, Verify(&key.PublicKey, hash, data)) require.NoError(t, Verify(&key.PublicKey, data, sign))
} }
}) })
} }

View file

@ -46,7 +46,7 @@ func decodeSignature(sig []byte) (*big.Int, *big.Int, error) {
// VerifyRFC6979 verifies the signature of msg using the public key. It // VerifyRFC6979 verifies the signature of msg using the public key. It
// return nil only if signature is valid. // return nil only if signature is valid.
func VerifyRFC6979(key *ecdsa.PublicKey, sig, msg []byte) error { func VerifyRFC6979(key *ecdsa.PublicKey, msg, sig []byte) error {
if r, s, err := decodeSignature(sig); err != nil { if r, s, err := decodeSignature(sig); err != nil {
return err return err
} else if !ecdsa.Verify(key, hashBytes(msg), r, s) { } else if !ecdsa.Verify(key, hashBytes(msg), r, s) {

View file

@ -67,7 +67,7 @@ func TestRFC6979(t *testing.T) {
require.Equal(t, sig, res, "step: %d, %02x", i, res) require.Equal(t, sig, res, "step: %d, %02x", i, res)
require.NoErrorf(t, VerifyRFC6979(pub, sig, body), "step: %d", i) require.NoErrorf(t, VerifyRFC6979(pub, body, sig), "step: %d", i)
offset += RFC6979SignatureSize offset += RFC6979SignatureSize
} }
@ -77,7 +77,7 @@ func TestRFC6979(t *testing.T) {
// It's not equals in Python and Go: // It's not equals in Python and Go:
// require.Equal(t, sig, res, "step: %d, %02x", i, res) // require.Equal(t, sig, res, "step: %d, %02x", i, res)
require.NoErrorf(t, VerifyRFC6979(pub, sig, body), "step: %d", i) require.NoErrorf(t, VerifyRFC6979(pub, body, sig), "step: %d", i)
offset += RFC6979SignatureSize offset += RFC6979SignatureSize
} }