Merge pull request #6 from nspcc-dev/NEOFS_CRYPTO-4_Change_func_Verify_signature

- Before `func Verify*(pub *ecdsa.PublicKey, sig, msg []byte) error`
- After `func Verify*(pub *ecdsa.PublicKey, msg, sig []byte) error`
- Update tests and replace `hash` with `sign` for signatures

Fix issue #5
This commit is contained in:
Evgeniy Kulikov 2019-11-12 16:41:17 +03:00 committed by GitHub
commit 21d0864dae
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 17 additions and 17 deletions

View file

@ -191,7 +191,7 @@ func hashBytes(data []byte) []byte {
// Verify verifies the signature of msg using the public key pub. It returns
// nil only if signature is valid.
func Verify(pub *ecdsa.PublicKey, sig, msg []byte) error {
func Verify(pub *ecdsa.PublicKey, msg, sig []byte) error {
if r, s := unmarshalXY(sig); r == nil || s == nil {
return ErrCannotUnmarshal
} else if pub == nil {

View file

@ -112,13 +112,13 @@ func TestSignVerify(t *testing.T) {
r1, s1, err := ecdsa.Sign(rand.Reader, key, hashBytes(data))
require.NoError(t, err)
hash := marshalXY(r1, s1)
UnmarshalPublicKey(hash)
sign := marshalXY(r1, s1)
UnmarshalPublicKey(sign)
}
{ // 3. bad big.Ints
hash := marshalXY(big.NewInt(0), big.NewInt(1))
UnmarshalPublicKey(hash)
sign := marshalXY(big.NewInt(0), big.NewInt(1))
UnmarshalPublicKey(sign)
}
})
})
@ -134,20 +134,20 @@ func TestSignVerify(t *testing.T) {
hashBytes(data))
require.NoError(t, err)
hash := marshalXY(r1, s1)
sign := marshalXY(r1, s1)
{ // This is just to validate, that we are on right way.. try to unmarshal R/S from hash
{ // This is just to validate, that we are on right way.. try to unmarshal R/S from sign
// validate bytes length
byteLen := (curve.Params().BitSize + 7) >> 3
require.Len(t, hash, 1+2*byteLen)
require.Len(t, sign, 1+2*byteLen)
// uncompressed form?
require.Equal(t, byte(4), hash[0])
require.Equal(t, byte(4), sign[0])
// validate R / S
p := curve.Params().P
r := new(big.Int).SetBytes(hash[1 : 1+byteLen])
s := new(big.Int).SetBytes(hash[1+byteLen:])
r := new(big.Int).SetBytes(sign[1 : 1+byteLen])
s := new(big.Int).SetBytes(sign[1+byteLen:])
require.True(t, r.Cmp(p) < 0)
require.True(t, s.Cmp(p) < 0)
@ -155,7 +155,7 @@ func TestSignVerify(t *testing.T) {
// require.True(t, curve.IsOnCurve(r, s))
}
r2, s2 := unmarshalXY(hash)
r2, s2 := unmarshalXY(sign)
require.NotNil(t, r2)
require.NotNil(t, s2)
@ -169,11 +169,11 @@ func TestSignVerify(t *testing.T) {
key = test.DecodeKey(0)
)
hash, err := Sign(key, data)
sign, err := Sign(key, data)
require.NoError(t, err)
for i := 0; i < 100; i++ {
require.NoError(t, Verify(&key.PublicKey, hash, data))
require.NoError(t, Verify(&key.PublicKey, data, sign))
}
})
}

View file

@ -46,7 +46,7 @@ func decodeSignature(sig []byte) (*big.Int, *big.Int, error) {
// VerifyRFC6979 verifies the signature of msg using the public key. It
// return nil only if signature is valid.
func VerifyRFC6979(key *ecdsa.PublicKey, sig, msg []byte) error {
func VerifyRFC6979(key *ecdsa.PublicKey, msg, sig []byte) error {
if r, s, err := decodeSignature(sig); err != nil {
return err
} else if !ecdsa.Verify(key, hashBytes(msg), r, s) {

View file

@ -67,7 +67,7 @@ func TestRFC6979(t *testing.T) {
require.Equal(t, sig, res, "step: %d, %02x", i, res)
require.NoErrorf(t, VerifyRFC6979(pub, sig, body), "step: %d", i)
require.NoErrorf(t, VerifyRFC6979(pub, body, sig), "step: %d", i)
offset += RFC6979SignatureSize
}
@ -77,7 +77,7 @@ func TestRFC6979(t *testing.T) {
// It's not equals in Python and Go:
// require.Equal(t, sig, res, "step: %d, %02x", i, res)
require.NoErrorf(t, VerifyRFC6979(pub, sig, body), "step: %d", i)
require.NoErrorf(t, VerifyRFC6979(pub, body, sig), "step: %d", i)
offset += RFC6979SignatureSize
}