search

bcgit / pc-dart

Pointy Castle - Dart Derived Bouncy Castle APIs
MIT License
237 stars 122 forks source link

ECDASigner seems to work incorrectly using secp384r1 #2

Closed DeddyH closed 4 years ago

DeddyH commented 4 years ago

I am trying to port some C#-Code using BouncyCastle to dart. A comparison of all calculated data did not show any difference, but the behaviour differs: the C#-program verifies the hash, my dart-app doesn't. Possibly this is my own mistake, but I think I ported everything correctly. To break it down, here is some code with the original data:

bool check() {
    final List<int> hash = hex.decode(
        'bb90d028b078852b43e70ed3c116a85767f86f38b4ee22fb1fcc44031a7ab1c99c1c5f0c81a51fb3004219823c5a7c7a');
    final publicKeyBuffer = base64Decode(
        'BIgT5/O6q2MNBKerCVR1jiwbTUN5nVSwmrV96qP2oTpgyAD51k/NC93/77v4YxaUtAFeMWfLDhC6AzqH5l9mjZQnKHVD4ytj4emB6aIjraAFxCD0O8kvafF47xdtgHGi1A==');
    final signatureBuffer = base64Decode(
        'Z6x7OEb4OEYQ+2/CV32TLYPmXGzj5rvXQT9ygYoc/GUklngcgHmSVl3eBLObH1DEbkVXBM7SRSOPmkGC6pcrtQ0DjEzooHL7oVHJNszFItCTtz9RWHokEbx0hiOLxu13');
    final ECDomainParameters domainParameters = ECDomainParameters('secp384r1');
    final ECPoint point = domainParameters.curve.decodePoint(publicKeyBuffer);
    final ECPublicKey publicKey = ECPublicKey(point, domainParameters);
    final PublicKeyParameter<ECPublicKey> param = PublicKeyParameter<ECPublicKey>(publicKey);
    final ECDSASigner signer = ECDSASigner();
    signer.init(false, param);
    final BigInt r = decodeBigInt(signatureBuffer.take(signatureBuffer.length >> 1).toList());
    final BigInt s = decodeBigInt(signatureBuffer.skip(signatureBuffer.length >> 1).toList());
    final ECSignature ecSignature = ECSignature(r, s);
    return signer.verifySignature(hash, ecSignature);
  }
mwcw commented 4 years ago

Hi

We tried to load the public key using the bc-java api and it indicates that the public key is not on the curve.

I'll close this for now.

MW