search

ehn-dcc-development / ehn-sign-verify-javascript-trivial

Trivial eHN-Simple implementation in plain/simplified javascript
European Union Public License 1.2
32 stars 12 forks source link

Does not work for some keys: Error: red works only with positives #11

Open inctec-leo opened 2 years ago

inctec-leo commented 2 years ago

This code does not seem to work with some official keys. I.e. this key issued by the german authorities:

{
          kty: 'EC',
          'x5t#S256': 'XkVWZqUeeFc0suP6qTJGG-C723_K_z2geLisE5wmluI',
          use: 'sig',
          crv: 'P-256',
          kid: 'XkVWZqUeeFc=',
          x5c: [
            'MIIHUTCCBQmgAwIBAgIQUIKkn9dGJ+Fvw2iuEU4tejA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiAwIBQDBbMQswCQYDVQQGEwJERTEVMBMGA1UEChMMRC1UcnVzdCBHbWJIMRwwGgYDVQQDExNELVRSVVNUIENBIDItMiAyMDE5MRcwFQYDVQRhEw5OVFJERS1IUkI3NDM0NjAeFw0yMTA2MTExNDUwMjFaFw0yMzA2MTUxNDUwMjFaMIHrMQswCQYDVQQGEwJERTEdMBsGA1UEChMUUm9iZXJ0IEtvY2gtSW5zdGl0dXQxJDAiBgNVBAsTG0VsZWt0cm9uaXNjaGVyIEltcGZuYWNod2VpczEdMBsGA1UEAxMUUm9iZXJ0IEtvY2gtSW5zdGl0dXQxDzANBgNVBAcTBkJlcmxpbjEOMAwGA1UEEQwFMTMzNTMxFDASBgNVBAkTC05vcmR1ZmVyIDIwMRkwFwYDVQRhExBEVDpERS0zMDIzNTMxNDQ1MRUwEwYDVQQFEwxDU00wMjY0NjAwMjYxDzANBgNVBAgTBkJlcmxpbjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABIfd+CIjArF6fe+6Q3hu1otdUvrhhqHpup0jW7QiC3Ek+PvxahpSzgSbyGT0od4Ux8dle1fty86oukdnWoTp6P6jggLpMIIC5TAfBgNVHSMEGDAWgBRxEDKudHF7VI7x1qtiVK78PsC7FjAtBggrBgEFBQcBAwQhMB8wCAYGBACORgEBMBMGBgQAjkYBBjAJBgcEAI5GAQYCMIH+BggrBgEFBQcBAQSB8TCB7jA3BggrBgEFBQcwAYYraHR0cDovL2QtdHJ1c3QtY2EtMi0yLTIwMTkub2NzcC5kLXRydXN0Lm5ldDBCBggrBgEFBQcwAoY2aHR0cDovL3d3dy5kLXRydXN0Lm5ldC9jZ2ktYmluL0QtVFJVU1RfQ0FfMi0yXzIwMTkuY3J0MG8GCCsGAQUFBzAChmNsZGFwOi8vZGlyZWN0b3J5LmQtdHJ1c3QubmV0L0NOPUQtVFJVU1QlMjBDQSUyMDItMiUyMDIwMTksTz1ELVRydXN0JTIwR21iSCxDPURFP2NBQ2VydGlmaWNhdGU/YmFzZT8wcAYDVR0gBGkwZzAJBgcEAIvsQAEBMFoGCysGAQQBpTQCgRYFMEswSQYIKwYBBQUHAgEWPWh0dHA6Ly93d3cuZC10cnVzdC5uZXQvaW50ZXJuZXQvZmlsZXMvRC1UUlVTVF9DU01fUEtJX0NQUy5wZGYwgfAGA1UdHwSB6DCB5TCB4qCB36CB3IZpbGRhcDovL2RpcmVjdG9yeS5kLXRydXN0Lm5ldC9DTj1ELVRSVVNUJTIwQ0ElMjAyLTIlMjAyMDE5LE89RC1UcnVzdCUyMEdtYkgsQz1ERT9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0hjJodHRwOi8vY3JsLmQtdHJ1c3QubmV0L2NybC9kLXRydXN0X2NhXzItMl8yMDE5LmNybIY7aHR0cDovL2Nkbi5kLXRydXN0LWNsb3VkY3JsLm5ldC9jcmwvZC10cnVzdF9jYV8yLTJfMjAxOS5jcmwwHQYDVR0OBBYEFPdFwMQGQturw7wXqRcebaB+nz6vMA4GA1UdDwEB/wQEAwIGwDA9BgkqhkiG9w0BAQowMKANMAsGCWCGSAFlAwQCA6EaMBgGCSqGSIb3DQEBCDALBglghkgBZQMEAgOiAwIBQAOCAgEA0XRsfatBY5BT/HfWbUQvQXtisS0xp2qxVXZkgejDV2r90KsxGAAM9MZIw3eebywbg7ygwhdKwu4ZYGdFpr/cYH+j5pRPCjYoJOsjCEDA7GDtdWenQruM0JcKI4KGgtm01LZGT1L3rBHKh0Dg9fOrAS3L05ZR+cQ1oDKrMUuGm57CDTgcPXmxawmxadjLKOagfPpOkMmZabNMDd3+06gIQ7KfH3BWwZHYbqkg5dHHyb6cvdwQarfLjPKlcWrACWX6KyvYYv8Aj3fxu9w1RYCA1HqOGfIWl0in1LoCJhYLNb4GcS3feqhvnUAKL0BZN+5oSgMbQfi4hqGcwhBKNH4UVfnL47f7dsJxr3ob9U+VLkCUJ7yC6FPjY0pefGgsgQl+9rabBjNaSLwjxoOmEx7PbnjU5xmxipYa7LK+gLuLfZysu+VAFUXAxSFljz5cKWn80sqgSchzOlJRobCI/xTrziQc74pRGV+eWBXpybRu6bvZ8Y96EHpbdyWsG9sDPCeJgiq5XdWfR3JUprVsQzaEBDzBGq1Y0fWxOOoi+gQIQXPvx9sBjc9fdOvnFEODI1NXotab2LlKztNTQU3eEBhbsHjg30a1pIVwiL/nmxsMLxxiNJAZ/9t0D71llbrSBS665BTkmObNnr1xHoS94wg4L9UfinLFsSkHpTer+cQhrA4='
          ],
          x: 'h934IiMCsXp977pDeG7Wi11S-uGGoem6nSNbtCILcSQ',
          y: '-PvxahpSzgSbyGT0od4Ux8dle1fty86oukdnWoTp6P4'
        }

Will lead to the error 

Error: red works only with positives
    at assert (//bn.js/lib/bn.js:6:21)
    at BN.toRed (//bn.js/lib/bn.js:2849:5)
    at new Point (//elliptic/lib/elliptic/curve/short.js:268:23)
    at ShortCurve.point (//elliptic/lib/elliptic/curve/short.js:275:10)
    at KeyPair._importPublic (//elliptic/lib/elliptic/ec/key.js:95:30)
    at new KeyPair (//elliptic/lib/elliptic/ec/key.js:16:10)
    at Function.fromPublic (//elliptic/lib/elliptic/ec/key.js:24:10)
    at EC.keyFromPublic (//elliptic/lib/elliptic/ec/index.js:52:18)

This will happen with about every 5th of the covid certificate keys.