I'm attempting to sign and submit a hedera transaction using a ECC_SECG_P256K1 key from AWS KMS, here is an example public key: 04fcf808c1dd96931eb68a26f20f303952a263786ebfa049d219b897e96409f090dc884790406db423f6b7c5d23e69dfbec438d8e5df45a03fd140c01feef46287
I have been able to successfully sign a transaction following the guidance here, below is a code snippet showing how I generate the digest:
Signing this results in a signature, example: 3045022100f81bef704cf384febb50671ece9c6b0e27ddb05213b4eeaa9a5d6d23a6c96ed7022026a8b7317f8a745dc9090e574c3938171872099d0b81179352e7853f6b532e77
I'm able to successfully verify both the ASN.1 encoded sig, and the raw 64-byte sig, below is a code snippet:
// This passes
if !ecdsa.VerifyASN1(pk, digest, signature.Bytes) {
log.Error("original signature verification failed")
}
// This fails
if !ecdsa.VerifyASN1(pk, digest, rawSignature) {
log.Error("raw signature verification failed")
}
// This passes
if !hpk.Verify(digest, rawSignature) {
log.Error("hedera public key verification failed")
}
I'm able to add the signature using func (tx *TransferTransaction) AddSignature(publicKey PublicKey, signature []byte) *TransferTransaction
However, when I execute the transaction I receive the following error:
time="2024-09-10T16:59:23+01:00" level=error msg="Failed to execute transaction 0.0.4843569@1725983859.511142833: exceptional precheck status INVALID_SIGNATURE received for transaction 0.0.4843569@1725983859.511142833"
Any ideas what I could be doing wrong, or how to debug this further? AFAICT I am meeting the criteria specified.
The signing algorithm is to be keccak256-with-ECDSA; that is, clients will sign the keccak256 hash of the bytes in their SignedTrasaction#bodyBytes field.
The signature bytes in the SignaturePair for a ECDSA(secp256k1) key are to be the raw 64-byte encoding of the (r, s) values of the ECDSA signature.
I realise this is not a minimal reproducible example, i'll work on that next, working backwards from a working example.
Description
I'm attempting to sign and submit a hedera transaction using a
ECC_SECG_P256K1
key from AWS KMS, here is an example public key:04fcf808c1dd96931eb68a26f20f303952a263786ebfa049d219b897e96409f090dc884790406db423f6b7c5d23e69dfbec438d8e5df45a03fd140c01feef46287
I have been able to successfully sign a transaction following the guidance here, below is a code snippet showing how I generate the digest:
Signing this results in a signature, example:
3045022100f81bef704cf384febb50671ece9c6b0e27ddb05213b4eeaa9a5d6d23a6c96ed7022026a8b7317f8a745dc9090e574c3938171872099d0b81179352e7853f6b532e77
I'm able to successfully verify both the
ASN.1
encoded sig, and theraw
64-byte sig, below is a code snippet:I'm able to add the signature using
func (tx *TransferTransaction) AddSignature(publicKey PublicKey, signature []byte) *TransferTransaction
However, when I execute the transaction I receive the following error:
Any ideas what I could be doing wrong, or how to debug this further? AFAICT I am meeting the criteria specified.
I realise this is not a minimal reproducible example, i'll work on that next, working backwards from a working example.
Steps to reproduce
Execute the code below:
Test case:
Code under test:
Additional context
No response
Hedera network
testnet
Version
v2.44.0
Operating system
macOS