filefilegoadmin
commented
1 year ago This is where the sig is serialized: https://github.com/libp2p/go-libp2p/blob/master/core/crypto/secp256k1.go#L81
Closed filefilegoadmin closed 1 year ago
filefilegoadmin
commented
1 year ago This is where the sig is serialized: https://github.com/libp2p/go-libp2p/blob/master/core/crypto/secp256k1.go#L81
paulmillr
commented
1 year ago What makes you think it's noble who is wrong and NOT go-libp2p? We are fuzzed extensively and test against wycheproof DER.
paulmillr
commented
1 year ago Here's actual source code of their verify function for the record:
filefilegoadmin
commented
1 year ago The serialization of the sig happens here: https://github.com/decred/dcrd/blob/master/dcrec/secp256k1/ecdsa/signature.go#L69
Its difficult to see which one is wrong, but i will open an issue there as well
paulmillr
commented
1 year ago I suggest executing ParseDERSignature from their library on your noble signature and seeing which error it throws.
jrick
commented
1 year ago libp2p is implicitly using sha256 https://github.com/libp2p/go-libp2p/blob/master/core/crypto/ecdsa.go#L136
paulmillr
commented
1 year ago use prehash: true
Hi,
I am trying to use this module in the browser, and we have a backend which runs golang with "go-libp2p/core/crypto/key.go" using
secp256k1.The problem is when I sign a message using noble-curves and export the sig using toDERHex, in libp2p (they are using DER) the verification fails without error.
Same private key is used btw