Closed alex-miller-0 closed 5 years ago
This is expected, since X and Y are ASN.1 encoded signed integers (as per standard) so if the most significant bit is set (i.e: one) a 0 byte is prepended to indicate positive sign. Removing the leading 0 byte converts the number to an unsigned representation. This is done automatically in our Java SDK and is the right strategy if you need 32-byte output (for example in Ethereum transactions).
In running the tests, I have noticed that sometimes I get signatures with 33-byte X-components (as opposed to 32-byte ones, which I would expect every time).
Here's an example:
My comments in
verifySignResp
inKeycardTest.java
:Produces the following output:
A different output, with the 32-byte component I would expect:
Note:
Only the X component ever appears to be affected (I have yet to see a 70-byte signature output, which would indicate both components are 33 bytes)
The frequency looks roughly like ~1 in 7 attempts