Comments (13)
Kagami
commented on August 20, 2024
1
var createHash = require("crypto").createHash;
var EC = require("elliptic").ec;
var ec = new EC("p256");
var msg = Buffer("test");
var hash = createHash("sha256").update(msg).digest();
var alg = {name: "ECDSA", namedCurve: "P-256", hash: {name: "SHA-256"}};
function u8(a) { return new Uint8Array(a); }
crypto.subtle.generateKey(alg, true, ["sign"]).then(function(pair) {
crypto.subtle.exportKey("raw", pair.publicKey).then(function (publicKey) {
crypto.subtle.sign(alg, pair.privateKey, msg).then(function(sig) {
var r = sig.slice(0, 32);
var s = sig.slice(32);
console.log(ec.verify(hash, {r: u8(r), s: u8(s)}, u8(publicKey)));
console.log("HASH: " + hash.toString("hex"));
console.log("SIG: " + Buffer(sig).toString("hex"));
console.log("PKEY: " + Buffer(publicKey).toString("hex"));
});
});
});true
HASH: 9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08
SIG: 9752408b0ddc7ff86c3654fff48f9f825cf7e32c1c22a728d44c685895892f4b02a853fb7e42465abfa7b8a6a2d46382f23adbaa58967116a80ec5fa063db293
PKEY: 0451c87f7b875959c7100e438d8530c202ece8f2a8164777b3d578f9ecf47d6cba4102e460f14b58aa282b396dbace037559517af90c4ea847d5841a56fc902e41
from elliptic.
indutny
commented on August 20, 2024
I think you may want to do key.verify(combo, options). There is no need to pass any other options to it.
Thanks!
from elliptic.
brave-dev
commented on August 20, 2024
many thanks for the reply, but key.verify() still returns false.
if we are convinced that the signature produced by window.crypto.subtyle.sign is equal parts r & s, then i think the substr above would work.
any ideas?
from elliptic.
indutny
commented on August 20, 2024
Aaah, I think you may want to try reverting the order of bytes in r and s. It looks like you made them little-endian, while elliptic expects them to be big-endian.
from elliptic.
brave-dev
commented on August 20, 2024
hi. maybe that's still an issue, but i'm still seeing false with:
var elliptic = require('elliptic').ec
var ec = new elliptic('secp256k1')
var reverse = function(s) {
var array = []
for (var i = s.length - 2; i >= 0; i -= 2) array.push(s.substr(i, 2))
return array.join('')
}
var userId = 'D023AB09-6435-4596-97F9-F3A032ED2F09'
, message =
{
"header": {
"signature": "6b564408299a3860a8eb26cf022fb54979fcba9767777fbb6dbd25e9b516999d7147ae87e5ac4050ac57e8f9d5907a813db8d3ce3e3b06d5901f868697d5032d",
"nonce": "1449272866.887"
},
"payload": {
"version": 1,
"publicKey": "04e9fd78f1d17c1c085f3928f4c1f421410889d8a7c07da4dc573797e6d96eedb5fe055f8d942aa25da07d0d85d2a042bdfbbdd14b98a9ad89bfe932442d163bac"
}
}
, key = ec.keyFromPublic(message.payload.publicKey, 'hex')
, combo = JSON.stringify({ userId: userId, nonce: message.header.nonce, payload: message.payload })
, options =
{ r: reverse(message.header.signature.substr(0, 64))
, s: reverse(message.header.signature.substr(64, 64))
}
console.log(options)
console.log(key.verify(combo, options))
from elliptic.
Kagami
commented on August 20, 2024
This one works:
var createHash = require("crypto").createHash;
var EC = require("elliptic").ec;
var ec = new EC("p256");
var msg = Buffer("test");
var hash = createHash("sha256").update(msg).digest();
var alg = {name: "ECDSA", namedCurve: "P-256", hash: {name: "SHA-256"}};
function u8(a) { return new Uint8Array(a); }
crypto.subtle.generateKey(alg, true, ["sign"]).then(function(pair) {
crypto.subtle.exportKey("raw", pair.publicKey).then(function (publicKey) {
crypto.subtle.sign(alg, pair.privateKey, msg).then(function(sig) {
var r = sig.slice(0, 32);
var s = sig.slice(32);
console.log(ec.verify(hash, {r: u8(r), s: u8(s)}, u8(publicKey)));
});
});
});from elliptic.
brave-dev
commented on August 20, 2024
many thanks. i am AFK right now, but will try this out ASAP!
from elliptic.
indutny
commented on August 20, 2024
@Kagami this is very strange. May I ask you to provide me examples of hash, and sig?
from elliptic.
indutny
commented on August 20, 2024
and publicKey for sure too.
from elliptic.
dconnolly
commented on August 20, 2024
@brave-dev: in your samples you generate a P-256 (aka secp256r1) keypair with webcrypto, then try to use it with secp256k1 (koblitz curve) with elliptic.js. AFAIK webcrypto api does not include the koblitz curves, so make sure you use p256 with elliptic.js.
from elliptic.
indutny
commented on August 20, 2024
@dconnolly gosh, I totally missed it. You are right!
from elliptic.
dconnolly
commented on August 20, 2024
👍
from elliptic.
brave-dev
commented on August 20, 2024
@Kagami - thanks very much: that's a winner!
from elliptic.
Related Issues (20)
- ec.Signature is not fully available in Typescript
- How to format a PHP-OpenSSL signature to be verifiable with elliptic? HOT 1
- Convert signature to base64 HOT 1
- Curve25519 Derivation doesn't work against RFC test Vector
- ⚠️ BN.toString(16) can result in wrong output ([email protected]) HOT 1
- Custom Curves HOT 1
- recoverPubKey accepts invalid signatures for recovery
- How to convert a DER-formatted signature back to a Signature object? HOT 1
- KeyPair.fromPublic: returns a KeyPair?
- How to create an ec.Signature instance from r,s in typescript
- I seem to get a wrong signature when using 'secp256k1' HOT 1
- Why hasn't this software been updated after 2021 years? HOT 1
- Feature request: support ed448 HOT 1
- How does point comparison work for the identity / point at infinity?
- Feature Request: Support for Secp256r1
- [FEATURE] Need equivalent of secp256k1_ec_seckey_tweak_add
- v6.5.2 has a breaking change HOT 1
- Regular expression injection - (ReDos)
- Elliptic's EDDSA missing signature length check HOT 2
- Dependabot alerts being raised for elliptic HOT 9
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from elliptic.