ECDSA on secp256r1, and asn1 encoding

655 views Asked by At

I got following go-program:

package main

import (
    "fmt"
    "crypto/elliptic"
    "crypto/ecdsa"
    "crypto/sha512"
    "crypto/rand"
    "encoding/asn1"
)

func main() {
    message := []byte("TollJuhuWurstPizzaSchnellEssen")
    hash := sha512.Sum512(message)

//secp256r1
secp_priv, err := ecdsa.GenerateKey(elliptic.P256(), rand.Reader)
if err != nil {
    panic(err)
}

r, s , err := ecdsa.Sign(rand.Reader, secp_priv, hash[:])
if err != nil {
    panic(err)
}

secpub := elliptic.Marshal(elliptic.P256(), secp_priv.PublicKey.X, secp_priv.PublicKey.Y)
fmt.Printf("secp256r1 pub: %#v\n", secpub)

secsig := elliptic.Marshal(elliptic.P256(), r, s)
fmt.Printf("secp256r1 sig %d: %#v\n",len(secsig), secsig)

x, y := elliptic.Unmarshal(elliptic.P256(), secpub)
secp_priv.PublicKey.X = x
secp_priv.PublicKey.Y = y

r2, s2 := elliptic.Unmarshal(elliptic.P256(), secsig[:])
fmt.Printf("r,s: %d %d\n", r, s)
fmt.Printf("r2,s2: %d %d\n", r2, s2)

valid := ecdsa.Verify(&secp_priv.PublicKey, hash[:], r, s)   //&secp_priv.PublicKey

fmt.Printf("secp256r1 verify1: %v\n", valid)

//SignASN1
asn1_sig , err := ecdsa.SignASN1(rand.Reader, secp_priv, hash[:])
if err != nil {
    panic(err)
}

fmt.Printf("secp256r1 sig_asn1 %d: %#v\n",len(asn1_sig), asn1_sig)
var buffer asn1.RawValue
_, err = asn1.Unmarshal(asn1_sig, &buffer)
if err != nil {
    panic(err)
}


fmt.Printf("secp256r1 unmarshal full sig_asn1 %d: %#v\n",len(buffer.FullBytes), buffer.FullBytes)
fmt.Printf("secp256r1 unmarshal sig_asn1 %d: %#v\n",len(buffer.Bytes), buffer.Bytes)

valid = ecdsa.VerifyASN1(&secp_priv.PublicKey, hash[:], asn1_sig)   //&secp_priv.PublicKey

fmt.Printf("secp256r1 verify1: %v\n", valid)



}

And I would like to know, how stuff is connected. What does it mean, to have an asn1 encoding. When I unmarshal it, i have 68byte slice. But when I unmarshal the r, s big.Int Values I got 65bytes (64bytes with 0x04 prefix byte). I also can not understand why r2 and s2 become nil. I can Unmarshal but not marshal the signature ... The operation is reversibel?

I would like to feed this library with signatures and public-keys: https://github.com/kmackay/micro-ecc/tree/static

But I dont know, what byteslice to take :(

0

There are 0 answers