Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: btcec.PrivateKey.Sign creates invalid signatures for curves other than S256() #1501

Open
benma opened this issue Nov 29, 2019 · 1 comment
Open

bug: btcec.PrivateKey.Sign creates invalid signatures for curves other than S256() #1501

benma opened this issue Nov 29, 2019 · 1 comment
Labels
btcec potentialbug

Comments

@benma
Copy link
Contributor

benma commented Nov 29, 2019 

func unhex(s string) []byte {
	b, err := hex.DecodeString(s)
	if err != nil {
		panic(err)
	}
	return b
}

privateKey, publicKey := btcec.PrivKeyFromBytes(
		elliptic.P256(),
		unhex("9b1a4d293a6eef1960d8afab5e58dd581b135152ec3399bde9268fa23051321b"),
)

Using privateKey.Sign() does not give a valid signature for the P256() curve.

Likely cause:

btcd/btcec/privkey.go

Line 62 in f3ec130

return signRFC6979(p, hash)

calls

btcd/btcec/signature.go

Line 422 in f3ec130

func signRFC6979(privateKey *PrivateKey, hash []byte) (*Signature, error) {

which assumes S256() here:

btcd/btcec/signature.go

Line 425 in f3ec130

N := S256().N

@cubancorona
Copy link

I apologize for my previous statement, now deleted, which was inappropriately premature. My apologies to every person who worked on this significant modification.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
btcec potentialbug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@cubancorona @benma @jakesylvestre