-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
address upper and lower S issues #1
Comments
Initially, our implementation failed to verify Microsoft issued, credentials, but then we updated it in this PR: transmute-industries/verifiable-data#115 99% of the PR is unrelated to the fix, but the core problem is "ECDSA verify vs ECDSA normalize and verify"... if the verify function expects the signature to be lower S (normalized) and it was not, the verify will fail (erroneously)... even in such cases, the exact same JWS can be safely transformed and verified, by applying the normalization process... see these related links: |
@OR13 I think I'm encountering this problem using the https://github.com/paulmillr/noble-secp256k1 library. Glad I remembered hearing you discuss this during the JWS meeting.. I will go through the links here and figure out how to normalize |
Ok, I got my tests passing at least but I think my actual issue was unrelated so now i'm not sure if i solved this. I am currently using I'm going to start plugging my issuer into the JWS test suite to see if I'm verifiable |
@brianorwhatever I solve these issues by cross testing against "known good" implementations.... those are really implementations I didn't write, that were written by people I trust.... for JWS in javascript thats https://www.npmjs.com/package/jose but you may have other languages you prefer... a cross test should confirm:
|
I think I am encountering this issue, with the JWT at the following URL: https://identity.foundation/sidetree/spec/v1.0.0/#deactivate-2 (JWT in the |
Here's the C source for the Here's C++ code in bitcoin for normalizing while signing: https://github.com/bitcoin/bitcoin/blob/40d20412ff173e8eea2f456fd749663c8cabda18/src/key.cpp#L202-L227 Here's the relevant BIP: https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki#low-s-values-in-signatures Here's Rust code for normalization in the ecdsa crate (used by k256 crate): |
@clehner thanks for linking directly to those... this issue will keep coming up as long as secp256k1 shall live. |
associated with secp256k1 ECDSA.
The text was updated successfully, but these errors were encountered: