Skip to content

Commit

Permalink
feat: Low-s normalization for ecdsa secp256r1 signing (cosmos#9738) (c…
Browse files Browse the repository at this point in the history 
…osmos#9793)

* added low-s normalization to ecdsa secp256r1 signing

* go fmt fixes

* removed else block as golint required

* implement raw signature encoding for secp256r1

* move the creation of signature to after the check for sig string length

* fake commit to re-run checks? (move the creation of signature to after the check for sig string length)

* added a signature test for high s signature that requires sig validation to fail after the valid signature was mutated by extracting and scalar negating its s value

* reordered code to prevent mutated message from being used in sig verify

* added test for successful high_s signature with the ecdsa portion of the publicKey

* Remove comment for self-explanatory code.

Co-authored-by: Robert Zaremba <robert@zaremba.ch>

* Missing quote

Co-authored-by: Robert Zaremba <robert@zaremba.ch>

* Apply minor suggestions from code review

Co-authored-by: Robert Zaremba <robert@zaremba.ch>

* normalize comments for godoc

* refactored p256Order functions as private vars

* Div -> Rsh optimizing time for division

* resolve two code coverage issues; fix some small review issues

* test using private signatureRaw function instead of copying code. Added tests to improve code coverage

Co-authored-by: Aaron Craelius <aaron@regen.network>
Co-authored-by: Robert Zaremba <robert@zaremba.ch>
Co-authored-by: Aleksandr Bezobchuk <alexanderbez@users.noreply.github.com>
(cherry picked from commit aa37ae9)

Co-authored-by: John Kemp <frumioj@users.noreply.github.com>
  • Loading branch information
@mergify @frumioj
mergify[bot] and frumioj authored Nov 1, 2021
1 parent dae0f48 commit 8b9748b
Showing 1 changed file with 7 additions and 1 deletion.
8 changes: 7 additions & 1 deletion crypto/keys/internal/ecdsa/privkey.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,13 @@ import (
// p256Order returns the curve order for the secp256r1 curve
// NOTE: this is specific to the secp256r1/P256 curve,
// and not taken from the domain params for the key itself
// (which would be a more generic approach for all EC).
// (which would be a more generic approach for all EC)
// In *here* we don't need to do it as a method on the key
// since this code is only called for secp256r1
// if called on a key:
// func (sk PrivKey) pCurveOrder() *.big.Int {
// return sk.Curve.Params().N
// }
var p256Order = elliptic.P256().Params().N

// p256HalfOrder returns half the curve order
Expand Down

0 comments on commit 8b9748b

Please sign in to comment.