Topic: [SOLVED] problem with ecc hash veryfication

Hi,
I have following problem with ecc signature veryfication. I have two parts of public key: x and y, message digest and ecc signature in two parts: r and s. I want to use wc_ecc_verify_hash to check if the signature is valid.

From what I read from documentation, first I should use function wc_ecc_import_raw(ecc_key* key, const char* qx, const char* qy, const char* d, const char* curveName) to initialise ecc_key structure. Here I see first problem - I don't have private key (parameter d). Can I put there some random value since private key is not needed for signature veryfication?

Second problem is that wc_ecc_verify_hash takes signature as one argument but I have it stored int two parts (r,s).
Should I use wc_ecc_rs_to_sig to convert them into  DER-encoded signature or is there some other way to do it?

Sorry if these questions seems basic, but I'm new to both ecc and wolfcrpyt and I don't understand yet how exactly it works.

Kind regards
Majkel

Share

Re: [SOLVED] problem with ecc hash veryfication

Hi Majkel,

You are correct that you only need the public key x and y plus the signature r and s to verify an ECC signature. Are these all in hex string format like "0102030405060708090A" or unsigned bin? How were these values generated? Typically the R and S values are encoded with a DSA DER header. The public key is typically encoded into a x963 format, which is a small header and raw x then y values.

The functions you'll want to use are wc_ecc_rs_to_sig() and wc_ecc_import_x963().

If you don't have encoded X,Y and R,S values then you can use mp_read_unsigned_bin to import the raw binary into public key such as:

ecc_key key;
wc_ecc_init(&key);
mp_init_multi(key->pubkey.x, key->pubkey.y, key->pubkey.z, &key->k, NULL, NULL);
mp_read_unsigned_bin(key->pubkey.x, x_buf, x_len);
mp_read_unsigned_bin(key->pubkey.y, y_buf, y_len);
mp_set(key->pubkey.z, 1);

// Then you'll have an ecc_key with public key

int status;
wc_ecc_verify_hash(sig, sigSz, hash, hashSz, &status, &key);


You can also use the "wc_SignatureVerify()" wrapper function. Examples for this are here:
https://github.com/dgarske/wolfssl-exam … /signature

Thanks and looking forward to your reply.
David Garske, wolfSSL

Share

Re: [SOLVED] problem with ecc hash veryfication

Hi Dgarske,

I have fixed the problem using wc_ecc_rs_to_sig() and wc_ecc_import_raw(). As you suggested, the problem was that my r and s values were stored in an array (like char r[] = {0x01, 0x23, 0x45, 0x67}) instead of char r[] = "01234567". Now everything is working. Thank you for your help.

Regards,
Majkel

Share