VerifyingKey.verify() with 71 bytes signature #273

Bastien-BO · 2021-11-12T11:23:15Z

Bastien-BO
Nov 12, 2021

Hello,

i'm curently trying to use python-ecdsa to verify message's integrity from gpay.
to do so google give a sig that is 71 bytes:

That folow this structure (i believe):
6 byte | DER encoding overhead
32 byte | r-value
32 byte | S-value
1 byte | Signature Hash

Exemple

pub: str = "BOdoXP+9Aq473SnGwg3JU1aiNpsd9vH2ognq4PtDtlLGa3Kj8TPf+jaQNPyDSkh3JUhiS0KyrrlWhAgNZKHYF2Y\u003d"
sig: str= "MEUCIQDY3SyBgKv2iegv4hOd3iYTPB43oLOMe4MMZN3QPv9XFAIgIfuT4Uzof6fIFe8lUucowAecPbwsod6DY8Q5JFaB7Q8\u003d"

vk2 = VerifyingKey.from_string(base64.b64decode(pub), curve=NIST256p, hashfunc=hashlib.sha256)
vk2.verify(signature=base64.b64decode(sig), data="my_data".encode(), hashfunc=hashlib.sha256)

the error message i get: "ecdsa.keys.BadSignatureError: ('Malformed formatting of signature', MalformedSignature('Invalid length of signature, expected 64 bytes long, provided string is 71 bytes long'))"

Is there a way to use this signature as is with the lib ? Or do i need to trim unnecessary bytes, if so do you have any advises ?

regards,

tomato42 · 2021-11-12T13:52:41Z

tomato42
Nov 12, 2021
Maintainer

See https://github.com/tlsfuzzer/python-ecdsa#openssl-compatibility

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

VerifyingKey.verify() with 71 bytes signature #273

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Uh oh!

VerifyingKey.verify() with 71 bytes signature #273

Uh oh!

Uh oh!

Bastien-BO Nov 12, 2021

Replies: 1 comment

Uh oh!

tomato42 Nov 12, 2021 Maintainer

Bastien-BO
Nov 12, 2021

tomato42
Nov 12, 2021
Maintainer