RE: Fail in verifying micro ECC signature in Android

Aleksander Nowakowski — Fri, 14 Jul 2017 12:33:17 GMT
Hi, Could you check this code. It's using ECDSASigner class from Spongy Castle.
private static final X9ECParameters curve = SECNamedCurves.getByName("secp256k1");
private static final ECDomainParameters domain = new ECDomainParameters(curve.getCurve(), curve.getG(), curve.getN(), curve.getH());

/**
 * Verifies the message using given signature and public key (given as X and Y points).
 * @param message the message to be verified
 * @param signature the messsage signature
 * @param x X coordinate of public key
 * @param y Y coordinate of public key
 * @return true if signature is valid, false otherwise
 */
static boolean verify(@NonNull final byte[] message, @NonNull final byte[] signature, @NonNull final BigInteger x, @NonNull final BigInteger y) {
	if (signature.length != 64)
		return false;

	try {
		// Initialize signer
		final ECDSASigner signer = new ECDSASigner();
		signer.init(false, new ECPublicKeyParameters(curve.getCurve().createPoint(x, y), domain));

		// Calculate SHA-256 of the message
		final byte[] hash = sha256(message);

		final int nLength = (curve.getN().bitLength() + 7) / 8;
		final byte[] r = Arrays.copyOfRange(signature, 0, nLength);
		final byte[] s = Arrays.copyOfRange(signature, nLength, 2 * nLength);
		final BigInteger R = new BigInteger(r);
		final BigInteger S = new BigInteger(s);
		return signer.verifySignature(hash, R, S);
	} catch (final Exception e) {
		Log.e(TAG, "Verify failed", e);
	}
	return false;
}

/**
 * Calculates SHA-256 of given message
 * @param message the message to be hashed
 * @return hash
 */
private static byte[] sha256(@NonNull final byte[] message) throws NoSuchAlgorithmException {
	final MessageDigest digest = MessageDigest.getInstance("SHA-256");
	return digest.digest(message);
}