feat: support raw ECDSA (non DER) signatures

grzuy · grzuy · commit a5bc8ea9f133 · 2020-01-29T16:40:09.000-03:00
diff --git a/lib/openssl/signature_algorithm/base.rb b/lib/openssl/signature_algorithm/base.rb
@@ -22,7 +22,14 @@ def hash_function
       end
 
       def verify(signature, verification_data)
-        verify_key.verify(hash_function, signature, verification_data) ||
+        formatted_signature =
+          if respond_to?(:formatted_signature, true)
+            formatted_signature(signature)
+          else
+            signature
+          end
+
+        verify_key.verify(hash_function, formatted_signature, verification_data) ||
           raise(OpenSSL::SignatureAlgorithm::Error, "Signature verification failed")
       end
     end
diff --git a/lib/openssl/signature_algorithm/ecdsa.rb b/lib/openssl/signature_algorithm/ecdsa.rb
@@ -6,6 +6,8 @@
 module OpenSSL
   module SignatureAlgorithm
     class ECDSA < Base
+      BYTE_LENGTH = 8
+
       class SigningKey < OpenSSL::PKey::EC
         def initialize(*args)
           super(*args).generate_key
@@ -39,6 +41,29 @@ def curve_name
         CURVE_BY_DIGEST_LENGTH[digest_length] ||
           raise(OpenSSL::SignatureAlgorithm::Error, "Unsupported digest length #{digest_length}")
       end
+
+      private
+
+      # Borrowed from jwt rubygem.
+      # https://github.com/jwt/ruby-jwt/blob/7a6a3f1dbaff806993156d1dff9c217bb2523ff8/lib/jwt/security_utils.rb#L34-L39
+      #
+      # Hopefully this will be provided by openssl rubygem in the future.
+      def formatted_signature(signature)
+        n = (verify_key_length.to_f / BYTE_LENGTH).ceil
+
+        if signature.size == n * 2
+          r = signature[0..(n - 1)]
+          s = signature[n..-1]
+
+          OpenSSL::ASN1::Sequence.new([r, s].map { |int| OpenSSL::ASN1::Integer.new(OpenSSL::BN.new(int, 2)) }).to_der
+        else
+          signature
+        end
+      end
+
+      def verify_key_length
+        verify_key.group.degree
+      end
     end
   end
 end
diff --git a/spec/openssl/signature_algorithm/ecdsa_spec.rb b/spec/openssl/signature_algorithm/ecdsa_spec.rb
@@ -53,4 +53,23 @@
     algorithm.verify_key = verify_key
     algorithm.verify(signature, to_be_signed)
   end
+
+  it "works for raw (non DER) signature" do
+    to_be_signed = "to-be-signed"
+
+    # Signer
+    algorithm = OpenSSL::SignatureAlgorithm::ECDSA.new("256")
+    signing_key = algorithm.generate_signing_key
+    signature = algorithm.sign(to_be_signed)
+
+    raw_signature = OpenSSL::ASN1.decode(signature).value.map { |v| v.value.to_s(2) }.join
+
+    # Signer sends verify key to Verifier
+    verify_key = signing_key.verify_key
+
+    # Verifier
+    algorithm = OpenSSL::SignatureAlgorithm::ECDSA.new("256")
+    algorithm.verify_key = verify_key
+    algorithm.verify(raw_signature, to_be_signed)
+  end
 end
