dongpan9760 2017-06-22 21:13
浏览 77
已采纳

go crypto / ecdsa即使数据不同也可以验证为真

I have some data in form of map and I'm converting it to []byt and signing it and when verifying, it gives True value even when data used for verifying and signing are different. Here is what I did-

func main(){
    n, _ := ioutil.ReadFile("privatekey")

    private_key,_ := x509.ParseECPrivateKey(n)
    public_key := private_key.PublicKey


    data := map[string]string{
        "data1": "somestring",
        "data2": "12312",
        "data3": "34fs4",
    }

    json_data, _ := json.Marshal(data)

    data_2 := map[string]string{
        "data1": "somestring",
        "data2": "13312",
        "data4": "fh34",
    }



    json_data_2,_ := json.Marshal(data_2)

    r, s, _ := ecdsa.Sign(rand.Reader, private_key, json_data)

    verifystatus := ecdsa.Verify(&public_key, json_data_2, r, s)
    fmt.Println(verifystatus)
}

It is printing true. I tried changing the data and it seems that If json_data and json_data_2 have first 32 bytes common, then Verify returns true. Is there some limit over the length of byte array I can send to ecdsa.Verify()? If so how can I use it for larger data?

  • 写回答

1条回答 默认 最新

  • dongtaijue1578 2017-06-22 21:16
    关注

    The golang ecdsa.Sign and ecdsa.Verify functions are expected to take the output of a cryptographic hash function, rather than the message itself. So you are correct that only the first 32 bytes are being examined, in this case.

    To resolve the problem first hash the messages using a cryptographic hash function such as SHA-2

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?