Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

ECDsa signature not a valid DER sequence

See original GitHub issue

I am developing my own custom U2F for webauthn. It’s working with other demo websites but getting an error while registering with https://www.passwordless.dev/. The error I’m getting is “ECDsa signature not a valid DER sequence”. I’m using window crypto API for signing.

I have been trying to encode it properly that can be verified by OpenSSL properly but couldn’t get it done. Is it feasible to interoperate between windows crypto API and OpenSSL?

Signing code I’m using:

    public async sign(data: Uint8Array): Promise<any> {
        if (!this.privateKey) {
            throw new Error('no private key available for signing');
        }
        return window.crypto.subtle.sign(
            this.getKeyParams(),
            this.privateKey,
            data, //new TextEncoder().encode(data),
        );
    }

    private getKeyParams(): EcdsaParams {
        return { name: 'ECDSA', hash: coseEllipticCurveNames[ECDSA.ellipticCurveKeys[this.algorithm]] };
    }

    private async toCOSE(key: CryptoKey): Promise<Map<number, any>> {
  
        const exportedKey = await window.crypto.subtle.exportKey('jwk', key);
        const attData = new Map();
        attData.set(1, 2); // EC2 key type
        attData.set(3, this.algorithm);
        attData.set(-1, ECDSA.ellipticCurveKeys[this.algorithm]);
        attData.set(-2, base64ToByteArray(exportedKey.x, true));
        attData.set(-3, base64ToByteArray(exportedKey.y, true));
        return attData;
    }

Issue Analytics

  • State:closed
  • Created 3 years ago
  • Comments:7

github_iconTop GitHub Comments

2reactions
tarun14110commented, Apr 20, 2020

Thanks for helping through. It’s working now. There was some issue the way I was returning the signature form ‘then’.

1reaction
tarun14110commented, Apr 18, 2020
Read more comments on GitHub >

github_iconTop Results From Across the Web

ASN1 encoding routines errors when verifying ECDSA ...
A raw ECDSA signature is comprised of two integers "r" and "s". OpenSSL expects them to be wrapped up inside a DER encoded...
Read more >
Verifying DER encoded DSA/ECDSA signature with extra ...
Having a DSA/ECDSA signature which is supposed to be DER encoded as an ASN.1 sequence of r and s (as described in the...
Read more >
JWS ECDSA signatures should not be ASN.1 DER formatted
JWS ECDSA signatures should not be ASN.1 DER formatted #125 ... appending data to an ECDSA signature before validation isn't a valid test....
Read more >
Does the ECDSA signature value (of an OCSP response) ...
but this only requires the BIT STRING signature to be DER encoded, not any data encapsulated in it. TR-03111 (Technical Guideline on Elliptic ......
Read more >
ASN.1: DER for Digital Signatures - Reading (r,s)
the most common digital signature is ECDSA (Elliptic Curve Digital Signature Algorithm). It takes a message (M), a private key (sk) and a...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

FYI: spec violation in current MDS data causing parser errors

Next page

Unable to cast object of type 'ECDsaSecurityTransforms' to type 'System.Security.Cryptography.ECDsaCng'.