Question about Python library coincurve/libsecp256k

by makkiato   Last Updated April 14, 2019 09:27 AM

I am a noob with cryptography, just trying to learn using python and the library Coincurve ( ) which is a mature Python binding for libsecp256k1.

The following code creates a private key and produces a signature of the string "Hello world!".

pk = coincurve.PrivateKey()
message = b"this is a test!"
s = pk.sign_recoverable(message)

The signature s is a sequence 65 bytes.

The signature is recoverable: i can extract the public key of pk from s.

pub = pk.public_key
pub2 = coincurve.PublicKey.from_signature_and_message(s,message)
assert(pub == pub2)

So far all good! However I can't understand how to use the verify method. The following code

valid = coincurve.verify_signature(s,message,pub)

gives the following error:

ValueError: The DER-encoded signature could not be parsed.

So the problem is that the method verify_signature expects a signature in DER format. This is normally produced using the sign method, as opposed to the sign_recoverable method:

t = pk.sign(message)
valid = coincurve.verify_signature(t,message,pub.format())

which works fine.

So my question is:

QUESTION: How do I move back and forth from the "DER" format to the "recoverable" format in the Python library coincurve?


Tags : python secp256k1

Answers 1

Recoverable -> DER

Use recoverable_convert. (which calls secp256k1_ecdsa_sign_recoverable)

DER -> Recoverable

Use sign_recoverable. (which calls secp256k1_ecdsa_recoverable_signature_convert)

^^I couldn't find an easier way.

April 14, 2019 11:33 AM

Related Questions

Updated July 07, 2017 12:27 PM

Updated August 10, 2017 05:27 AM

Updated December 12, 2017 08:27 AM

Updated February 27, 2019 04:27 AM

Updated May 01, 2019 05:27 AM