It's likely you're hitting RT #1593: http://rt.openssl.org/Ticket/Display.html?id=1593&user=guest&pass=guest
Options include A) Use a different curve. B) Use a 64-bit build. C) upgrade to at least 0.9.8h. D) Figure out the series of patches to resolve the bug. E) Hack the code up to resolve it yourself. If none of the above work for you, contact me directly with the particulars. Billy On Aug 23, 2011 7:22 PM, "Mark Shnaider" <m...@arx.com> wrote: > Hello , > I tested problematic signature using Bcrypt API on Window7 , > and function BCryptVerifySignature succeed . > To my mind function ecdsa_do_verify implemented in the OpenSSL has bug. > I do not know how solve this problem? > Thanks for any help. > Mark > > > -----Original Message----- > From: owner-openssl-us...@openssl.org [mailto: owner-openssl-us...@openssl.org] On Behalf Of Mark Shnaider > Sent: Monday, August 22, 2011 1:55 PM > To: openssl-users@openssl.org > Subject: Esdsa test problem > > Hello, > We performed long test for Edsa sign(ECDSA_do_sign function) and verify (ECDSA_do_verify function). > The test sometimes fails after 200000 -300000 cycles. > The each cycle use the same private and public key and the same digest input. > The output of function ECDSA_do_sign in this case depends only of random returned > from function RAND_bytes (fie rand_lib.c). > > We found random when ECDSA_do_verify fails: > > openssl-0.9.8g > NID_X9_62_prime256v1 /* secp256r1 (23) */ > > Data to sign - (5) > 31 32 33 34 35 > > Returned Singed data from ECDSA_do_sign function (sin->r,sign->s 64 bytes) > 54 09 a3 be 2e 6d 11 de de 1a cf a3 8f 24 1d 6f 2c bf d7 0e ba 33 06 78 ea da 93 88 7b 5c 43 93 ca f1 c7 d9 2f 6f 5d 54 54 06 7d a0 5e de d2 c0 5d 18 b5 8c 78 d5 88 14 2f c7 88 8c 0a 07 b6 ef > > EC private key value (34 bytes) > 02 20 1F 07 87 EE BE A6 89 F8 2D FD 56 BB B2 53 0F BE 97 0F 08 5C FE 3E 41 AD F7 13 D2 B7 F8 C9 F6 56 > > EC public key value (65) > 04 36 1B E1 51 43 FF E6 E3 CB 3E 80 0F 7D 91 0D F2 C2 CF 75 87 05 47 F4 19 DD 1B CF 64 77 87 FF 88 BF 38 67 62 FF 61 8D D4 7B 39 08 C6 4A 63 17 DB 92 3D 52 0F AA B2 04 6A 02 DB C7 FF E4 96 19 5E > > Random from (32 bytes from function RAND_bytes ) > 1e bb 51 83 7f b2 78 8d 09 0d c5 b9 bb 60 eb 79 2a c9 0c a5 04 f6 99 ec 4b ec 0b 94 45 15 05 79 > > Hex C format: > Data to sign - (5) > 0x31,0x32,0x33,0x34,0x35 > > Returned Singed data from ECDSA_do_sign finction (64 bytes) > 0x54,0x09,0xa3,0xbe,0x2e,0x6d,0x11,0xde, > 0xde,0x1a,0xcf,0xa3,0x8f,0x24,0x1d,0x6f, > 0x2c,0xbf,0xd7,0x0e,0xba,0x33,0x06,0x78, > 0xea,0xda,0x93,0x88,0x7b,0x5c,0x43,0x93, > 0xca,0xf1,0xc7,0xd9,0x2f,0x6f,0x5d,0x54, > 0x54,0x06,0x7d,0xa0,0x5e,0xde,0xd2,0xc0, > 0x5d,0x18,0xb5,0x8c,0x78,0xd5,0x88,0x14, > 0x2f,0xc7,0x88,0x8c,0x0a,0x07,0xb6,0xef > > EC private key value (34 bytes) > 0x02,0x20,0x1F,0x07,0x87,0xEE,0xBE,0xA6, > 0x89,0xF8,0x2D,0xFD,0x56,0xBB,0xB2,0x53, > 0x0F,0xBE,0x97,0x0F,0x08,0x5C,0xFE,0x3E, > 0x41,0xAD,0xF7,0x13,0xD2,0xB7,0xF8,0xC9,0xF6,0x56 > > EC public key value (65) > 0x04,0x36,0x1B,0xE1,0x51,0x43,0xFF,0xE6,0xE3, > 0xCB,0x3E,0x80,0x0F,0x7D,0x91,0x0D,0xF2, > 0xC2,0xCF,0x75,0x87,0x05,0x47,0xF4,0x19, > 0xDD,0x1B,0xCF,0x64,0x77,0x87,0xFF,0x88, > 0xBF,0x38,0x67,0x62,0xFF,0x61,0x8D,0xD4, > 0x7B,0x39,0x08,0xC6,0x4A,0x63,0x17,0xDB, > 0x92,0x3D,0x52,0x0F,0xAA,0xB2,0x04,0x6A, > 0x02,0xDB,0xC7,0xFF,0xE4,0x96,0x19,0x5E > > Random from (32 bytes from function RAND_bytes): > 0x1e,0xbb,0x51,0x83,0x7f,0xb2,0x78,0x8d, > 0x09,0x0d,0xc5,0xb9,0xbb,0x60,0xeb,0x79, > 0x2a,0xc9,0x0c,0xa5,0x04,0xf6,0x99,0xec, > 0x4b,0xec,0x0b,0x94,0x45,0x15,0x05,0x79 > > Please help us to solve this problem. > What is wrong? > Best regards > Mark > > Mark Shnaider |Senior Software engineer | ARX > phone: +972.3.9279543 | mobile: +972.54.2448543 | email: m...@arx.com | www.arx.com > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org
