Reputation: 13314
Sign using crypto.createSign EC key
I'm trying to sign and verify a message using generated keys. When trying to verify, I'm getting error error:1012606B:elliptic curve routines:EC_POINT_set_affine_coordinates:point is not on curve
const crypto = require('crypto')
const ecdh = crypto.createECDH('secp256k1')
const hash = crypto.createHash('sha256').update('cb').digest('hex')
ecdh.setPrivateKey(hash, 'hex')
console.log('Private Key ', ecdh.getPrivateKey().toString('hex'))
console.log('Public Key ', ecdh.getPublicKey().toString('hex'))
var buf1 = Buffer.from('308141020100301306072a8648ce3d020106082a8648ce3d030107042730250201010420', 'hex')
var buf2 = Buffer.from(ecdh.getPrivateKey().toString('hex'), 'hex')
var privateKeyPkcs8Der = Buffer.concat([buf1, buf2], buf1.length + buf2.length)
var sign = crypto.createSign('SHA256')
sign.write('somedata');
sign.end();
var signature = sign.sign({ key: privateKeyPkcs8Der, format: 'der', type: 'pkcs8' });
console.log('Signature', signature.toString('hex'))
var buf1 = Buffer.from('3059301306072a8648ce3d020106082a8648ce3d030107034200', 'hex');
var buf2 = Buffer.from(ecdh.getPublicKey().toString('hex'), 'hex');
var publicKeyX509Der = Buffer.concat([buf1, buf2], buf1.length + buf2.length);
var verify = crypto.createVerify('SHA256');
verify.write('somedata');
verify.end();
var verified = verify.verify({ key: publicKeyX509Der, format: 'der', type: 'spki' }, signature.toString('hex'));
console.log('Verified', verified)
Private Key 103d6254a6d94bacc82e822885185f56c69cb799ec5124c0aa405e386975151b
kp2.js:7
Public Key 04c456e5eb3f7e2f9ad4d046a0410fb5d3233dc3dacaf79eac3dc8384154126f141a46ae5b897f16e6d578ee3087660aee5fc7294c4cd5e5e21e9148fea09eff75
kp2.js:8
Signature 3045022100be116c171e157c0c9f6ebe6cfe01d39b6fbc12d2e898ac5145f9ec91f5065d6802207d32daf2260d70e5159ab7422208106245b0787ac6fb909c0f0da95791d3b94c
kp2.js:17
Error: error:1012606B:elliptic curve routines:EC_POINT_set_affine_coordinates:point is not on curve
Upvotes: 0
Views: 930
Answers (1)
Reputation: 22926
In elliptic curve cryptography, the public key is simply a point on the curve.
The private key is a large number, usually of size: 
To get the public key we "multiply" a special origin point on the curve called the generator, by the private key number.
This error is telling you that the public key point you are using isn't actually on this secp256k1 curve. We know that because subbing the point co-ordinates into the curve equation doesn't satisfy the equation.
ECDH (or elliptic curve Diffie-Hellman), is a mechanism for key-agreement between two parties, if you are trying to generate a key pair for signature and verify, you don't need to use ECDH.
Instead use crypto.generateKeyPair(type, options, callback) to generate the signature keypair. I suggest using ed25519 as the underlying curve.
Upvotes: 1
Related Questions
- Generating ECDSA signature with Node.js/crypto
- How to generate an ECDSA sign without need of PEM key format in NodeJS?
- Sign data in node js and verify it in Java
- Digital signature with node.js crypto
- Verifying signature in NodeJS
- Cannot sign with ecdsa module in node js
- How to use crypto.createSign with a DiffieHellman private key in node.js?
- Node js crypto sign returns empty string
- How can I generate a key pair and use it to sign and verify text in Node.js?
- How do I create a public and private key in node.js for signing data?