false to verify ECDSA sinature in golang

[zhengjianxun]

now i have a signature in sig :3044022014d647cd08f1ea5b31d1e6539b6cbceb9182f6e7b2e29fb969354ef7e3434923022028b b4eda36af410149baa936322e7c0e46cc5540a3aa89c811bc3c360028bfd301

now i have a  hash :f27c6c3aa42563c958292922be1e53fe107f4db0dfadba11122f0b12bf77f3ab

now i have a  pubkey  :04b0bd634234abbb1ba1e986e884185c61cf43e001f9137f23c2c409273eb16e6537a576782eba6 68a7ef8bd3b3cfb1edb7117ab65129b8a2e681f3c1e0908ef7b


this is my go code to verify it but i false，it is problem me !   so why it is fault???：

package main

import (
   "crypto/ecdsa"
   "crypto/elliptic"
   "fmt"
   "math/big"
   "encoding/hex"
)


func main(){


   pubkey,_:=hex.DecodeString("b0bd634234abbb1ba1e986e884185c61cf43e001f9137f23c2c409273eb16e6537a576782eba668 a7ef8bd3b3cfb1edb7117ab65129b8a2e681f3c1e0908ef7b");



   curve := elliptic.P256()
   //length
   keyLen := len(pubkey)

   x := big.Int{}
   y := big.Int{}
   x.SetBytes(pubkey[:(keyLen / 2)])
   y.SetBytes(pubkey[(keyLen / 2):])

   rawPubKey := ecdsa.PublicKey{curve, &x, &y}


   //hash
   hash,_:=hex.DecodeString("f27c6c3aa42563c958292922be1e53fe107f4db0dfadba11122f0b12bf77f3ab")


  
   r := big.Int{}
   s := big.Int{}
   rr,_:=hex.DecodeString("14d647cd08f1ea5b31d1e6539b6cbceb9182f6e7b2e29fb969354ef7e3434923")
   ss,_:=hex.DecodeString("28bb4eda36af410149baa936322e7c0e46cc5540a3aa89c811bc3c360028bfd3")

   r.SetBytes(rr)
   s.SetBytes(ss)

  

   if ecdsa.Verify(&rawPubKey, hash[:], &r, &s) == false {
      fmt.Printf("%s\n", "false")
   }else{
      fmt.Printf("%s\n", "true")
   }

}

[bob123]

Without looking too much at it, this seems to be somehow wrong:

   if ecdsa.Verify(&rawPubKey, hash[:], &r, &s) == false {
      fmt.Printf("%s\n", "true")
   }else{
      fmt.Printf("%s\n", "false")
   }
}

It may be the case, if the signature is actually correct and your code runs properly, that you are misinterpreting the output because you are printing true if it the verify function returns false and vice versa.

So if you are actually getting the output false, the signature has been verified properly.

[zhengjianxun]

Without looking too much at it, this seems to be somehow wrong:

   if ecdsa.Verify(&rawPubKey, hash[:], &r, &s) == false {
      fmt.Printf("%s\n", "true")
   }else{
      fmt.Printf("%s\n", "false")
   }
}

It may be the case, if the signature is actually correct and your code runs properly, that you are misinterpreting the output because you are printing true if it the verify function returns false and vice versa.

So if you are actually getting the output false, the signature has been verified properly.

my friend  , i make a mistake just now, now i return false too.  so can you help me find why fault??

[bob123]

i make a mistake just now, now i return false too.  so can you help me find why fault??

According to your edit, you changed that part of the code ?
So now, if the signature can be verified, you'll get true.
And if the signature can not be verified, you'll get false.

Now, if you make a mistake (i assume you mean that you change some characters of the necessary data?), the function has to return false, which also will give you a false as output.


This seems to be right for me. What exactly doesn't work ? Do you mean that the function ecdsa.Verify does always return the same ?

[zhengjianxun]

i make a mistake just now, now i return false too.  so can you help me find why fault??

According to your edit, you changed that part of the code ?
So now, if the signature can be verified, you'll get true.
And if the signature can not be verified, you'll get false.

Now, if you make a mistake (i assume you mean that you change some characters of the necessary data?), the function has to return false, which also will give you a false as output.


This seems to be right for me. What exactly doesn't work ? Do you mean that the function ecdsa.Verify does always return the same ?

hello friend ,very thinks your reply. don't care about true and false, it just  my error when Copy the go code。very sorry.      but  the real problem is : though the three information（public key、signatrue、and hash）， i can not verify it though the go code， but someone tell me the  three information is right because he has verify in other ways.  so i want to kown  what fault in this go code make me get the false result.
i am very anxious