I am trying to write a python script that verifies an ECDSA signature and I am having a terrible time trying to do it.
This is the code I use:
public_key = ecdsa.VerifyingKey.from_string(pubkey, curve=ecdsa.SECP256k1)
verified = public_key.verify_digest(signature, val, sigdecode=ecdsa.util.sigdecode_der)
If the signature r and s are positive, it works well, but if either of them is negative, an assertion error raises. I have checked the ecdsa sourcecode, and I saw this line:
nbytes = numberbytes[0] if isinstance(numberbytes[0], integer_types) else ord(numberbytes[0])
assert nbytes < 0x80 # can't support negative numbers yet
https://github.com/warner/python-ecdsa/blob/master/ecdsa/der.py#L105
Why does this happen? Isn't this library something "oficial"? What alternatives do I have? Is it safe to just remove that assertion line?
ECDSA itself does not use negative numbers, so I would not expect a Python implementation of it to support negative numbers. The types of numbers used by ECDSA are between 0 and some large prime number, and they obey the laws of modular arithmetic.