I have some data in form of map and I'm converting it to []byt and signing it and when verifying, it gives True value even when data used for verifying and signing are different. Here is what I did-
func main(){
n, _ := ioutil.ReadFile("privatekey")
private_key,_ := x509.ParseECPrivateKey(n)
public_key := private_key.PublicKey
data := map[string]string{
"data1": "somestring",
"data2": "12312",
"data3": "34fs4",
}
json_data, _ := json.Marshal(data)
data_2 := map[string]string{
"data1": "somestring",
"data2": "13312",
"data4": "fh34",
}
json_data_2,_ := json.Marshal(data_2)
r, s, _ := ecdsa.Sign(rand.Reader, private_key, json_data)
verifystatus := ecdsa.Verify(&public_key, json_data_2, r, s)
fmt.Println(verifystatus)
}
It is printing true. I tried changing the data and it seems that If json_data and json_data_2 have first 32 bytes common, then Verify returns true. Is there some limit over the length of byte array I can send to ecdsa.Verify()? If so how can I use it for larger data?
The golang ecdsa.Sign and ecdsa.Verify functions are expected to take the output of a cryptographic hash function, rather than the message itself. So you are correct that only the first 32 bytes are being examined, in this case.
To resolve the problem first hash the messages using a cryptographic hash function such as SHA-2