I have created a key pair at android key store. Now I have Public Key (In DER format) and Generated a signature (In DER format). Now I am trying to verify the same at ethers.
But I am unable to. (The Public Key generated from signature does not match)
I have tried getting r,s from Der signature like this.
DER Sign (0x30 size 20/21 r size 20/21 v) // strip zeros if 21
and Uncompressed public key from DER encoded public key like this.
30 59 # Sequence length 0x59 - 91 bytes long
30 13 # Sequence length 0x13 - 21 bytes long
06 07 2a8648ce3d0201 # Object ID - 7 bytes long - 1.2.840.10045.2.1 (ECC)
06 08 2a8648ce3d030107 # Object ID - 8 bytes long - 1.2.840.10045.3.1.7 (ECDSA P256)
03 42 # Bit stream - 0x42 (66 bytes long)
0004 # Identifies public key
2927b10512bae3eddcfe467828128bad2903269919f7086069c8c4df6c732838 # Identifies public key x co-ordinate
c7787964eaac00e5921fb1498a60f4606766b3d9685001558d1a974e7341513e # Identifies public key y co-ordinate
Now at ethers to verify
My sign : r||s||00 or r||s||01
My Public Key 0x04 || x cord || y cord
But at ethers generated public key from given siganture and data does not match which the decoded public key.
So where am i doing wrong?
The curve used in the android key store is secp256r1 (also known as p256) but ethers uses secp256k1, a variant that uses a different curve. Changing the curve from secp256k1 to secp256r1 will fix your issue.