From a90a4f8f418a8f431669a89317bbac64771fa46d Mon Sep 17 00:00:00 2001
From: Jeimip <62905303+J3imip@users.noreply.github.com>
Date: Wed, 25 Dec 2024 16:11:07 +0200
Subject: [PATCH] =?UTF-8?q?Add=20support=20for=20raw=20ECDSA=20signatures.?=
 =?UTF-8?q?=20Keep=20backward=20compatibility=20wit=E2=80=A6=20(#6)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Add support for raw ECDSA signatures. Keep backward compatibility with DER-encoded signatures

* Go fmt

* Go fmt
---
 internal/service/api/handlers/register.go |  2 +-
 internal/types/signature_algorithm.go     | 22 +++++++++++++++++++---
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/internal/service/api/handlers/register.go b/internal/service/api/handlers/register.go
index d8682f8..e3cdc9b 100644
--- a/internal/service/api/handlers/register.go
+++ b/internal/service/api/handlers/register.go
@@ -207,7 +207,7 @@ func Register(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
-		log.WithError(err).Error("failed to verify SOD")
+		log.WithError(sodError.VerboseError).Error("failed to verify SOD")
 
 		documentSOD.ErrorKind = sodError.KindPtr()
 		documentSOD.Error = sodError.VerboseErrorPtr()
diff --git a/internal/types/signature_algorithm.go b/internal/types/signature_algorithm.go
index 973adc8..64e3889 100644
--- a/internal/types/signature_algorithm.go
+++ b/internal/types/signature_algorithm.go
@@ -4,7 +4,9 @@ import (
 	"crypto"
 	"crypto/ecdsa"
 	"crypto/rsa"
+	"encoding/asn1"
 	"hash"
+	"math/big"
 
 	"gitlab.com/distributed_lab/logan/v3/errors"
 )
@@ -49,11 +51,25 @@ func GeneralVerify(publicKey interface{}, hash []byte, signature []byte, algo Al
 }
 
 func verifyECDSA(data, sig []byte, publicKey *ecdsa.PublicKey) error {
-	if ok := ecdsa.VerifyASN1(publicKey, data, sig); !ok {
-		return errors.New("failed to verify ECDSA signature")
+	// Attempt to parse the signature as ASN.1 DER format
+	if _, err := asn1.Unmarshal(sig, new(asn1.RawValue)); err == nil {
+		if ecdsa.VerifyASN1(publicKey, data, sig) {
+			return nil
+		}
+		return errors.New("failed to verify ECDSA signature in ASN.1 format")
+	}
+
+	// Handle raw (r || s) signature format
+	if len(sig) != 64 {
+		return errors.New("invalid ECDSA signature length")
+	}
+
+	r, s := new(big.Int).SetBytes(sig[:32]), new(big.Int).SetBytes(sig[32:])
+	if ecdsa.Verify(publicKey, data, r, s) {
+		return nil
 	}
 
-	return nil
+	return errors.New("failed to verify ECDSA signature in raw format")
 }
 
 func GeneralHash(algorithm HashAlgorithm) hash.Hash {