1 Topic by werchter (edited by werchter 2021-12-15 11:10:31)

  • Registered: 2021-12-15
  • Posts: 2

Topic: R, S components of ECDSA signature as binary string

Hi,

I’m using 

wc_ecc_sign_hash_ex

to get generate an ECDSA signature, and get the R and S components.

I need these to encode a CBOR COSE message (RFC 8152). The signature in a COSE message is a concatenation of the R and S components as a byte string. From RFC 8152:

The signature algorithm results in a pair of integers (R, S).  These
   integers will be the same length as the length of the key used for
   the signature process.  The signature is encoded by converting the
   integers into byte strings of the same length as the key size.  The
   length is rounded up to the nearest byte and is left padded with zero
   bits to get to the correct length.  The two integers are then
   concatenated together to form a byte string that is the resulting
   signature.

But, I can’t figure out how to get from R and S as (mp_int), to a byte string, with wolfSSL, without using the internal mp_read_unsigned_bin.
Is there a way?

Thanks for any help!

Share

  • Registered: 2021-07-06
  • Posts: 139

Re: R, S components of ECDSA signature as binary string

Hi werchter,

You should build with WOLFSSL_PUBLIC_MP defined and use mp_read_unsigned_bin, which will be built as a public API.
Check out our example here: https://github.com/wolfSSL/wolfssl-exam … ecc_sign.c

Thanks,
Kareem

Share

3 Reply by werchter (edited by werchter 2021-12-16 00:31:16)

  • Registered: 2021-12-15
  • Posts: 2

Re: R, S components of ECDSA signature as binary string

kareem_wolfssl wrote:

Hi werchter,

You should build with WOLFSSL_PUBLIC_MP defined and use mp_read_unsigned_bin, which will be built as a public API.
Check out our example here: https://github.com/wolfSSL/wolfssl-exam … ecc_sign.c

Thanks,
Kareem

Thanks! That helped a lot, building with WOLFSSL_PUBLIC_MP was an important part of the puzzle that I was missing.

BTW: When looking at the example, I think for exporting the key as binary string, mp_to_unsigned_bin needs to be used, instead of mp_read_unsigned_bin (for importing)?
At least mp_read_unsigned_bin seems to work for me

Share