Re: Fixed-size digest using EVP with algos ECDSA+SHA256

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Aug 07, 2017, Daniel Andrade wrote:

> Hi all,
> 
> I'm writing functions to create a digest of a data buffer using
> ECDSA+SHA256. I've been trying to work with only the high-level EVP
> interface, and not use the low-level interfaces.
> 
> My understanding is that the resulting digest is an ASN.1 structure.
> I have to feed this digest to the Intel SGX runtime, which requires
> a fixed-size input (they actually have two separates arrays, one for
> X and one for Y, each with 32-byte length).
> 
> Is it possible to get a fixed-sized digest using ECDSA/SHA256, I
> mean does OpenSSL have functions for this? Or could someone give me
> some pointers on how to proceed to convert that result to the
> 64-byte fixed size?
> 

The size will depend on the curve in use: presumably it's P-256 to produce
64 bytes.

In outline you do this:

1. Decode the signature into an ECDSA_SIG structure using d2i_ECDSA_SIG.
2. Extract the two BIGNUM elements, r and s using ECDSA_SIG_get0().
3. Generate padded encodings for r and s using BN_bn2binpad() or
BN_bn2lebinpad() depending on the format required (big or little endian).

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux