[gnutls-help] How to encode/decode ECDSA signatures to raw format
Nicolas Mora
nicolas at babelouest.org
Thu May 25 21:01:02 CEST 2017
Hello,
>
> Unfortunately there isn't any such function. Since 3.5.x there is an
> exported, but still internal function _gnutls_decode_ber_rs_raw() for
> that. I created an issue to export them for 3.6.0, but until then you
> may want to replicate them to use them.
>
Thanks for the answer,
There goes another question related to _gnutls_decode_ber_rs_raw(). When
I use it with a newly created signature, I got 2 output parameters R and
S. Each of them have a size parameter of 48 or 49, whatever the
algorithm size used.
If I read the RFC 7518: https://tools.ietf.org/html/rfc7518#section-3.4
, it says that for a ECDSA P-256 SHA-256 digital signature, R and S must
be 256-bit unsigned integers. I looked at the content of the values R
and S set by _gnutls_decode_ber_rs_raw(), it doesn't look like they have
'0' padding so I assume every bit is relevant. So there must be some
problems with my usage.
With these 256 bits parameters, I must build 2 32 bytes long array that
are the representation of the parameters R and S, then concatenate them
in a 64 byte sequence to have my signature.
My current usage is the following:
gnutls_privkey_sign_data(privkey, alg, 0, &body_dat, &sig_dat)
_gnutls_decode_ber_rs_raw(&sig_dat, &r, &s)
Is it the right way to use this function or should I use it differently?
If this is the right way, how to convert my R and S parameters into 32
bytes big endian array?
Thanks in advance
/Nicolas
More information about the Gnutls-help
mailing list