Hello,
mbedTLS has ECDSA module that takes Signature with ASN1 encoding as input mbedtls_pk_verify()
The Signature I receive is without ASN1 encoded.
Trying to find an implementation within mbedTLS that can add ASN1 to signature before I feed into the verify function.
Any help ?
[RF IDeas]http://www.rfideas.com/ Deep Patel Sr. Embedded Software Engineer
D: 224-333-2084
P: 847-870-1723 Ext 437
E: ddpatel@rfideas.commailto:ddpatel@rfideas.com
A: https://www.rfideas.com/ 425 North Martingale Road, Suite 1680, Schaumburg, IL 60173 https://www.rfideas.com/
Hi,
If the format of the signature is just the concatenation of r and s (which to the best of my knowledge is the only common format other than ASN.1), then the simplest thing to do is probably to use the PSA Crypto API to verify your signature, as that is the format it accepts natively. https://armmbed.github.io/mbed-crypto/html/api/ops/sign.html#c.psa_sign_hash
If you want to stick with mbedtls_pk_verify() you'll need to transcode your signature. There's a function doing that inside Mbed TLS, however it's private: pk_ecdsa_sig_asn1_from_psa() in library/pk_wrap.c. But should be able to make a copy for use in your own code.
Hope that helps, Manuel. ________________________________ From: Deep Patel via mbed-tls mbed-tls@lists.trustedfirmware.org Sent: 30 March 2022 01:48 To: mbed-tls@lists.trustedfirmware.org mbed-tls@lists.trustedfirmware.org Subject: [mbed-tls] ECDSA Help
Hello,
mbedTLS has ECDSA module that takes Signature with ASN1 encoding as input
mbedtls_pk_verify()
The Signature I receive is without ASN1 encoded.
Trying to find an implementation within mbedTLS that can add ASN1 to signature before I feed into the verify function.
Any help ?
[RF IDeas]http://www.rfideas.com/
Deep Patel
Sr. Embedded Software Engineer
D:
224-333-2084
P:
847-870-1723 Ext 437
E:
ddpatel@rfideas.commailto:ddpatel@rfideas.com
425 North Martingale Road, Suite 1680, Schaumburg, IL 60173
mbed-tls@lists.trustedfirmware.org
-
Deep Patel -
Manuel Pegourie-Gonnard