I have a very basic use case, to use a buffer and perform ECDSA encryption in a TA application. I also want to read back the private key which is generated.
I see functions like mbedtls_ecp_gen_key but I have failed to find enough details on what steps to follow to use this function. It will be really helpful if I can be pointed to a example. Or let me know If there is some other way to achieve the end goal.
Hello,
For simple use cases, you don't need functions from ecp.h, except maybe the read/write functions if you want direct access to the mathematical values (as opposed to import/export in DER/PEM, which is done in with functions from pk.h).
I recommend using the PSA crypto API (psa_xxx()), which is simpler than the legacy crypto API (mbedtls_ecdsa_xxx()). Unfortunately we don't have a demo application for signature via PSA yet. There is one in https://github.com/Mbed-TLS/mbedtls/pull/5064 (psa_sign_verify program calling psa_sign_hash() and psa_verify_hash(), see also psa_key_agreement which shows how to generate a key with psa_generate_key()). If you need to export the keys in DER/PEM, use the pk module, see the PSA transition guide: https://github.com/Mbed-TLS/mbedtls/blob/mbedtls-3.6.0/docs/psa-transition.m... .
With the legacy API, use functions from pk.h (sign, verify, import, export) or ecdsa.h (sign, verify, generate) or both. There are examples in programs/pkey: ecdsa.c with the low-level ecdsa.h API, and gen_key.c, pk_sign.c and pk_verify.c with higher-level pk.h APIs.
Best regards,
Hi Gilles Peskine,
The PSA crypto API suggestions and example link was good information. I have tried the same.
But sadly we are using a old version of mbedtls (2.22) which does not have these functions, so I get compilation issues even if I manually add the header files. And a bump to later version might add more issues for me.
So will you be able to suggest me on how I can use legacy crypto API (mbedtls_ecdsa_xxx()) ?
And use case is exactly what was shown in ur example PR. We have a key and a buffer and want's to create a ECDSA signature.
Regards, Arun Lal K M
Hi Gilles Peskine,
I tried the following code from TA and I am getting error. Can you help me understand what is wrong here?
static int myrand(void* rng_state, unsigned char* output, size_t len) { size_t use_len; int rnd;
if (rng_state != NULL) { rng_state = NULL; }
while (len > 0) { use_len = len; if (use_len > sizeof(int)) { use_len = sizeof(int); }
rnd = rand(); memcpy(output, &rnd, use_len); output += use_len; len -= use_len; }
return 0; }
static void testEcdsa() { mbedtls_ecdsa_context ecdsa; const mbedtls_ecp_curve_info* curve_info; size_t sig_len; unsigned char tmp[200]; unsigned char buf[32];
memset(buf, 0x2A, sizeof(buf));
mbedtls_ecdsa_init(&ecdsa);
if (mbedtls_ecdsa_genkey(&ecdsa, MBEDTLS_ECP_DP_BP256R1, myrand, NULL) != 0) { return; }
if (mbedtls_ecdsa_write_signature(&ecdsa, MBEDTLS_MD_SHA256, buf, 256, tmp, sizeof(tmp), &sig_len, myrand, NULL) != 0) { return; }
mbedtls_ecdsa_free(&ecdsa); }
Regards, Arun Lal K M
mbed-tls@lists.trustedfirmware.org
-
arun.lal@intel.com -
Gilles Peskine