ECDSA¶
Important
Only DER-encoded keys are supported for the C harness.
Test signing¶
To test a function that signs with ECDSA, its name must conform to the following convention:
CC_ECDSA_sign_<curve>_<hash function>_DER_[prehashed]
Where:
curveis one of:P-224,P-256,P-384,P-521,B-283,B-409,B-571.hash functionis one of:SHA-256,SHA-384,SHA-512.
- int ECDSA_sign(
- uint8_t *sig,
- size_t sig_size,
- const uint8_t *sk,
- size_t sk_size,
- const uint8_t *msg,
- size_t msg_size,
Signs a message with ECDSA.
- Parameters:
sig – [Out] An allocated buffer for returning the signature in DER format.
sig_size – [In] The size of the
sigbuffer.sk – [In] The secret key to use for signing, in DER format.
sk_len – [In] The size of the secret key in bytes.
msg – [In] The message to sign.
msg_size – [In] The size of the message in bytes.
- Returns:
A status value.
- Return values:
1 – OK.
-1 – An error occurred.
Verify¶
To test a function that verifies ECDSA signatures, its name must conform to the following convention:
CC_ECDSA_verify_<curve>_<hash function>_[prehashed]
curveis one of:P-224,P-256,P-384,P-521,B-283,B-409,B-571.hash functionis one of:SHA-256,SHA-384,SHA-512.
Additionally, the following combinations of curve and hash function are available when using resilience test vectors:
P-224,SHA3-256.P-224,SHA3-256.P-256,SHA3-256.P-256,SHA3-512.P-384,SHA3-384.P-384,SHA3-512.P-521,SHA3-512.
- int ECDSA_verify(
- const uint8_t *pk,
- const size_t pk_size,
- const uint8_t *msg,
- const size_t msg_size,
- const uint8_t *sig,
- const size_t sig_size,
Verifies an ECDSA signature.
- Parameters:
pk – [In] The public key to use for verifying the signature.
pk_size – [In] The size of
pkin bytes.msg – [In] The message.
msg_size – [In] The size of
msgin bytes.sig – [In] The signature to verify.
sig_size – [In] The size of
sigin bytes.
- Returns:
A status value.
- Return values:
1 – OK.
0 – The signature is invalid.
-1 – An error occurred.