Fixed-size digest using EVP with algos ECDSA+SHA256

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Fixed-size digest using EVP with algos ECDSA+SHA256

Daniel Andrade
Hi all,

I'm writing functions to create a digest of a data buffer using
ECDSA+SHA256. I've been trying to work with only the high-level EVP
interface, and not use the low-level interfaces.

My understanding is that the resulting digest is an ASN.1 structure. I
have to feed this digest to the Intel SGX runtime, which requires a
fixed-size input (they actually have two separates arrays, one for X and
one for Y, each with 32-byte length).

Is it possible to get a fixed-sized digest using ECDSA/SHA256, I mean
does OpenSSL have functions for this? Or could someone give me some
pointers on how to proceed to convert that result to the 64-byte fixed size?

Daniel
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Fixed-size digest using EVP with algos ECDSA+SHA256

Dr. Stephen Henson
On Mon, Aug 07, 2017, Daniel Andrade wrote:

> Hi all,
>
> I'm writing functions to create a digest of a data buffer using
> ECDSA+SHA256. I've been trying to work with only the high-level EVP
> interface, and not use the low-level interfaces.
>
> My understanding is that the resulting digest is an ASN.1 structure.
> I have to feed this digest to the Intel SGX runtime, which requires
> a fixed-size input (they actually have two separates arrays, one for
> X and one for Y, each with 32-byte length).
>
> Is it possible to get a fixed-sized digest using ECDSA/SHA256, I
> mean does OpenSSL have functions for this? Or could someone give me
> some pointers on how to proceed to convert that result to the
> 64-byte fixed size?
>

The size will depend on the curve in use: presumably it's P-256 to produce
64 bytes.

In outline you do this:

1. Decode the signature into an ECDSA_SIG structure using d2i_ECDSA_SIG.
2. Extract the two BIGNUM elements, r and s using ECDSA_SIG_get0().
3. Generate padded encodings for r and s using BN_bn2binpad() or
BN_bn2lebinpad() depending on the format required (big or little endian).

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Loading...