Performing Elliptic Curve Operations

if ((status = B_SignInit (ecDSASign, privateKey, EC_DSA_CHOOSER, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

Step 4: Update

Now, using B_SignUpdate, pass in the data to be signed:

unsigned char *dataToSign = "Some arbitrarily long piece of data to sign...";

unsigned int dataToSignLen = strlen(dataToSign) + 1;

if ((status = B_SignUpdate (ecDSASign, dataToSign, dataToSignLen, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

Step 5: Final

First you must allocate space to store the signature. The output of the ECDSA signature is the BER encoding of a sequence of two integers, (r,s). At most, the size of the output will be six bytes more than twice the length of the order. Retrieve the field element length from ecParamsObj and do a simple manipulation to find the field element length in bytes.

A_EC_PARAMS *ecParamInfo;

unsigned int order, maxSignatureLen; unsigned char *signature;

if ((status = B_GetAlgorithmInfo ((POINTER *)&ecParamInfo, ecParamsObj, AI_ECParameters)) != 0)

break;

order = (ecParamInfo->order.len + 7) / 8; maxSignatureLen = (2 * order) + 6; signature = T_malloc(maxSignatureLen);

if ((status = (signature == NULL_PTR)) != 0) break;

Now, finalize the process and retrieve the signature. Note that the Reference Manual entry for AI_EC_DSAWithDigest indicates that you will have to pass in a properly

2 8 8

R S A B S A F E C r y p t o - C D e v e l o p e r ’s G u i d e

Page 310
Image 310
RSA Security 5.2.2 manual Now, using BSignUpdate, pass in the data to be signed, Aecparams *ecParamInfo