Performing Elliptic Curve Operations

Step 5: Final

First you must allocate space to store the signature. The output of the ECDSA signature is the BER encoding of a sequence of two integers, (r,s). At most, the size of the output will be six bytes more than twice the length of the order. Retrieve the field element length from ecParamsObj and do a simple manipulation to find the field element length in bytes.

A_EC_PARAMS *ecParamsInfo;

unsigned int order, maxSignatureLen; unsigned char *signature;

if((status = B_GetAlgorithmInfo((POINTER *)&ecParamsInfo, ecParamsObj, AI_ECParameters)) != 0)

break;

orderLen = ecParamInfo->order.len; maxSignatureLen = 2 * orderLen; signature = T_malloc(maxSignatureLen);

if ((status = (signature == NULL_PTR)) != 0) break;

Now, finalize the process and retrieve the signature. Note that the Reference Manual entry for AI_EC_DSA requires that you pass in a properly initialized random algorithm in B_SignFinal:

unsigned int signatureLen;

if ((status = B_SignFinal (ecDSASign, signature, &signatureLen, maxSignatureLen, randomAlgorithm, (A_SURRENDER_CTX *)NULL_PTR)) != 0)

break;

Step 6: Destroy

Destroy all objects that are no longer needed:

B_DestroyAlgorithmObject (&ecParamsObj);

B_DestroyAlgorihmObject (&ecParamsSign);

B_DestroyKeyObject (&publicKey);

B_DestroyKeyObject (&privateKey);

T_free (signature);

C h a p t e r 7 P u b l i c - K e y O p e r a t i o n s

2 9 5

Page 317
Image 317
RSA Security 5.2.2 manual Final, Aecparams *ecParamsInfo