AI_EC_DSA

Key info types for keyObject in B_SignInit:

KI_ECPrivate or KI_ECPrivateBER.

Key info types for keyObject in B_VerifyInit:

KI_ECPublic or KI_ECPublicBER.

Input constraints:

In practice, the input to the ECDSA algorithm — that is, the data to sign — is generally the result of a digest operation. In Crypto-C’s implementation, however, the only restrictions on the input are that it must be at least 16 bytes and no more than 32 bytes long.

Output considerations:

The signature result of B_SignFinal is the concatenation of the signature elements (r,s), as defined in section 5.3.1 of the X9.57 Draft. The size of signature is 2*(length of order) bytes. For instance, if the order is 160 bits (20 bytes), the signature will be 40 bytes long.

C h a p t e r 2 A l g o r i t h m I n f o Ty p e s

67

Page 76 Page 78
Page 77
Image 77
RSA Security 5 manual KIECPrivate or KIECPrivateBER
Page 76 Page 78
Top Page Image Contents