Filter
Top Products
Chapter 7 Public-Key Operations 295
Performing Elliptic Curve Operations
Step 5: Final
First you must allocate space to store the signature. The output of the ECDSA
signature is the BER encoding of a sequence of two integers, (r,s). At most, the size of
the output will be six bytes more than twice the length of the order. Retrieve the field
element length from
ecParamsObj and do a simple manipulation to find the field
element length in bytes.
Now, finalize the process and retrieve the signature. Note that the Reference Manual
entry for
AI_EC_DSA requires that you pass in a properly initialized random algorithm
in
B_SignFinal:
Step 6: Destroy
Destroy all objects that are no longer needed:
A_EC_PARAMS *ecParamsInfo;
unsigned int order, maxSignatureLen;
unsigned char *signature;
if((status = B_GetAlgorithmInfo((POINTER *)&ecParamsInfo, ecParamsObj,
AI_ECParameters)) != 0)
break;
orderLen = ecParamInfo->order.len;
maxSignatureLen = 2 * orderLen;
signature = T_malloc(maxSignatureLen);
if ((status = (signature == NULL_PTR)) != 0)
break;
unsigned int signatureLen;
if ((status = B_SignFinal (ecDSASign, signature, &signatureLen,
maxSignatureLen, randomAlgorithm,
(A_SURRENDER_CTX *)NULL_PTR)) != 0)
break;
B_DestroyAlgorithmObject (&ecParamsObj);
B_DestroyAlgorihmObject (&ecParamsSign);
B_DestroyKeyObject (&publicKey);
B_DestroyKeyObject (&privateKey);
T_free (signature);