1 (edited by windsp 2016-03-11 04:11:50)

Topic: ECDSA API [ecc_sign_hash()] generate a 63 bytes signature in sometimes

Hi Admin,


I use the API ecc_sign_hash() to generate digital signature with spec256r1 curve configuration.
In usual, the API generate a 64 bytes signature, but there is a very low probability to have a 63 bytes signature.
Could you kindly let me know if this is a normal output of ECDSA algorithm?
Besides, is it possible to generate 64 bytes ECDSA signature every time?

[An example of generating 63 bytes signature example for your reference]

[Input - 32 bytes]:
09 F7 82 E3 89 7B AE 5F 26 81 9B D0 BA 1D F7 E0 71 41 0E 22 92 52 DC AC 72 5B 25 60 C0 32 9E 1A

[Private key d - 32 bytes]
E3 53 EC 42 44 B1 9E 95 18 73 D1 5C 21 26 3C 95 F9 EB A6 B2 DE D0 6F F6 55 28 7C 4A CA AC 78 34

[Publick key point coordinate xD - 32 bytes]
D8 05 CF 80 C7 D8 31 B8 E4 86 81 F3 86 BD 00 78 A6 4A 95 B3 EB 43 14 69 96 D7 6B 4B 95 FA 60 D5

[Publick key point coordinate yD - 32 bytes]
15 4D 5F 35 3F 78 07 15 DA B6 86 23 61 D0 E9 79 A0 70 A5 0E D7 2E 5A 30 C5 59 01 46 C5 36 51 D2

[Randam number k - 32 bytes]
49 1D BD BB 46 09 E5 7E EF 86 A2 E4 8D AF 70 A2 48 E7 A0 8B F3 8D A3 94 4C 3E 27 C0 74 C1 67 DA

[ECDSA signature - 63 bytes]
AF 44 7F B6 76 B4 DD 8A BD B1 B4 7F 13 DA 8C 97 CD 6B 7B 6F BE 60 10 12 F5 56 07 0B 31 5B E0 97
61 1F C6 9D C2 B6 6A 47 0A F2 AB C8 4A A1 86 63 AC F3 42 E4 F6 86 02 88 A8 6B 60 11 7F D4 2D


Many thanks.  smile

Share

Re: ECDSA API [ecc_sign_hash()] generate a 63 bytes signature in sometimes

This issue is being handled through the wolfSSL support channel instead.  Copying ECDSA signature size information here for reference:

ECDSA signatures are composed of a tuple (R,S) combined with an ECC header and some padding. R and S are between 0 and n (n being the curve order, which is 256-bits in your case, or 32-bytes). This means that R and S can have a maximum of 32 each, but can also be smaller than 32, given the 0-n range.

The maximum ECDSA signature size, as given by wc_ecc_sig_size(), is 74 bytes for a 256-bit ECDSA key, but the minimum size can vary.

Chris