You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It seems (from code inspection while digging through what safe buffer sizes for signature buffers are and whether *siglen can be predetermined; I'm not at the point of using it yet) that the mbedtls ECDSA implementation uses ASN.1 encoding for signatures where COSE expects its own fixed-length encoding.
Code path:
cose_crypto_sign_ecdsa at src/crypt/mbedtls.c calls mbedtls_ecdsa_write_signature
mbedtls_ecdsa_write_signature at library/ecdsa.c calls (via mbedtls_ecdsa_write_signature_restartable) ecdsa_signature_to_asn1 into sig[*siglen]
Using the function defined in [RFC8017], the signature is:
Signature = I2OSP(R, n) | I2OSP(S, n)
where n = ceiling(key_length / 8)
As mbedtls is the only ECDSA implementation in libcose, it wouldn't run against common test vectors. Has this been tested against any external COSE implementation yet?
The text was updated successfully, but these errors were encountered:
It seems (from code inspection while digging through what safe buffer sizes for signature buffers are and whether
*siglencan be predetermined; I'm not at the point of using it yet) that the mbedtls ECDSA implementation uses ASN.1 encoding for signatures where COSE expects its own fixed-length encoding.Code path:
while https://tools.ietf.org/html/rfc8152#section-8.1 says:
As mbedtls is the only ECDSA implementation in libcose, it wouldn't run against common test vectors. Has this been tested against any external COSE implementation yet?
The text was updated successfully, but these errors were encountered: