Signature#

Digital Signature Algorithms (ECDSA, EdDSA).

API for using digital signatures with the SE.

Functions#

sl_status_t
sl_se_ecc_sign(sl_se_command_context_t *cmd_ctx, const sl_se_key_descriptor_t *key, sl_se_hash_type_t hash_alg, bool hashed_message, const unsigned char *message, size_t message_len, unsigned char *signature, size_t signature_len)

This function computes Elliptic-Curve Cryptography (ECC) digital signatures of a message.

sl_status_t
sl_se_ecc_verify(sl_se_command_context_t *cmd_ctx, const sl_se_key_descriptor_t *key, sl_se_hash_type_t hash_alg, bool hashed_message, const unsigned char *message, size_t message_len, const unsigned char *signature, size_t signature_len)

This function verifies Elliptic-Curve Cryptography (ECC) digital signatures of a message.

Function Documentation#

sl_se_ecc_sign#

sl_status_t sl_se_ecc_sign (sl_se_command_context_t *cmd_ctx, const sl_se_key_descriptor_t *key, sl_se_hash_type_t hash_alg, bool hashed_message, const unsigned char *message, size_t message_len, unsigned char *signature, size_t signature_len)

This function computes Elliptic-Curve Cryptography (ECC) digital signatures of a message.

Parameters
[in]cmd_ctx

Pointer to an SE command context object.

[in]key

Pointer to sl_se_key_descriptor_t structure.

[in]hash_alg

Which hashing algorithm to use. Ignored for EdDSA keys, since EdDSA always uses SHA-512 for Ed25519 and SHA-3 for Ed448.

[in]hashed_message

The input message is a message digest. Ignored for EdDSA keys, and treated as false.

[in]message

The message to be used to compute the signature.

[in]message_len

The length of message.

[out]signature

The computed signature.

[in]signature_len

The length of the computed signature.

Note

  • Edwards-curve Digital Signature Algorithm (EdDSA) generates a message digest using the input message for computing signatures. The input parameters hash_alg and hashed_message do not apply for EdDSA.

P-521 Elliptic Curve for Elliptic Curve Digital Signature Algorithm (ECDSA) expects a 544 bits (68 bytes) buffer for storing private keys, and a 1088 bits (136 bytes) buffer for storing public keys and signatures. The first 23 bits of d, Qx, Qy, R and S are padding bits to comply word-aligned addressing.

Returns

  • SL_STATUS_OK when the command was executed successfully, otherwise an appropiate error code (sl_status.h).


Definition at line 113 of file platform/security/sl_component/se_manager/inc/sl_se_manager_signature.h

sl_se_ecc_verify#

sl_status_t sl_se_ecc_verify (sl_se_command_context_t *cmd_ctx, const sl_se_key_descriptor_t *key, sl_se_hash_type_t hash_alg, bool hashed_message, const unsigned char *message, size_t message_len, const unsigned char *signature, size_t signature_len)

This function verifies Elliptic-Curve Cryptography (ECC) digital signatures of a message.

Parameters
[in]cmd_ctx

Pointer to an SE command context object.

[in]key

Pointer to sl_se_key_descriptor_t structure.

[in]hash_alg

Which hashing algorithm to use. Ignored for EdDSA keys, since EdDSA always uses SHA-512 for Ed25519 and SHA-3 for Ed448.

[in]hashed_message

The input message is a message digest. Ignored for EdDSA keys, and treated as false.

[in]message

The message to be used to compute signatures.

[in]message_len

The length of message.

[in]signature

The signature to be verified.

[in]signature_len

The length of signature.

Note

  • The input parameters hash_alg and hashed_message do not apply for Edwards-curve Digital Signature Algorithm (EdDSA).

P-521 Elliptic Curve for Elliptic Curve Digital Signature Algorithm (ECDSA) expects a 544 bits (68 bytes) buffer for storing private keys, and a 1088 bits (136 bytes) buffer for storing public keys and signatures. The first 23 bits of d, Qx, Qy, R and S are padding bits to comply word-aligned addressing.

Returns

  • SL_STATUS_OK if the signature is successfully verified, otherwise an appropiate error code (sl_status.h).


Definition at line 167 of file platform/security/sl_component/se_manager/inc/sl_se_manager_signature.h