Any example of ECDSA sign/verify ? (and its generated size code)
Haven't found any examples of it in mbedtls_selftest and mbedtls_benchmarks examples.
I've tried RSA one's and the code generated overflows flash program memory of the micro (128kB).
So haven't tried ECDSA (and I have very little of cryptography methods in general), do you think ECDSA could be an alternative to RSA or it probably occupies same or more space?
You can see in the
benchmark example how the
ECDSA write signature and read signature are used. These functions wrap the
mbedtls_ecdsa_verify, encoding\decoding the signature to ASN1 notation.
Note that ECDSA uses smaller keys than the RSA, so it should have smaller RAM than RSA.
You can look at the KB article for more information how to fine tune the ECC usage.
Mbed TLS Team member
Hi Ron thanks for your reply! I miserably missed that example >_<''
I have tried with the following code (almost the same as the example) and all the returns are ok.
mbedtls_ecdsa_context ecdsa; const mbedtls_ecp_curve_info *curve_info = mbedtls_ecp_curve_info_from_grp_id(MBEDTLS_ECP_DP_SECP256R1); size_t sig_len; unsigned char tmp; memset(buf, 0x2A, sizeof(buf)); strcpy((char *)buf, "hello world"); //just fill with something other than 0x2A mbedtls_ecdsa_init(&ecdsa); int ret_genkey = mbedtls_ecdsa_genkey(&ecdsa, curve_info->grp_id, myrand, NULL); int ret_write_sign = mbedtls_ecdsa_write_signature(&ecdsa, MBEDTLS_MD_SHA256, buf, curve_info->bit_size, tmp, &sig_len, myrand, NULL); printf("ret_genkey = %d\n", ret_genkey); printf("ret_write_sign = %d\n", ret_write_sign); ecp_clear_precomputed(&ecdsa.grp); int ret_verify = mbedtls_ecdsa_read_signature(&ecdsa, buf, curve_info->bit_size, tmp, sig_len); printf("ret_verify = %d\n", ret_verify);
As you can see I'm using MBEDTLS_ECP_DP_SECP256R1 curve, however when I'm debugging it if I check the value of tmp signature buffer, in the position tmp I find this:
"<chars> \0\0\0ECDSA-secp192r1\0/\0\0\0\001\0\0 <chars>"
I guess it has to do with ASN1 notation, but does it mean that is using a ECDSA-secp192r1 curve instead of the one I've selected?
I have tried your example and didn't get your result.
Also, the you should check the value of
sig_len, it should be smaller than 120.
Signature for SECp256R1 should be 64 bytes size, adding the ASN1 notation should add few more bytes.
I believe the value you are seeing at position 120 is residue from previous operation.
Mbed TLS Team member
Just checked again and I don't see that string and the function returns are ok. So it's all fine. Thanks.