Add ECDSA signature R and S to X509 structure
kgoldman at us.ibm.com
Mon Aug 26 14:45:49 UTC 2019
On 8/17/2019 5:35 AM, Billy Brumley wrote:
> Hey Ken,
>> I have an ECDSA signature supplied to me as R and S byte arrays and
>> lengths (from an HSM).
>> How do I add them to the X509 structure?
>> Is there an API, a set of calls, or do you have any hints?
> You might be looking for ECDSA_SIG_set0:
> You might find some snippets in ecdsatest.c.
> Hope it helps,
I think so. This seems to work. Does it make sense? Is there a better way?
- convert R and S, bin to bignum
- use ECDSA_SIG_set0 to create an ECDSA_SIG
- use i2d to convert the ECDSA_SIG to DER
- memcpy the DER into X509->signature->data
More information about the openssl-users