Add ECDSA signature R and S to X509 structure
Ken Goldman
kgoldman at us.ibm.com
Mon Aug 26 14:45:49 UTC 2019
On 8/17/2019 5:35 AM, Billy Brumley wrote:
> Hey Ken,
>
>> I have an ECDSA signature supplied to me as R and S byte arrays and
>> lengths (from an HSM).
>>
>> How do I add them to the X509 structure?
>>
>> Is there an API, a set of calls, or do you have any hints?
>
> You might be looking for ECDSA_SIG_set0:
>
> https://www.openssl.org/docs/man1.1.0/man3/ECDSA_SIG_set0.html
>
> You might find some snippets in ecdsatest.c.
>
> Hope it helps,
I think so. This seems to work. Does it make sense? Is there a better way?
- convert R and S, bin to bignum
- use ECDSA_SIG_set0 to create an ECDSA_SIG
- use i2d to convert the ECDSA_SIG to DER
- memcpy the DER into X509->signature->data
More information about the openssl-users
mailing list