On 8/17/2019 5:35 AM, Billy Brumley wrote:
Hey Ken,
I have an ECDSA signature supplied to me as R and S byte arrays and
lengths (from an HSM).
How do I add them to the X509 structure?
Is there an API, a set of calls, or do you have any hints?
You might be looking for ECDSA_SIG_set0:
https://www.openssl.org/docs/man1.1.0/man3/ECDSA_SIG_set0.html
You might find some snippets in ecdsatest.c.
Hope it helps,
I think so. This seems to work. Does it make sense? Is there a better way?
- convert R and S, bin to bignum
- use ECDSA_SIG_set0 to create an ECDSA_SIG
- use i2d to convert the ECDSA_SIG to DER
- memcpy the DER into X509->signature->data
