On 28/10/2021 22:46, Kory Hamzeh wrote:
Hi Matt, I am making the changes that you suggested, I think I can get the X and Y by using EVP_PKEY_get_bn_param() with OSSL_PKEY_PARAM_EC_PUB_X and _PUB_Y.
Yes. Correct.
What I cannot figure out is how to get R and S. If I had an ECDSA_SIG, I would call ECDSA_SIG_get0_r() and _s(). Are there EVP_PKEY params for R and S?
An ECDSA signature is just a DER encoded ECDSA_SIG structure. Therefore take the resulting signature and call d2i_ECDSA_SIG. This will enable you to access r and s.
Matt
Thanks, KoryOn Oct 27, 2021, at 11:04 AM, Kory Hamzeh <k...@avatarci.com> wrote: Hi, I am upgrading some 3RD party code which performs FIPS ECDSA AVS testing for FIPS 140-2 certification. The code uses FIPS_escda_sign(), which in Openssl-fips-2.0.5 is define as: ECDSA_SIG * FIPS_ecdsa_sign(EC_KEY *key, const unsigned char *msg, size_t msglen , const EVP_MD *mhash) The full code is here: https://github.com/majek/openssl/blob/master/fips/ecdsa/fips_ecdsavs.c I have read through all of the ECDSA sign man pages, and I cannot find a functions that is close to accepting some of the same parameter. I could use some help please. I have very little experience with ECDSA. Thanks, Kory
