11.12.3.4.84. Function Se05x_API_ECDAASign¶
Defined in File se05x_APDU_apis.h
11.12.3.4.84.1. Function Documentation¶
-
smStatus_t
Se05x_API_ECDAASign
(pSe05xSession_t session_ctx, uint32_t objectID, SE05x_ECDAASignatureAlgo_t ecdaaSignAlgo, const uint8_t *inputData, size_t inputDataLen, const uint8_t *randomData, size_t randomDataLen, uint8_t *signature, size_t *psignatureLen)¶ Se05x_API_ECDAASign
The ECDAASign command signs external data using the indicated key pair or private key. This is performed according to ECDAA. The generated signature is:
r = random mod n
s = (r + T.ds) mod n where d is the private key
The ECDAASignatureAlgo indicates the applied algorithm.
This APDU command should be used with a key identifier linked to TPM_ECC_BN_P256 curve.
Note: The applet allows the random input to be 32 bytes of zeroes; the user must take care that this is not considered as valid input. Only input in the interval [1, n-1] must be considered as valid.
Command to Applet
Field
Value
Description
CLA
0x80
INS
INS_CRYPTO
P1
P1_SIGNATURE
See
SE05x_P1_t
P2
P2_SIGN
See
SE05x_P2_t
Lc
#(Payload)
TLV[TAG_1]
4-byte identifier of EC key pair or private key.
TLV[TAG_2]
1-byte ECDAASignatureAlgo
TLV[TAG_3]
T = 32-byte array containing hashed input data.
TLV[TAG_4]
r = 32-byte array containing random data, must be in the interval [1, n-1] where n is the order of the curve.
Le
0x00
Expecting signature
R-APDU Body
Value
Description
TLV[TAG_1]
ECDSA Signature (r concatenated with s).
R-APDU Trailer
SW
Description
SW_NO_ERROR
The command is handled successfully.
- Parameters
[in] session_ctx
: Session Context [0:kSE05x_pSession][in] objectID
: objectID [1:kSE05x_TAG_1][in] ecdaaSignAlgo
: ecdaaSignAlgo [2:kSE05x_TAG_2][in] inputData
: inputData [3:kSE05x_TAG_3][in] inputDataLen
: Length of inputData[in] randomData
: randomData [4:kSE05x_TAG_4][in] randomDataLen
: Length of randomData[out] signature
: [0:kSE05x_TAG_1][inout] psignatureLen
: Length for signature