11.12.3.4.89. Function Se05x_API_EdDSAVerify

11.12.3.4.89.1. Function Documentation

smStatus_t Se05x_API_EdDSAVerify(pSe05xSession_t session_ctx, uint32_t objectID, SE05x_EDSignatureAlgo_t edSignAlgo, const uint8_t *inputData, size_t inputDataLen, const uint8_t *signature, size_t signatureLen, SE05x_Result_t *presult)

Se05x_API_EdDSAVerify

The EdDSAVerify command verifies whether the signature is correct for a given data input (hashed using SHA512) using an EC public key or EC key pair’s public key. The signature needs to be given as concatenation of r and s.

The data needs to be compared with the plain message without being hashed.

Note : See chapter 7 for correct byte order as both r and s need to be byte swapped.

This is performed according to the EdDSA algorithm as specified in [RFC8032].

The key cannot be passed externally to the command directly. In case users want to use the command to verify signatures using different public keys or the public key value regularly changes, the user should create a transient key object to which the key value is written and then the identifier of that transient secure object can be used by this EdDSAVerify command.

Command to Applet

Field

Value

Description

CLA

0x80

INS

INS_CRYPTO

SE05x_INS_t

P1

P1_SIGNATURE

See SE05x_P1_t

P2

P2_VERIFY

See SE05x_P2_t

Lc

#(Payload)

TLV[TAG_1]

4-byte identifier of the key pair or public key.

TLV[TAG_2]

1-byte EDSignatureAlgoRef.

TLV[TAG_3]

64-byte array containing the signature (concatenation of r and s).

TLV[TAG_5]

Byte array containing plain data to compare.

Le

0x03

Expecting TLV with SE05x_Result_t

R-APDU Body

Value

Description

TLV[TAG_1]

Result of the signature verification (SE05x_Result_t).

R-APDU Trailer

SW

Description

SW_NO_ERROR

The command is handled successfully.

SW_CONDITIONS_NOT_SATISFIED

Incorrect data

Parameters
  • [in] session_ctx: Session Context [0:kSE05x_pSession]

  • [in] objectID: objectID [1:kSE05x_TAG_1]

  • [in] edSignAlgo: edSignAlgo [2:kSE05x_TAG_2]

  • [in] inputData: inputData [3:kSE05x_TAG_3]

  • [in] inputDataLen: Length of inputData

  • [in] signature: signature [4:kSE05x_TAG_5]

  • [in] signatureLen: Length of signature

  • [out] presult: [0:kSE05x_TAG_1]