11.12.3.4.86. Function Se05x_API_ECDSASign¶
Defined in File se05x_APDU_apis.h
11.12.3.4.86.1. Function Documentation¶
-
smStatus_t
Se05x_API_ECDSASign
(pSe05xSession_t session_ctx, uint32_t objectID, SE05x_ECSignatureAlgo_t ecSignAlgo, const uint8_t *inputData, size_t inputDataLen, uint8_t *signature, size_t *psignatureLen)¶ Se05x_API_ECDSASign
The ECDSASign command signs external data using the indicated key pair or private key.
The ECSignatureAlgo indicates the ECDSA algorithm that is used, but the hashing of data always must be done on the host. E.g., if ECSignatureAlgo = SIG_ ECDSA_SHA256, the user must have applied SHA256 on the input data already.
The user must take care of providing the correct input length; i.e., the data input length (TLV[TAG_3]) must match the digest indicated in the signature algorithm (TLV[TAG_2]).
In any case, the APDU payload must be smaller than MAX_APDU_PAYLOAD_LENGTH.
This is performed according to the ECDSA algorithm as specified in [ANSI X9.62]. The signature (a sequence of two integers ‘r’ and ‘s’) as returned in the response adheres to the ASN.1 DER encoded formatting rules for integers.
Command to Applet
Field
Value
Description
CLA
0x80
INS
INS_CRYPTO
P1
P1_SIGNATURE
See
SE05x_P1_t
P2
P2_SIGN
See
SE05x_P2_t
Lc
#(Payload)
TLV[TAG_1]
4-byte identifier of EC key pair or private key.
TLV[TAG_2]
1-byte ECSignatureAlgo.
TLV[TAG_3]
Byte array containing input data.
Le
0x00
Expecting ASN.1 signature
R-APDU Body
Value
Description
TLV[TAG_1]
ECDSA Signature in ASN.1 format.
R-APDU Trailer
SW
Description
SW_NO_ERROR
The command is handled successfully.
- Parameters
[in] session_ctx
: Session Context [0:kSE05x_pSession][in] objectID
: objectID [1:kSE05x_TAG_1][in] ecSignAlgo
: ecSignAlgo [2:kSE05x_TAG_2][in] inputData
: inputData [3:kSE05x_TAG_3][in] inputDataLen
: Length of inputData[out] signature
: [0:kSE05x_TAG_1][inout] psignatureLen
: Length for signature