commit 49241637e83294636a4420a1de0aed4d8dff4c0e
author Andrzej Kurek <andrzej.kurek@arm.com> Thu Feb 08 09:03:21 2018 -0500
committer Andrzej Kurek <andrzej.kurek@arm.com> Thu Feb 08 09:03:21 2018 -0500
tree 23434e4b81d8860a1a1ea5136f5d4ab8709a1187
parent 32605dc83042d737e715a685e53176388d73540e
parent 21e449db2f56b30246f2b92e3d64b7e13eaa8aaf

Merge opaque-keys-interfaces into develop

include/mbedtls/ecdsa.h

diff --git a/include/mbedtls/ecdsa.h b/include/mbedtls/ecdsa.h
index aa23d67..8725cee 100644
--- a/include/mbedtls/ecdsa.h
+++ b/include/mbedtls/ecdsa.h
@@ -51,10 +51,41 @@
 #if MBEDTLS_ECP_MAX_BYTES > 124
 #error "MBEDTLS_ECP_MAX_BYTES bigger than expected, please fix MBEDTLS_ECDSA_MAX_LEN"
 #endif
-/** The maximal size of an ECDSA signature in Bytes. */
-#define MBEDTLS_ECDSA_MAX_LEN  ( 3 + 2 * ( 3 + MBEDTLS_ECP_MAX_BYTES ) )
 
 /**
+ * \brief           Maximum ECDSA signature size for a given curve bit size
+ *
+ * \param bits      Curve size in bits
+ * \return          Maximum signature size in bytes
+ *
+ * \note            This macro returns a compile-time constant if its argument
+ *                  is one. It may evaluate its argument multiple times; if
+ *                  this is a problem, call the function
+ *                  mbedtls_ecdsa_max_sig_len instead.
+ */
+#define MBEDTLS_ECDSA_MAX_SIG_LEN( bits )                               \
+    ( /*T,L of SEQUENCE*/ ( ( bits ) >= 61 * 8 ? 3 : 2 ) +              \
+      /*T,L of r,s*/        2 * ( ( ( bits ) >= 127 * 8 ? 3 : 2 ) +     \
+      /*V of r,s*/                ( ( bits ) + 8 ) / 8 ) )
+
+/**
+ * \brief           Maximum ECDSA signature size for a given curve bit size
+ *
+ * \param bits      Curve size in bits
+ * \return          Maximum signature size in bytes
+ *
+ * \note            If you need a compile-time constant, call the macro
+ *                  MBEDTLS_ECDSA_MAX_SIG_LEN instead.
+ */
+static inline size_t mbedtls_ecdsa_max_sig_len( size_t bits )
+{
+    return( MBEDTLS_ECDSA_MAX_SIG_LEN( bits ) );
+}
+
+/** The maximal size of an ECDSA signature in Bytes. */
+#define MBEDTLS_ECDSA_MAX_LEN (MBEDTLS_ECDSA_MAX_SIG_LEN( \
+        8 * MBEDTLS_ECP_MAX_BYTES ) )
+/**
  * \brief           The ECDSA context structure.
  */
 typedef mbedtls_ecp_keypair mbedtls_ecdsa_context;
@@ -256,6 +287,33 @@
 #endif /* MBEDTLS_ECDSA_DETERMINISTIC */
 
 /**
+ * \brief           Convert a signature from numbers to ASN.1
+ *
+ * \param r         First number of the signature
+ * \param s         Second number of the signature
+ * \param sig       Buffer that will hold the signature
+ * \param slen      Length of the signature written
+ * \param ssize     Size of the sig buffer
+ *
+ * \note            The size of the buffer \c ssize should be at least
+ *                  `MBEDTLS_ECDSA_MAX_SIG_LEN(grp->pbits)` bytes long if
+ *                  the signature was produced from curve \c grp,
+ *                  otherwise this function will return an error.
+ *                  The output ASN.1 SEQUENCE format is as follows:
+ *                  Ecdsa-Sig-Value ::= SEQUENCE {
+ *                              r       INTEGER,
+ *                              s       INTEGER
+ *                          }
+ *
+ * \return          0 if successful,
+ *                  or a MBEDTLS_ERR_MPI_XXX or MBEDTLS_ERR_ASN1_XXX error code
+ *
+ */
+int mbedtls_ecdsa_signature_to_asn1( const mbedtls_mpi *r, const mbedtls_mpi *s,
+                             unsigned char *sig, size_t *slen,
+                             size_t ssize );
+
+/**
  * \brief           This function reads and verifies an ECDSA signature.
  *
  * \param ctx       The ECDSA context.