Skip to main content
Mr_M_from_G
Mr_M_from_G
Senior II
May 24, 2024
Solved

Searching counterpart for STM32CubeExpansion_Crypto_V4.2.0 ECDSA

  • May 24, 2024
  • 2 replies
  • 1310 views

I implemented a ECDSA signature generation and checking on STM32H743ZI NUCLEO using STM32CubeExpansion_Crypto_V4.2.0 library example ECDSA_SignVerify.

I did similiar with Python using https://pypi.org/project/ecdsa/

Unfortunately signature generated by one fail to verify with the other although using the same input for hash, private and public key and curve. I used SECP256k1 / SECP256K1 and NIST256p / SECP256R1 on Python / STM32.

Any suggestions? What are the tools ST verified the libraries with?

Verification on the same platform works fine in both cases.

Thanks for any help.

 

 

Best answer by Mr_M_from_G

Python's ecdsa function verify always does a hash internally, I needed to use verify_digest.

2 replies

Tesla DeLorean
Tesla DeLorean
Guru
May 24, 2024

I used patterns here for SECP256K1

https://github.com/pyca/cryptography/blob/main/vectors/cryptography_vectors/asymmetric/ECDSA/SECP256K1/SigGen.txt#L6314

Using a early version of Easy ECC, something I can build readily with MSVC, KEIL and GNU/GCC without a complete circus. I have to address some endian issues, but I understand them..

For the  SECP192R1 / SECP256R1 I used NIST's materials directly, ie FIPS 186-2 and/or FIPS 186-4

https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/digital-signatures#ecdsa2vs

Using  SigGen.txt [P-256,SHA-256] test vectors

Tips, Buy me a coffee, or three.. PayPal VenmoUp vote any posts that you find helpful, it shows what's working..
Mr_M_from_G
Mr_M_from_GAuthorBest answer
Senior II
June 20, 2024

Python's ecdsa function verify always does a hash internally, I needed to use verify_digest.

Terms & ConditionsAccessibility statement