CMOX - ECC - EDDSA no append/update function

TNeub.1 · ‎2025-06-02

How can it be, that the CMOX library implements `append` functions for hashes (like cmox_hash_append) but the equivalent for verification or signing of ECC algorithms does not exist?

How should we check the signature of a 10 MB update package on a device which just has 512 kB RAM?

We are using EDDSA, which already includes SHA-512 hashing. One workaround would be to sign the hash of the binary file, but that goes against the idea of EDDSA.

Jocelyn RICARD · ‎2025-06-05

Hello @TNeub.1 ,

OK my bad, I mixed with ECDSA.

The EDDSA provided in the crypto library cannot handle such use case. If you cannot change this signature mechanism, you will need to use another cryptolib.

Best regards

Jocelyn

View solution in original post

Jocelyn RICARD · ‎2025-06-04

Hello @TNeub.1 ,

The signature mechanism is always applied to a digest. You never sign directly.

The EDDSA you are using is just combining hash and signature which is not what is provided in the library.

Best regards

Jocelyn

TNeub.1 · ‎2025-06-05

Thank you for your reply.

What you mean by:

> The EDDSA you are using is just combining hash and signature which is not what is provided in the library.

What is not provided since the general functions for EDDSA exist?

Jocelyn RICARD · ‎2025-06-05

Hello @TNeub.1 ,

OK my bad, I mixed with ECDSA.

The EDDSA provided in the crypto library cannot handle such use case. If you cannot change this signature mechanism, you will need to use another cryptolib.

Best regards

Jocelyn