Searching counterpart for STM32CubeExpansion_Crypto_V4.2.0 ECDSA

Mr_M_from_G · ‎2024-05-24

I implemented a ECDSA signature generation and checking on STM32H743ZI NUCLEO using STM32CubeExpansion_Crypto_V4.2.0 library example ECDSA_SignVerify.

I did similiar with Python using https://pypi.org/project/ecdsa/

Unfortunately signature generated by one fail to verify with the other although using the same input for hash, private and public key and curve. I used SECP256k1 / SECP256K1 and NIST256p / SECP256R1 on Python / STM32.

Any suggestions? What are the tools ST verified the libraries with?

Verification on the same platform works fine in both cases.

Thanks for any help.

Mr_M_from_G · ‎2024-06-20

Python's ecdsa function verify always does a hash internally, I needed to use verify_digest.

View solution in original post

Tesla DeLorean · ‎2024-05-24

I used patterns here for SECP256K1

https://github.com/pyca/cryptography/blob/main/vectors/cryptography_vectors/asymmetric/ECDSA/SECP256K1/SigGen.txt#L6314

Using a early version of Easy ECC, something I can build readily with MSVC, KEIL and GNU/GCC without a complete circus. I have to address some endian issues, but I understand them..

For the SECP192R1 / SECP256R1 I used NIST's materials directly, ie FIPS 186-2 and/or FIPS 186-4

https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/digital-signatures#ecdsa2vs

Using SigGen.txt [P-256,SHA-256] test vectors

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..

Mr_M_from_G · ‎2024-06-20

Python's ecdsa function verify always does a hash internally, I needed to use verify_digest.