i need know encoding
https://msdn.microsoft.com/en-us/library/bb347054(v=vs.110).aspx
ecdsacng.signdata method (byte[])
is using it's byte array default , how convert der format accepted by
https://www.openssl.org/docs/manmaster/crypto/i2d_ecdsa_sig.html
so can verify c# generated ecsda signature in openssl using method ecdsa_do_verify.
i know sha1 , know how load digest, don't know byte encoding ecdsacng.signdata method, nor how convert der format, if need that.
an ecdsa signature value-pair (r, s).
windows cng emits concatenation of 2 values, , since .net not reinterpret data, de facto .net format. (r first half of array, s second half)
openssl expects der encoded structure of sequence(integer(r), integer(s)). loosely means { 0x30, payload_length, 0x02, r_length, r_bytes[0]...r_bytes[r_length-1], 0x02, s_length, s_bytes[0]...s_bytes[s_length-1] }; though it's trickier because padding bytes required when r_bytes[0] or s_bytes[0] >= 0x80 (since makes appear negative number).
unfortunately, there's not general purpose der encoder exposed in framework default.
if you're trying run on linux, might better served using .net core, since ecdsa implementation linux already does data translation.
Comments
Post a Comment