1 /* SPDX-License-Identifier: BSD-2-Clause */ 2 /* 3 * Copyright (C) 2024, Institute of Information Security (IISEC) 4 */ 5 6 #ifndef PTA_VERAISON_ATTESTATION_SIGN_H 7 #define PTA_VERAISON_ATTESTATION_SIGN_H 8 9 #include <stddef.h> 10 #include <stdint.h> 11 #include <tee_api_types.h> 12 13 /** 14 * Sign a message with ECDSA w/ SHA-256 15 * @param msg The message to sign 16 * @param msg_len The length of the message to sign 17 * @param sig [out] Where to store the signature. The signature format 18 * follows the specifications in RFC 7518 Section 3.4. This 19 * means the signature will be output in a 'plain signature' 20 * format, diverging from the traditional ASN.1 DER encoding. 21 * In this context, 'plain signature' refers to the direct 22 * concatenation of the r and s values of the ECDSA signature, 23 * each occupying exactly half of the signature space. When 24 * using a 256-bit ECDSA key, r and s are each 32 bytes long. 25 * In a plain signature, these values are simply concatenated 26 * to produce a total signature of 64 bytes. 27 * @param sig_len [in/out] The max size and resulting size of the signature. 28 * It is important to ensure that the provided buffer is 29 * sufficiently large to hold the signature in its specified 30 * format. The resulting size will indicate the actual size of 31 * the signature in bytes. 32 * @return TEE_SUCCESS if successful 33 */ 34 TEE_Result sign_ecdsa_sha256(const uint8_t *msg, size_t msg_len, uint8_t *sig, 35 size_t *sig_len); 36 37 #endif /*PTA_VERAISON_ATTESTATION_SIGN_H*/ 38