Closed falko-strenzke closed 2 months ago
Our document in the current state does not actually clearly define the ECDSA signature. It mentions
(ecdsaSignatureR, ecdsaSignatureS) <- ECDSA.Sign(ecdsaSecretKey, dataDigest)
without saying what ECDSA.Sign() actually means. In my understanding is that this is raw signing and no further hash is calculated on dataDigest. But indeed that needs clarification in the document.
For NIST definition of ECDSA sign we should use: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf#page=33. We might also point to the BSI's specification in parallel: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03111/BSI-TR-03111_V-2-1_pdf.pdf?__blob=publicationFile&v=1#page=22
I would like to hear also Johannes judgement if what I say above about the hashing is correct.
@TJ-91
I agree, and this needs to be clarified.
Our document in the current state does not actually clearly define the ECDSA signature. It mentions
without saying what ECDSA.Sign() actually means. In my understanding is that this is raw signing and no further hash is calculated on dataDigest. But indeed that needs clarification in the document.
For NIST definition of ECDSA sign we should use: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-5.pdf#page=33. We might also point to the BSI's specification in parallel: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03111/BSI-TR-03111_V-2-1_pdf.pdf?__blob=publicationFile&v=1#page=22
I would like to hear also Johannes judgement if what I say above about the hashing is correct.
@TJ-91