alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-09-30 19:19:21 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(mbedtls/ecdsa): Add support for deterministic ECDSA signature generation

Browse Source
This commit is contained in:
harshal.patil
2024-03-28 17:54:00 +05:30
parent cd98dfc3fd
commit 70ef80d974
5 changed files with 139 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
docs/en/api-reference/peripherals/ecdsa.rst
View File

@@ -59,11 +59,21 @@ Following code snippet uses :cpp:func:`esp_efuse_write_key` to set physical key
// writing key failed, maybe written already
}
.. only:: SOC_ECDSA_SUPPORT_DETERMINISTIC_MODE
Determinisitic Signature Generation
-----------------------------------
The ECDSA peripheral of {IDF_TARGET_NAME} also supports generation of deterministic signatures using deterministic derivation of the parameter K as specified in the `RFC 6979 <https://tools.ietf.org/html/rfc6979>`_ section 3.2.
Non-Determinisitic Signature Generation
---------------------------------------
Dependency on TRNG
------------------
^^^^^^^^^^^^^^^^^^
ECDSA peripheral relies on the hardware True Random Number Generator (TRNG) for its internal entropy requirement. During ECDSA signature creation, the algorithm requires a random integer to be generated as specified in the `RFC 6090 <https://tools.ietf.org/html/rfc6090>`_ section 5.3.2.
ECDSA peripheral relies on the hardware True Random Number Generator (TRNG) for its internal entropy requirement for generating non-deterministic signatures. During ECDSA signature creation, the algorithm requires a random integer to be generated as specified in the `RFC 6090 <https://tools.ietf.org/html/rfc6090>`_ section 5.3.2.
Please ensure that hardware :doc:`RNG <../system/random>` is enabled before starting ECDSA computations (primarily signing) in the application.