Hi werchter,

You should build with WOLFSSL_PUBLIC_MP defined and use mp_read_unsigned_bin, which will be built as a public API.

Check out our example here: https://github.com/wolfSSL/wolfssl-exam … ecc_sign.cThanks,

Kareem

Thanks! That helped a lot, building with WOLFSSL_PUBLIC_MP was an important part of the puzzle that I was missing.

BTW: When looking at the example, I think for exporting the key as binary string, mp_to_unsigned_bin needs to be used, instead of mp_read_unsigned_bin (for importing)?

At least mp_read_unsigned_bin seems to work for me

You should build with WOLFSSL_PUBLIC_MP defined and use mp_read_unsigned_bin, which will be built as a public API.

Check out our example here: https://github.com/wolfSSL/wolfssl-exam … ecc_sign.c

Thanks,

Kareem

I’m using

`wc_ecc_sign_hash_ex`

to get generate an ECDSA signature, and get the R and S components.

I need these to encode a CBOR COSE message (RFC 8152). The signature in a COSE message is a concatenation of the R and S components as a byte string. From RFC 8152:

The signature algorithm results in a pair of integers (R, S). These

integers will be the same length as the length of the key used for

the signature process. The signature is encoded by converting the

integers into byte strings of the same length as the key size. The

length is rounded up to the nearest byte and is left padded with zero

bits to get to the correct length. The two integers are then

concatenated together to form a byte string that is the resulting

signature.

But, I can’t figure out how to get from R and S as (mp_int), to a byte string, with wolfSSL, without using the internal mp_read_unsigned_bin.

Is there a way?

Thanks for any help!

]]>