On Wed, May 24, 2017 at 6:27 PM, Nicolas Mora <[email protected]> wrote: > Hello, > > I'm still working on porting libjwt https://github.com/benmcollins/libjwt > from openssl to gnutls. > > The last problem I have is about ECDSA signatures. If I use a GNUTLS_PK_EC > private key to sign the data with gnutls_privkey_sign_data, the libjwt unit > tests fail. > > I see in the openssl version of libjwt that after signing the data, that it > converts to a raw format of R/S, by decoding the signature: > https://github.com/benmcollins/libjwt/blob/master/libjwt/jwt-openssl.c#L264 > > For the verification procedure, it converts back the signature to ASN1: > https://github.com/benmcollins/libjwt/blob/master/libjwt/jwt-openssl.c#L386 > > Are there equivalent functions to encode/decode ECDSA signatures in GnuTLS?
Unfortunately there isn't any such function. Since 3.5.x there is an exported, but still internal function _gnutls_decode_ber_rs_raw() for that. I created an issue to export them for 3.6.0, but until then you may want to replicate them to use them. regards, Nikos [0]. https://gitlab.com/gnutls/gnutls/issues/205 _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
