EldoS | Feel safer!

Software components for data protection, secure storage and transfer

What is the length of a ECDSA signature?

Posted: 01/26/2010 13:27:19
by Mario Frechette (Standard support level)
Joined: 11/20/2009
Posts: 7

What is the formula for calculating the length of a signature produced with ECDSA (returned from TElECDSAPublicKeyCrypto.SignDetached) ? The length of the result seems to be variable. We need to be able to normalize it to a fixed length. What is the best way to do this ? Is it possible, for instance, to fill a fixed length array unambiguously with leading/trailing zeros ? Or must we add an additional value indicating what the length is ? Better yet, is the length already encoded in the result (if so, where) ?

Secondly, the TElECDSAPublicKeyCrypto.SignDetached function throws an "Output buffer is too small" exception when the output buffer is of insufficient length. However, the required length is greater than the resulting signature : it seems to need an extra 10 bytes or so to work. Is there some way to calculate the maximum required length ?
Posted: 01/26/2010 13:59:58
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 442

Hi. Actualy ECDSA signature is twice of size of EC key size, plus some bytes for ASN.1 encoding. And, the logic of all SBB functions, which returns data in buffer is to pass 0 as the size parameter, receive needed buffer size in it, and during the second call receive the result itself.
Posted: 01/26/2010 15:37:12
by Alain Willemot (Basic support level)
Joined: 01/26/2010
Posts: 2

Thank you for answering. The second part works well!

As to the first part, could you tell us how many is "some bytes" ? As stated, our problem is that we must find a way to convert the result to a fixed length array because we store it in a fixed length field. Therefore it's important that we have at least the maximum length.

Also, is the actual length encoded somewhere in the signature?

Posted: 01/26/2010 15:54:12
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 442

Yes, actual length is encoded in the signature, however, it is not an easy task to get it - you should read something about ASN.1 encoding and so on.
And, to make it easier, overhead should not be more than ~16 bytes, plus twice the number of EC field size of course (for example, for SECP256 it will be 256/8=32, 32*2 + 16 bytes ~ 80 bytes).
Posted: 01/27/2010 08:02:25
by Alain Willemot (Basic support level)
Joined: 01/26/2010
Posts: 2

I understand that 80 bytes is the size of the output buffer needed by SignDetached, for the given EC field size (SECP256).

Is this also the maximum size of the signature? I have produced a few signatures with 256-bit keys and I've got sizes of 69 to 72 bytes so far. Theoretically, we should expect twice the key size plus the ASN.1 syntax overhead of 6 bytes, so approximately 256/8 * 2 + 6 = 70 bytes. Regardless of the amount of extra workspace that SignDetached needs, how big can the final signature produced be?

ASN.1 seems to indicate that the signature would start like this :
First byte : identifier for an ECDSA signature value (always 48 in your signatures)
Second byte : the length of the value in bytes
Rest : the value itself (which further decomposes into two integers, the r and s components of the signature).
Therefore, the length of the entire signature would be 2 + the value of the second byte. Is this correct?

Thank you.
Posted: 01/27/2010 09:55:05
by Mykola Olshevsky (Basic support level)
Joined: 07/07/2005
Posts: 442

80 bytes is the approximated, 'safe' for sure, size of signature, generated by SBB, for 256-bit field.
If you need the precise size, you can calculate it by yourself, according to ASN.1 specification.
Size can differ, depending on first byte of signature elements (for byte > 0x80 zero byte is prepent).



Topic viewed 11076 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!