Bouncy Castle convert ASN.1 to r and s byte arrays

Question

I have the following code that generates a digital signature:

byte[] GetSignature(byte[] message, byte[] privateKey)
{
    var ecParams = NistNamedCurves.GetByName("P-256");
    var domainParameters = new ECDomainParameters(ecParams.Curve, ecParams.G, ecParams.N, ecParams.H, ecParams.GetSeed());
    var d = new BigInteger(1, privateKey);
    var privateKeyParameters = new ECPrivateKeyParameters(d, domainParameters);

    var signer = SignerUtilities.GetSigner("SHA-256withECDSA");
    signer.Init(true, privateKeyParameters);
    signer.BlockUpdate(message, 0, message.Length);

    var signature = signer.GenerateSignature();
    return signature;
}

This code returns a 71 byte array in ASN.1 format, however my consuming code expects the signature to be 64 bytes, composed of the r and s values. I would like to extract the r and s byte arrays. How do I do this?

This is the DER-encoded ASN.1 structure of the signature explained in detail [here](https://crypto.stackexchange.com/a/1797), in particular how `r` and `s` can be derived from it. — Topaco, Jul 11 '20 at 17:24

score 4 · Accepted Answer · answered Jul 12 '20 at 04:15

4

In recent versions of bc-csharp, you can just change "SHA-256withECDSA" to "SHA-256withPLAIN-ECDSA" and then GenerateSignature will directly produce the 64 byte signature instead of the ASN.1 value.

answered Jul 12 '20 at 04:15

Peter Dettman

3,867
20
34

Bouncy Castle convert ASN.1 to r and s byte arrays

1 Answers1

Linked