PKI_mbedTLSSignatureToPkcs11Signature

Converts an ECDSA P-256 signature from the format provided by mbedTLS to the format expected by PKCS #11.

BaseType_t PKI_mbedTLSSignatureToPkcs11Signature( uint8_t * pxSignaturePKCS,
                                                  const uint8_t * pxMbedSignature );

For P-256 signatures, PKCS #11 expects a 64 byte signature, in the format of 32 byte R component followed by 32 byte S component.

mbedTLS provides signatures in DER encoded, zero-padded format.

Parameters

[out]	pxSignaturePKCS	Pointer to a 64 byte buffer where PKCS #11 formatted signature will be placed. Caller must allocate 64 bytes of memory.
[in]	pxMbedSignature	Pointer to DER encoded ECDSA signature.

Returns

0 on success, -1 on failure.