Consider i have sample sample ECDSA public key with the following parameters:
Point Value
03 42
00 04 C9 A3 63 92 24 9C 7C 3B
CD 6B 3D 89 F6 16 13 21 B9 AC 99 42 60 C7 4A E2
7D 4A 03 80 BE 80 47 C1 3D FA 08 70 F9 8F 9F 65
BB 81 A5 5B 7C 6B 21 ED 7F 18 82 D2 07 7A 89 5E
56 10 F6 EC AC 39 14 B5
and
secp256k1
30 81 A2 02 01 01 30 2C 06 07 2A 86 48 CE 3D 01
01 02 21 00 FF FF FF FF FF FF FF FF FF FF FF FF
FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FE
FF FF FC 2F 30 06 04 01 00 04 01 07 04 41 04 79
BE 66 7E F9 DC BB AC 55 A0 62 95 CE 87 0B 07 02
9B FC DB 2D CE 28 D9 59 F2 81 5B 16 F8 17 98 48
3A DA 77 26 A3 C4 65 5D A4 FB FC 0E 11 08 A8 FD
17 B4 48 A6 85 54 19 9C 47 D0 8F FB 10 D4 B8 02
21 00 FF FF FF FF FF FF FF FF FF FF FF FF FF FF
FF FE BA AE DC E6 AF 48 A0 3B BF D2 5E 8C D0 36
41 41 02 01 01
These values are extracted directly private key with openssl and I belieive are ASN.1 encoded.
What values should I put in CKA_EC_POINT and CKA_EC_PARAMS when creating ECDSA public key on HSM? If I put these values directly to attribute is not working (I cannot f.e. validate signature).
You should decode ASN.1 first. Then you will know that
03 42 00 04 : header
C9 A3 ~ 47 C1 : 32 byte => X coordinate
3D FA ~ 14 B5 : 32 byte => Y coordinate
Public Key(X, Y)
79 BE ~ 17 98 : 32 byte => r
48 3A ~ D4 B8 : 32 byte => s
Signature (r, s)