Function p256_cortex_m4_sys::p256_sign_step1

pub unsafe extern "C" fn p256_sign_step1(
    result: *mut SignPrecomp, 
    k: *const u32
) -> bool

Creates an ECDSA signature, using a two-step procedure.

This function performs the first of two steps, and accounts for 99% of the time spent for generating an ECDSA signature.

By splitting up into two steps, most of the work could be spent before deciding what message to sign, or which private key to use.

The parameter “k” shall consist of a 256-bit random integer value. This random value MUST be generated from a cryptographically secure random number generator, and MUST be unique for every pair of message hash and private key.

With a small probability (~ 2^-32), this function will fail and return false for the given “k” and this function MUST in that case be called again with a new random “k”, until true is returned. This is in line with the ECDSA standard.

As an alternative to using a random “k”, “k” might be derived deterministically from the input, using a sophisticated hash construction such as RFC 6979, or e.g. by hashing the private key, message hash and a retry counter, using a secure hash function such as SHA-256.

The “result” parameter will contain the computed state, that is later to be passed to p256_sign_step2. A result state MUST NOT be reused for generating multiple signatures.