@@ -625,14 +625,21 @@ <h2>Terminology</h2>
625625 and then considering each consecutive sequence of 8 bits in that string as a byte.
626626 </p>
627627 <p>
628- When this specification says to <dfn id="dfn-convert-integer-to-byte-sequence">convert a non-negative
628+ To <dfn id="dfn-convert-integer-to-byte-sequence">convert a non-negative
629629 integer |i| to a byte sequence of length |n|</dfn>, where |n| * 8
630- is greater than the logarithm to base 2 of |i|, the user agent must
631- first calculate the binary representation of |i|, most significant bit first,
630+ is greater than the logarithm to base 2 of |i|,
631+ calculate the binary representation of |i|, most significant bit first,
632632 prefix this with sufficient zero bits to form a bit sequence of length |n| * 8, and
633633 then return the [= byte sequence =] formed by considering each consecutive
634634 sequence of 8 bits in that bit sequence as a byte.
635635 </p>
636+ <p>
637+ To <dfn id="dfn-convert-byte-sequence-to-integer">convert a byte sequence
638+ to a non-negative integer</dfn>,
639+ interpret the byte sequence as a big-endian non-negative integer
640+ (most significant bit first),
641+ and return that integer.
642+ </p>
636643 <p>
637644 Comparing two strings in a <dfn id="case-sensitive">case-sensitive</dfn>
638645 manner means comparing them exactly, code point for code point.
@@ -7135,7 +7142,7 @@ <h5>Sign</h5>
71357142 <li>
71367143 <p>
71377144 Perform the ECDSA signing process, as specified in [[RFC6090]],
7138- Section 5.4, with |M| as the message, using |params| as the
7145+ Section 5.4.2 , with |M| as the message, using |params| as the
71397146 EC domain parameters, and with |d| as the private key.
71407147 </p>
71417148 </li>
@@ -7235,12 +7242,41 @@ <h5>Verify</h5>
72357242 |key| is "`P-256`", "`P-384`" or "`P-521`":
72367243 </dt>
72377244 <dd>
7238- <p>
7239- Perform the ECDSA verifying process, as specified in [[RFC6090]], Section 5.3, with |M| as the received
7240- message, |signature| as the received signature and using
7241- |params| as the EC domain parameters, and
7242- |Q| as the public key.
7243- </p>
7245+ <ol>
7246+ <li>
7247+ <p>
7248+ Let |n| be the smallest integer such that |n| * 8 is greater than
7249+ the logarithm to base 2 of the order of the base point of the elliptic curve identified
7250+ by |params|.
7251+ </p>
7252+ </li>
7253+ <li>
7254+ <p>
7255+ If |signature| does not have a [= byte sequence/length =] of |n| * 2 bytes,
7256+ then return false.
7257+ </p>
7258+ </li>
7259+ <li>
7260+ <p>
7261+ Let |r| be the result of
7262+ <a href="#dfn-convert-byte-sequence-to-integer">converting the first |n| bytes of |signature| to an integer</a>.
7263+ </p>
7264+ </li>
7265+ <li>
7266+ <p>
7267+ Let |s| be the result of
7268+ <a href="#dfn-convert-byte-sequence-to-integer">converting the last |n| bytes of |signature| to an integer</a>.
7269+ </p>
7270+ </li>
7271+ <li>
7272+ <p>
7273+ Perform the ECDSA verifying process, as specified in [[RFC6090]], Section 5.4.3, with |M| as the received
7274+ message, (|r|, |s|) as the signature and using
7275+ |params| as the EC domain parameters, and
7276+ |Q| as the public key.
7277+ </p>
7278+ </li>
7279+ </ol>
72447280 </dd>
72457281 <dt>
72467282 Otherwise, the {{EcKeyAlgorithm/namedCurve}} attribute
0 commit comments