Hello.
Suppose A signs a message m and sends m and the signature mA to B. B
then signs the same message m and sends his signature mB to A. Clearly A
could use the same digest for verifying mB's signature as she used for
creating her own. Doing two digests is unnecessary, and inefficient if
the messages are large.
EVP_SignInit(&md_ctx_sig, EVP_sha1());
## EVP_VerifyInit(&md_ctx_veri, EVP_sha1());
�
loop {
EVP_SignUpdate(&md_ctx_sig, buf, len);
## EVP_VerifyUpdate(&md_ctx_veri, buf, len);
}
EVP_SignFinal(&md_ctx_sig, buf, &len, skey)
get signature from B.
EVP_VerifyFinal(&md_ctx_veri, buf, acklen, pkey)
Does anybody know of an issue prohibiting removal of the lines marked ##
and using only one digest buffer in the pseudocode above?
/Douglas
--
------------------------------------------------------
Douglas Wikström <[EMAIL PROTECTED]>
------------------------------------------------------
Yes, God created Man before Woman,
but one always makes a draft before the masterpiece.
------------------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
