Hi all:
I am trying to sign files with my own program and have followed almost the same steps as the pkeyutl application included in the OpenSSL distribution. When I try to sign 'large' files, the pkeyutl tool is not able to sign it producing a zero size output signature. I have debugged the application and it comes that the input buffer is never hashed. Thus, the ecda_do_sign function in ecs_ossl.c always returns ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); when the input buffer is longer than the expected digest size. I don't know if it's already being solved but I thought about changing the way pkeyutl signs to: EVP_SignInit EVP_SignUpdate EVP_SignFinal scheme instead of the existing EVP_PKEY_sign call. Best regards, Daniel
