Yes, it's correct. Now I try to feed the ECDSA_do_sign with the output buffer of SHA256. Based on my security knowledge, I thought that the signing algorithms perform hashing internally, while in this case it is not true.
Thanks for the response. ________________________________ From: Erwann Abalea <erwann.aba...@keynectis.com> To: openssl-users@openssl.org Cc: Mohammad Khodaei <m_khod...@yahoo.com> Sent: Monday, August 6, 2012 2:14 PM Subject: Re: [openssl-users] ECDSA sign/verify input data size Bonjour, Which part of the examples did you mimic? 32 bytes is the length of a SHA256, it's also the max message length of a 256bits ECDSA key. Whence, I assume you're doing straight ECDSA_do_sign() without hashing and padding the message. -- Erwann ABALEA ----- paléogallicisme: style "vieille France" Le 06/08/2012 13:11, Mohammad Khodaei a écrit : > Hello, > > I have used ECDSA APIs to sign and verify some data. The sample example I > have used to do so is like this: > > http://old.nabble.com/Bug-in-ECDSA_do_sign--td1071562.html > > Now, the problem is that it seems there is some kind of limitations on the > input data size. Whenever I want to verify the signature on a string, it > calculates the signature verification only on the first 32 characters and it > skips the rest of the string. It is a bit strange for me since I feed the > function with correct length. > > Any idea where is my mistakes? > > Thanks a lot ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
