> From: owner-openssl-us...@openssl.org On Behalf Of redpath
> Sent: Friday, 01 February, 2013 14:55
> I am using ECDSA to create and verify a signature for a document.
> I apparently cannot use the ecdsa.PEM directory and so here
> is my question.
>
Nit: ecdsa.pem is a file, containing (parameters and) a key,
not a directory.
> Below I have abstraction code for my question. The keys
> created are with the
> openssl
> commands shown below.
>
> openssl ecparam -out *ecdsa.pem *-name secp224r1 -genkey
> openssl req -newkey ec:ecdsa.pem -x509 -nodes -days 731 -keyout
> *ecdsapriv.pem* -out *ecdsapublic.x509*
>
>
> The artifacts generated by these commands are
> * ecdsa.pem
> ecdsapriv.pem
> ecdsapublic.x509*
>
>
>
> I then create an ECDSA using the ecdsapriv.pem
>
> m= getdata("*mydocument*",&len); //orignal document
> result=sha256((char *)m,len);
>
> fp =fopen("*ecdsapriv.pem*", "rb"); */*marked*/*
> pevpkey= PEM_read_PrivateKey(fp, &pevpkey, NULL, NULL);
>
> peckey= EVP_PKEY_get1_EC_KEY(pevpkey);
> EC_KEY_set_group(peckey,EC_GROUP_new_by_curve_name(
> NID_secp224r1) );
>
This isn't needed, an ECC key read from a PEM file already has
the correct group. In fact if the key in the file is for a
different (wrong?) group this will screw it up totally.
> unsigned int siglen = ECDSA_size(peckey);
> printf("Max signature length is %d \n",siglen);
> siglen = ECDSA_size(peckey);
> unsigned char *ptr = OPENSSL_malloc(siglen);
> unsigned char *save= ptr;
> ECDSA_SIG *sig;
> ret= ECDSA_sign(0 ,result, SHA256_DIGEST_LENGTH, ptr,
> &siglen, peckey);
>
You don't need to set siglen twice, you don't need two pointers
here, and you don't use sig at all. In real code you should
check (at least) file opens and mallocs for null before using
them, but for posting I'll ignore that.
>
> outfp = fopen("*mysignatureEC*","wb");
> fwrite(save, 1, siglen, outfp);
> fclose(fp);
>
> **************then I verify it reading the X509* <snip>
> AND ALL WORKS WELL but *why can't I use the *ecdsa.pem*
> directly instead I had to use the ecdsapriv.pem?
>
Your ecparam command generated a key(pair) in ecdsa.pem.
Your req -newkey -x509 command generated a *different* key(pair)
in ecdsapriv.pem and a cert for *that* key in ecdsapublic.x509.
The cert matches the key in ecdsapriv.pem and can verify signatures
using that key. The cert does not match the key in ecdsa.pem which
is a different key and cannot verify signatures using that key.
> You would think the name of this function PEM_read_PrivateKey(**)
> means it reads a PEM that might have the public and private
> key and gets the private but apparently not?
>
Yes it does read the privatekey representation, which for OpenSSL
always includes the publickey value(s), from the file you specify.
(For DSA and ECC/ECDSA the standard privatekey structure includes
the public value. For RSA a naive privatekey does not include the
public exponent, but OpenSSL uses the CRT form which does.)
If you have two files containing different keys, reading those
files gives you different keys.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
