On 6 Oct 2014, at 2:11 PM, Grahame Grieve wrote: > I can't find any documentation as the exact format of sig produced by > EVP_SignFinal when using a DSA key. It's 71 bytes, but 71 bytes of > what?
Just guessing here, but there are two formats I've seen for (EC)DSA signatures. One of them is an ASN1 DER-encoded SEQUENCE of two INTEGERs, 'r' and 's' --- the X.509 Dss-Sig-Value structure. The other format is just to pad r and s to constant widths and concatenate them without any further headers. The first format is more common in my experience, and 71 bytes is a reasonable length (32 or 33 bytes for each integer's digits including sign bit, 2 bytes for the DER header on each, and 2 more bytes for the SEQUENCE = 71 bytes). Signatures in the second format will always have an even length; signatures in the first format will vary by a few bytes depending on the values of r and s. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
