Hello!
I have a C++ programme, ECDSA key pair and some string to sign. The
programme generates signature and saves it into a file (signature.bin).
Then I check the validity of the signature via the following command:
openssl dgst -verify ec_public.pem -signature signature.bin ToSign.txt
the problem is that *my programme sometimes generates wrong signature*. 16
times out of 21 the signature produced is invalid and the above command
outputs:
Error Verifying Data
while in the remaining 5 occurrences it outputs:
Verified OK
Do you have any ideas of how it can be possible? What am I doing wrong?
Here is the programme:
SSL_library_init();
OPENSSL_config(nullptr);
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
ERR_load_BIO_strings();
CRYPTO_set_id_callback(ThreadIdFunction);
CRYPTO_set_locking_callback(LockingFunction);
const TString pk = "-----BEGIN EC PRIVATE KEY-----\n"
"MHcCAQEEIG90zmo1o3NWNFa8wp2z4rdQXGSN8xAP/OATLpwlgi+1oAoGCCqGSM49\n"
"AwEHoUQDQgAE5TwpzBhjUWZoOf629GfwGG5WlRJD7TSuz+ZTHUaiK5mj2qgxBOPk\n"
"eqOrTYXsiPwnaWe23zHjIM8NOhAm1BiGgA==\n"
"-----END EC PRIVATE KEY-----\n";
const TString ToSign =
"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJhc2RmIn0";
EVP_MD_CTX *Ctx = EVP_MD_CTX_create();
BIO * Bio = BIO_new_mem_buf(pk.data(), pk.size());
EVP_PKEY * EVPKey = PEM_read_bio_PrivateKey(Bio, nullptr, nullptr,
nullptr);
EVP_DigestSignInit(Ctx, nullptr, EVP_sha256(), nullptr, EVPKey);
EVP_DigestSignUpdate(Ctx, ToSign.data(), ToSign.size());
size_t SignatureLength;
EVP_DigestSignFinal(Ctx, nullptr, &SignatureLength);
TString Result;
Result.resize(SignatureLength);
EVP_DigestSignFinal(Ctx, reinterpret_cast<unsigned char *>(const_cast<char
*>(Result.data())), &SignatureLength);
// Saving to file...
Thank you in advance
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
