creating ecdsa signature of given sha-256 hash value using named curve prime256v1 (aka p-256).
second step: compute ecdsa signature of sha-256 hash value using ecdsa_do_sign():
sig = ecdsa_do_sign(digest, 32, eckey); if (sig == null) { /* error */ } or using ecdsa_sign():
unsigned char *buffer, *pp; int buf_len; buf_len = ecdsa_size(eckey); buffer = openssl_malloc(buf_len); pp = buffer; if (ecdsa_sign(0, dgst, dgstlen, pp, &buf_len, eckey) == 0) { /* error */ } third step: verify created ecdsa signature using ecdsa_do_verify():
ret = ecdsa_do_verify(digest, 32, sig, eckey); or using ecdsa_verify():
ret = ecdsa_verify(0, digest, 32, buffer, buf_len, eckey); and evaluate return value:
if (ret == 1) { /* signature ok */ } else if (ret == 0) { /* incorrect signature */ } else { /* error */ } eof
this brings me understanding need verify every signature create ecdsa_do_sign or ecdsa_sign, i? can happen created signature not valid?
from nist pub 186-4 - digital signature standard section 4.7:
signature verification may performed party (i.e., signatory, intended recipient or other party) using signatory’s public key. signatory may wish verify computed signature correct, perhaps before sending signed message intended recipient. intended recipient (or other party) verifies signature determine authenticity.
(where signatory signature creator)
Comments
Post a Comment