That's the whole point of private key encryption. You don't NEED to know the private key. What you do is write out the data (abcde1234). Then hash it (SHA-256), and encrypt the *HASH* with the private key. The recipient reads the data and encrypted hash. He then decrypts the hash with the public key, compares it to the hash of the data. If the two hashes match, the data is authentic. From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx] On Behalf Of ???? Sent: Friday, September 25, 2015 3:52 AM To: openssl-users Subject: How can i verify a signature without knowing the private key? not by openssl command but openssl function. Hi guys i want to write two programd to learn the details of ecdsa signature. program A read the private key from private.pem, sign a string, like "abcde1234", save the signature as sig.pem. program B read the public key from pub.pem, read the sig.pem, and verify the signature. can anybody provide me a example code? my implementation is as follow: 1, generate the ecc keys by "openssl ecparam -genkey -name secp256r1 -out private.pem" and extract the public key by "openssl ec -in private.pem -out public.pem -pubout" 2, read the private key by "PEM_read_PrivateKey()", and sign with "ECDSA_do_sign", there is no problem. program A works well. 3, the problem is how to read the public key from public.pem ? i find PEM_read_bio_PUBKEY from app/apps.c, but i can't find the source code. how can i verify the signature without knowing the private key? -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150925/c2495f21/attachment.html>
