Hi list.
I'm currently implementing a signing routine and for that I'm using the high-level API EVP according to this page. I'm using openssl 1.0.2m.
I need to sign with hashing SHA256 and prime256v1, with the former retrieved via "EVP_get_digestbyname". The private key is stored in a PEM file and loaded via "PEM_read_bio_PrivateKey". It is correctly loaded and correctly recognized to be of type EC (408).
So far so good, I am able to sign the payload and verify it. Hence, the procedure is correctly carried out. HOWEVER, once the signed payload is sent to the server, it is rejected. I believe the issue is with "prime256v1" because, as far as I can tell, that is not the default curve for EC signing.
Looking into the documentation I tried to set the correct curve like this (smart pointers used, error handling ignored for the sake of brevity):
EVP_PKEY_CTX * pctx;
EVP_DigestSignInit(mdctx.get(), &pctx, digestFunction, NULL, key.get()))
EVP_PKEY_paramgen_init(pctx);EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_X9_62_prime256v1);// usual steps...
But that leads to errors in "EVP_DigestSignFinal" and the inability to sign the payload. Probably this is not the correct way to set the curve.
So, what's the correct way to sign a payload with SHA256 and prime256v1? Is EVP api the correct one?
Thanks in advance for the help.
F.
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
