|
Hi, I am writing a program to do pairwise consistency checks using EVP API’s for RSA and ECDSA keys. The private and public keys are obtained from a PKCS12 file. I’ve based my program on the sample code provided at – https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying Version of openssl used is OpenSSL 1.0.2n/FIPS v2.0.16 The code works well for RSA based keys. However, with ECDSA the EVP_VerifyDigestFinal Function always return 0. The Man page seem to indicate a return value of 0 doesn’t Indicate of any serious error, but says verification is a failure. The questions are – 1.
Why does EVP_DigestVerifyFinal fail for ECDSA keys ? Is it a known problem ? 2.
If I need to use ECDSA_sign and ECDSA_verify call, I need to convert the EVP_PKEY Structure to EC_KEY. I do find a supporting API – EVP_PKEY_set1_EC_KEY. However, This seems true for Only private keys. Is there any function that would accept EVP_PKEYs (private/public) and generate a single EC_KEY structure so that
ECDSA_sign/ECDSA_verify can be used ? Thanks Kumar |
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
