On 17/10/2022 09:34, Fernando Elena Benavente wrote:
Hi guys, we are having problems with the implementation of the signature
and verification of messages with ECDSA, because the demo of ECDSA in
github us does not allow us to determine the type of ECDSA curve,
I assume you are looking at this demo:
https://github.com/openssl/openssl/blob/master/demos/signature/EVP_Signature_demo.c
The curve in use is a property of the key. So if you want to use a
different curve then you need to generate a key for use with that
different curve, e.g. for a key using the P-256 curve you can generate a
PEM format one from the command line like this:
$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -out
privkey.pem
Or a DER format one like this:
$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256 -out
privkey.der -outform DER
To do this in C code you can just use the simple one liner:
EVP_PKEY *pkey = EVP_EC_gen("P-256");
Also see this demo code if your keygen requirements are more complex
than just simply specifying the curvename:
https://github.com/openssl/openssl/blob/master/demos/pkey/EVP_PKEY_EC_keygen.c
In
addition, we have seen that we have problems when it comes to having
strings and EVP_PKEY and not being able to pass one to another and vice
versa.
Your question here is lacking detail. It's unclear what you are trying
to do, what you expected to happen and what actually happens.
We are also not able to print EVP_PKEY keys because the BIO
functions in our version (3.0) are deprecated.
See the functions here:
https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_print_public.html
Matt
If you know the functions
to make this signature and verification from strings or even another
ECDSA example, would be great help for us.
Thanks for your help.
-Fernando
