Hi,
Objective in one-line:
=================
Verify a signature, given an ECDSA public key in X509 format.
Details:
======
I read an X509 cert stored on disk. The following are some of its contents:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
...
ASN1 OID: prime256v1
Signature Algorithm: ecdsa-with-SHA1
...
Now, I get some data that is signed by the private key corresponding to the
above public key/cert and I need to verify it.
Here're some pieces of my code:
...
EVP_PKEY *pub_key = X509_get_pubkey(cert); //this is OK
...
EVP_VerifyFinal(&c, signature, signature_len, pub_key); //this fails; Why
does it fail?
The following are the errors from the above VerifyFinal:
140310811899840:error:0D07207B:asn1 encoding
routines:ASN1_get_object:header too long:asn1_lib.c:150:
140310811899840:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad
object header:tasn_dec.c:1306:
140310811899840:error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=ECDSA_SIG
So, after reading this page (
http://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography), I realized
I need to extract the EC_POINT out of the above public key.
But, I'm not sure how to do it. Assuming that that's the right approach, I
want to do the following:
EC_POINT *pub;
if(1 != EC_KEY_set_public_key(key, pub)) handleErrors();
Can you help how I can retrieve the EC_POINT out of the public key? If this
is not the correct approach at all, could you point what I need to do?
Thanks a lot in advance!
