Re: ECDSA - Signature verify
From: owner-openssl-us...@openssl.org On Behalf Of Anant Rao Sent: Wednesday, June 11, 2014 09:45 The signature is generated by a client program (also a 'c' program). What is the format of a signature? How do I find out? The format for an ECDSA or DSA signature is an ASN.1 SEQUENCE of two INTEGERs. I'm practice I've always seen DER, but I don't know if that's required; the two reasons that commonly require DER (hashed and byte-compared) don't apply. Just to confirm - whether it's ECDSA or RSA, for verification, we just get the EVP_PKEY data structure filled with the public key correctly and call in a sequence ending up with a call to EVP_VerifyFinal. Is that correct? Either the old way with EVP_Verify{Init,Update,Final} and the key on the Final, or the new way with EVP_DigestVerify{Init,Update,Final} and the key on the Init. But either way independent of the keytype = PKalgorithm. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: ECDSA - Signature verify
Hi Matt, Thanks very much! I'm glad I'm on the right track in regards to EVP vs EC. The signature is generated by a client program (also a 'c' program). What is the format of a signature? How do I find out? Just to confirm - whether it's ECDSA or RSA, for verification, we just get the EVP_PKEY data structure filled with the public key correctly and call in a sequence ending up with a call to EVP_VerifyFinal. Is that correct? Thanks again! Anant On Tue, Jun 10, 2014 at 3:51 PM, Matt Caswell m...@openssl.org wrote: On 10 June 2014 15:24, Anant Rao a...@noknok.com wrote: Hi, Objective in one-line: = Verify a signature, given an ECDSA public key in X509 format. Details: == I read an X509 cert stored on disk. The following are some of its contents: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) ... ASN1 OID: prime256v1 Signature Algorithm: ecdsa-with-SHA1 ... Now, I get some data that is signed by the private key corresponding to the above public key/cert and I need to verify it. Here're some pieces of my code: ... EVP_PKEY *pub_key = X509_get_pubkey(cert); //this is OK ... EVP_VerifyFinal(c, signature, signature_len, pub_key); //this fails; Why does it fail? The following are the errors from the above VerifyFinal: 140310811899840:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150: 140310811899840:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1306: 140310811899840:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=ECDSA_SIG Looks to me like the signature you are passing it is in the wrong format. Where did you get it from? So, after reading this page (http://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography), I realized I need to extract the EC_POINT out of the above public key. No. There is no need to do this. You only need to worry about the low level EC stuff if you are not using the EVP interface - which you are. Matt __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- *Anant* *Rao* Server Lead D / a...@noknok.com *Nok Nok Labs Inc.* 4151 Middlefield Road, Suite 200 Palo Alto, CA 94303 T +1 650 433 1300 i...@noknok.com *www.noknok.com* http://www.noknok.com http://www.linkedin.com/company/nok-nok-labs http://www.twitter.com/noknoklabs https://plus.google.com/108217184383559859585 http://www.facebook.com/NokNokLabs
Re: ECDSA - Signature verify
remember doing something along the lines of : ecPublicKey = X509_get_pubkey(readCertificate); EC_KEY *ecKey; ecKey = EVP_PKEY_get1_EC_KEY(ecPublicKey); EC_KEY_set_asn1_flag(ecKey, Put in the curve name); ecGroup = EC_GROUP_new_by_curve_name(Put in the curve name); EC_KEY_set_group(ecKey, ecGroup); int status = ECDSA_verify(ecPublicKey-type, digest, SHA256_DIGEST_LENGTH, signatureBytes, Signaturelength, ecKey); if(status==1) //signature is valid I will let someone with more experience comment on whether it is right or wrong. On Tue, Jun 10, 2014 at 7:24 AM, Anant Rao a...@noknok.com wrote: Hi, Objective in one-line: = Verify a signature, given an ECDSA public key in X509 format. Details: == I read an X509 cert stored on disk. The following are some of its contents: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) ... ASN1 OID: prime256v1 Signature Algorithm: ecdsa-with-SHA1 ... Now, I get some data that is signed by the private key corresponding to the above public key/cert and I need to verify it. Here're some pieces of my code: ... EVP_PKEY *pub_key = X509_get_pubkey(cert); //this is OK ... EVP_VerifyFinal(c, signature, signature_len, pub_key); //this fails; Why does it fail? The following are the errors from the above VerifyFinal: 140310811899840:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150: 140310811899840:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1306: 140310811899840:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=ECDSA_SIG So, after reading this page ( http://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography), I realized I need to extract the EC_POINT out of the above public key. But, I'm not sure how to do it. Assuming that that's the right approach, I want to do the following: EC_POINT *pub; if(1 != EC_KEY_set_public_key(key, pub)) handleErrors(); Can you help how I can retrieve the EC_POINT out of the public key? If this is not the correct approach at all, could you point what I need to do? Thanks a lot in advance! -- Swair Mehta
Re: ECDSA - Signature verify
On 10 June 2014 15:24, Anant Rao a...@noknok.com wrote: Hi, Objective in one-line: = Verify a signature, given an ECDSA public key in X509 format. Details: == I read an X509 cert stored on disk. The following are some of its contents: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) ... ASN1 OID: prime256v1 Signature Algorithm: ecdsa-with-SHA1 ... Now, I get some data that is signed by the private key corresponding to the above public key/cert and I need to verify it. Here're some pieces of my code: ... EVP_PKEY *pub_key = X509_get_pubkey(cert); //this is OK ... EVP_VerifyFinal(c, signature, signature_len, pub_key); //this fails; Why does it fail? The following are the errors from the above VerifyFinal: 140310811899840:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150: 140310811899840:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1306: 140310811899840:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=ECDSA_SIG Looks to me like the signature you are passing it is in the wrong format. Where did you get it from? So, after reading this page (http://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography), I realized I need to extract the EC_POINT out of the above public key. No. There is no need to do this. You only need to worry about the low level EC stuff if you are not using the EVP interface - which you are. Matt __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org