ECDSA Signature

Fri, 18 Dec 2009 03:41:43 -0800 

Hi everybody!

I have a question about ECDSA signature. What's the different between
signing and verifying in this way:

//Signing
ECDSA<ECP, SHA1>::PrivateKey privateKey;
privateKey.Load(...);

AutoSeededRandomPool prng;
string message = "Yoda said, Do or do not. There is no try.";
string signature;

StringSource( message, true /*pump all*/,
    new SignerFilter( prng,
        ECDSA<ECP,SHA1>::Signer( privateKey ),
        new StringSink( signature )
    ) // SignerFilter
); // StringSource

//Verifying
ECDSA<ECP, SHA1>::PublicKey publicKey;
publicKey.Load(...);

// Result of the verification process
bool result = false;

// Exactly what was signed in the previous step
string message = ...;
// Output from the signing operation in the previous step
string signature = ...;

StringSource( signature+message, true /*pump all*/,
    new SignatureVerificationFilter(
        ECDSA<ECP,SHA1>::Verifier(publicKey),
        new ArraySink( (byte*)&result, sizeof(result) )
    ) // SignatureVerificationFilter
);

// Verification failure?
if( !result ) {...}

And in this way:

//Signing...
ECDSA<ECP, SHA1>::PrivateKey privateKey;
privateKey.Load(...);

// Message
string message = "Yoda said, Do or Do Not. There is no try.";

// Signer object
ECDSA<ECP, SHA1>::Signer signer( privateKey );

// Create signature space
size_t length = signer.MaxSignatureLength();
SecByteBlock signature( length );

AutoSeededRandomPool rng;

// Sign message
signer.SignMessage( rng, (const byte*) message.c_str(),
    message.length(), signature );

//Verifying...
ECDSA<ECP, SHA1>::PublicKey publicKey;
publicKey.Load(...);

// Verifier object
ECDSA<ECP, SHA1>::Verifier verifier( publicKey );

// Verify
bool result = verifier.VerifyMessage( (const byte*)message.c_str(),
    message.length(), signature, signature.size() );

// Result
if( true == result ) {
    cout << "Signature on message verified" << endl;
} else {
    cout << "Message verification failed" << endl;
}


Thanks.

-- 
You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at 
http://www.cryptopp.com.

Reply via email to