On 2007.05.16 at 12:35:37 -0700, [EMAIL PROTECTED] wrote: > I'm running OpenSSL 0.9.8e. If I set up an ECDSA verify with > EC_KEY_new_by_curve_name(NID_X9_62_prime256v1) and call ECDSA_do_verify > with dgst (first arg) an array of all zeros and dgst=1 (second arg), the > call fails with error 16.
As far as I understand, El Gamal signature scheme is not supposed to work when digest is all zeros. GOST signature algorithms (which are simular to DSA/ECDSA) treat this as special case, and GOST R 34.10 specify that if digest (interpreted as BIGNUM) is zero, it should be explicitely set to one. I always wondered why DSA doesn't have such fallback. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
