Hello, I've modified the example and now I'm able to use the primitive functions of OpenSSL for hashing a message (of 146 bytes) using the SHA-1 function and then signing the corrisponding digest (160 bits) using ECDSA with 160 bits key (secp160k1).
I've also benchmarked the ECDSA_do_sign and the ECSA_do_verify functions. With a Intel Pentium M processor 1500MHz, I can "hash and sign" (with the above configuration) in 2.6 [ms] and I'm able to verify it in 0.02 [ms]. BUT...Is it possible that the verify function is so fast? Another question: is around 48 bytes the overload in a hypothetical sent-frame on a network? Mounir IDRASSI wrote: > > Hi, > > In order to be able to sign a digest with ECDSA, the bit length of the > digest value must be lesser than or equal to the bit size of field used > in the elliptic curve. > So, if you want to sign an SHA-256 digest, you must use an elliptic > curve defined over a field with a bit size greater than 256. > > The sample code you modified is using the |wap-wsg-idm-ecid-wtls8 curve > which is defined over a 112 bits prime field. Thus, it is normal that > ECDSA_do_sign fail because the input size (256 bit) is greater than 112. > You have two possible solutions here: either use another curve with a > bigger field (like ||secp256k1 or ||secp384r1) or truncate the digest > value to be lesser than or equal to 14 bytes (equivalent to 112 bits) > > Cheers, > -- > Mounir IDRASSI > IDRIX > http://www.idrix.fr > | > > Kirk81 wrote: >> Actually I'm looking for the EVP interface and I found out that 'The EVP >> interface should almost always be used in preference to the low level >> interfaces. This is because the code then becomes transparent to the >> algorithm used and much more flexible'. It might be true but... >> >> ...I would like to know, how can I use the low level functions for the >> example that I posted?! What am I missing? Anyone can help me? >> >> >> >> Dr. Stephen Henson wrote: >> >>> On Fri, Oct 09, 2009, Kirk81 wrote: >>> >>> >>>> Hello, >>>> >>>> I found your example of ECDSA_do_sign/verify very uselful. >>>> >>>> Now I'm trying to modify the code and I would like to use an SHA-256's >>>> message digest in your sign function. Something like: >>>> >>>> unsigned char obuf[32]; >>>> >>>> SHA-256(data, len, obuf); >>>> >>>> // now, in obuf there's the message digest (calculated using the >>>> SHA-256 >>>> function). >>>> >>>> but I have an error in the ECDSA_do_sign function when I pass the >>>> message >>>> digest in this way: >>>> sig = ECDSA_do_sign(obuf, 32, pkey); >>>> >>>> what's wrong? >>>> >>>> Problably I'm missing the conversion between data types: I mean, >>>> something >>>> used to convert the output of the SHA to an integer. In this case: >>>> which >>>> function should I use and how? >>>> >>>> >>> I'd suggest you try OpenSSL 1.0.0 and the EVP interface instead. >>> >>> Steve. >>> -- >>> Dr Stephen N. Henson. OpenSSL project core developer. >>> Commercial tech support now available see: http://www.openssl.org >>> ______________________________________________________________________ >>> OpenSSL Project http://www.openssl.org >>> Development Mailing List openssl-dev@openssl.org >>> Automated List Manager majord...@openssl.org >>> >>> >>> >> >> > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org > > -- View this message in context: http://www.nabble.com/Bug-in-ECDSA_do_sign--tp1071562p25978712.html Sent from the OpenSSL - Dev mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
