How to sign a message with ecdsa-with-SHA1 from my source code

Fri, 17 Jul 2009 05:31:36 -0700 

Hi guys i want to sign a message (an array of char) out of my source code.
The problem is that i do not know exactly how to sign this message.
There are two possibilites (ECDSA_do_sign or the EVP_DigestSignFinal(...)
functions). which do i have to use? where is the differnce? So i tried to
work through the dgst.c in apps to get the same result as: openssl dgst
-ecdsa-with-SHA1 - sign ec_key.pem -out test_ec_console.bin test.txt. But
mine does not work.
So my code is looking like that:


 const EVP_MD *md=NULL;
 unsigned char *buf;
 EVP_MD_CTX *md_ctx;
 EVP_PKEY *pkey;
 BIO *in=NULL,*inp;
 BIO *out=NULL,*bmd=NULL;
 BIO *outscreen;
 BIO *keyfile;
 EC_KEY *b;
 const char message[] = "this is an exaple text";
    char *infile= "ec_key.pem";
    int len;
    int i=0;
 PW_CB_DATA cb_data;
 cb_data.password = NULL;
 cb_data.prompt_info = NULL;

  if ((buf=(unsigned char *)OPENSSL_malloc(BUFSIZE)) == NULL)
   {
   BIO_printf(outscreen,"out of memory\n");
   }

    if (!(md = EVP_get_digestbyname("ecdsa-with-SHA1"))){
     printf("error unknown digest\n");
    }
    outscreen = BIO_new(BIO_s_file());
    keyfile = BIO_new(BIO_s_file());
    BIO_set_fp(outscreen, stdout, BIO_NOCLOSE);
    in=BIO_new(BIO_s_file());
    bmd = BIO_new(BIO_f_md());

    OpenSSL_add_all_digests();
    out = BIO_new_file("test_ec_program.bin", "wb");
 if (BIO_read_filename(keyfile,infile) <= 0)
 {
  perror(infile);
 }
 /* read EVP_PKEY */
    if(!(pkey = PEM_read_bio_PUBKEY(keyfile,NULL,(pem_password_cb
*)password_callback,&cb_data)))
     printf("error\n");
    if (!BIO_set_md(bmd,md)){
     printf("error setting diggest\n");
    }

    inp=BIO_push(bmd,in);
 if (BIO_read_filename(in,infile) <= 0)
 {
  perror(infile);
 }

 for(;;){
  i = BIO_read(inp,(char *)buf,BUFSIZE);
  if(i < 0)
   printf("error during reading");
  if (i == 0)
   break;
 }

 BIO_write(outscreen,pkey,sizeof(pkey));
 BIO_get_md_ctx(inp, &md_ctx);
//    EVP_SignInit(md_ctx, EVP_ecdsa());
//    EVP_SignUpdate(md_ctx, (const void*)message, strlen(message));
    /* sign the message */
    if (!(EVP_SignFinal(md_ctx,buf ,(unsigned int *)&len, pkey))){
     printf("error during signing\n");
    }
 BIO_write(outscreen,buf,len);

 I think the problem is to read the key as EVP_PKEY, there are some problems
(as EC_KEY there are no problems). The files are created with:
openssl ecparam -out ec_key.pem -name prime256v1 -genkey
openssl ec -in ec_key.pem -pubout -out oubkey.pem

the output is:
~~☺  error during signing

thx for ur help

Reply via email to