> From: [email protected] On Behalf Of jeetendra gangele > Sent: Monday, 17 December, 2012 01:58
> Its generating 64 bytes when I print with ECDSA_size(eckey) > But i neeed 56 bytes signature. [for secp224r1] > ECDSA_size is the *maximum* length of the encoded signature, see the man page. An actual encoded signature may be less, see my earlier reply; you are supposed to use ECDSA_size to allocate the buffer, but the length stored by ECDSA_sign or similar for actual length. But the ASN.1 encoding from ECDSA_sign, or i2d_ECDSA_SIG, is (a little) more than just the two numbers r and s. If you want an encoding that only has the two numbers either: 1. get the ASN.1 encoding, pick out the numbers (in ASN.1 signed but positive bigendian form), and do your other encoding 2. use ECDSA_do_sign or similar to get the ECDSA_SIG structure, and do your own encoding from that (by encoding the two bignums) Referring to my previous reply, if you use the more convenient high-level EVP_ interface you may need approach 1; I don't see option to change the encoding used there (but I may have missed). ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
