Thanks Nicola for the updates. But I need to verify signature with hashed data or digest not with original message. Is there any openssl API to implement that?
On Tue 28 Aug, 2018, 5:18 PM Nicola, <nic....@gmail.com> wrote: > Hi! > > I would suggest using the newer `EVP_DigestSign` interface. > > You could find more documentation about it here: > https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying > > Here is the relevant manpage: > https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestVerifyInit.html > > Best regards, > > Nicola Tuveri > > On Tue, Aug 28, 2018, 14:09 Linta Maria <lintamaria...@gmail.com> wrote: > >> >> >> Hi All, >> >> >> >> >> >> I have started using open ssl recently for implementing some >> cryptographic operation. >> >> Now I want to implement signature verification by taking Signature and >> hashed data as input, but I am not able to get the proper API. >> >> I have used below code, but it’s not working. Please help me to get the >> correct API. >> >> >> >> >> >> #include <openssl/evp.h> >> >> #include <openssl/rsa.h> >> >> >> >> EVP_PKEY_CTX *ctx; >> >> unsigned char *md, *sig; >> >> size_t mdlen, siglen; >> >> EVP_PKEY *verify_key; >> >> >> >> /* >> >> * NB: assumes verify_key, sig, siglen md and mdlen are already set up >> >> * and that verify_key is an RSA public key >> >> */ >> >> ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */); >> >> if (!ctx) >> >> /* Error occurred */ >> >> if (EVP_PKEY_verify_init(ctx) <= 0) >> >> /* Error */ >> >> if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) >> >> /* Error */ >> >> if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) >> >> /* Error */ >> >> >> >> /* Perform operation */ >> >> ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen); >> >> >> >> /* >> >> * ret == 1 indicates success, 0 verify failure and < 0 for some >> >> * other error. >> >> */ >> >> >> >> >> >> >> >> Best regards, >> >> *George Linta Maria* >> -- >> openssl-users mailing list >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >> > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users