<div dir="auto">Hi!<div dir="auto"><br></div><div dir="auto">I would suggest using the newer `EVP_DigestSign` interface.</div><div dir="auto"><br></div><div dir="auto">You could find more documentation about it here: <a href="https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying" rel="noreferrer noreferrer" target="_blank">https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying</a></div><div dir="auto"><br></div><div dir="auto">Here is the relevant manpage: <a href="https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestVerifyInit.html" target="_blank" rel="noreferrer">https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestVerifyInit.html</a></div><div dir="auto"><br></div><div dir="auto">Best regards, </div><div dir="auto"><br></div><div dir="auto">Nicola Tuveri </div></div><br><div class="gmail_quote"><div dir="ltr">On Tue, Aug 28, 2018, 14:09 Linta Maria <<a href="mailto:lintamaria194@gmail.com" rel="noreferrer noreferrer" target="_blank">lintamaria194@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto"><br><div class="gmail_quote" dir="auto"><div dir="ltr"><br></div><div lang="EN-US" link="#0563C1" vlink="#954F72"><div class="m_1724445086544995672m_2227491141400689319m_-8096496656799935659m_3238106350363895383WordSection1">
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif">Hi All,<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif">I have started using open ssl recently for implementing some cryptographic operation.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif">Now I want to implement signature verification by taking Signature and hashed data as input, but I am not able to get the proper API.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif">I have used below code, but it’s not working. Please help me to get the correct API.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">#include <openssl/evp.h><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">#include <openssl/rsa.h><u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">EVP_PKEY_CTX *ctx;<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">unsigned char *md, *sig;<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">size_t mdlen, siglen;<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">EVP_PKEY *verify_key;<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">/*<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""> * NB: assumes verify_key, sig, siglen md and mdlen are already set up<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""> * and that verify_key is an RSA public key<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""> */<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */);<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">if (!ctx)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""> /* Error occurred */<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">if (EVP_PKEY_verify_init(ctx) <= 0)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""> /* Error */<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""> /* Error */<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0)<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""> /* Error */<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">/* Perform operation */<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen);<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New"">/*<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""> * ret == 1 indicates success, 0 verify failure and < 0 for some<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""> * other error.<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Courier New""> */<u></u><u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal"><span style="font-size:10.0pt;font-family:"Arial",sans-serif"><u></u> <u></u></span></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Best regards,
<br>
<br>
<b>George Linta Maria</b><br></span><u></u></p>
</div>
</div>
</div></div>
-- <br>
openssl-users mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-users" rel="noreferrer noreferrer noreferrer noreferrer" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-users</a><br>
</blockquote></div>