[openssl-users] How can i verify a signature without knowing the private key? not by openssl command but openssl function.
chengzju at qq.com
Fri Sep 25 10:51:33 UTC 2015
i want to write two programd to learn the details of ecdsa signature.
program A read the private key from private.pem, sign a string, like "abcde1234", save the signature as sig.pem.
program B read the public key from pub.pem, read the sig.pem, and verify the signature.
can anybody provide me a example code?
my implementation is as follow:
1, generate the ecc keys by "openssl ecparam -genkey -name secp256r1 -out private.pem" and extract the public key by "openssl ec -in private.pem -out public.pem -pubout"
2, read the private key by "PEM_read_PrivateKey()", and sign with "ECDSA_do_sign", there is no problem. program A works well.
3, the problem is how to read the public key from public.pem ? i find PEM_read_bio_PUBKEY from app/apps.c, but i can't find the source code. how can i verify the signature without knowing the private key?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users