[openssl-users] How can i verify a signature without knowing the private key? not by openssl command but openssl function.

知於裘己 chengzju at qq.com
Fri Sep 25 10:51:33 UTC 2015

Hi guys
    i want to write two programd to learn the details of ecdsa signature. 
    program A read the private key from private.pem, sign a string, like "abcde1234", save the signature as sig.pem.
    program B read the public key from pub.pem, read the sig.pem, and verify the signature.
    can anybody provide me a example code?

    my implementation is as follow:
    1, generate the ecc keys by "openssl ecparam -genkey -name secp256r1 -out private.pem" and extract the public key by "openssl ec -in private.pem -out public.pem -pubout"
    2, read the private key by "PEM_read_PrivateKey()", and sign with "ECDSA_do_sign", there is no problem. program A works well.
    3, the problem is how to read the public key from public.pem ? i find PEM_read_bio_PUBKEY from app/apps.c, but i can't find the source code.  how can i verify the signature without knowing the private key?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150925/e8981f2e/attachment.html>

More information about the openssl-users mailing list