[openssl-users] Question w.r.t EVP Signing and Verifying

Viktor Dukhovni openssl-users at dukhovni.org
Fri Aug 31 15:09:57 UTC 2018

> On Aug 31, 2018, at 1:52 AM, Kumar Venkatarao <kvenkatarao at infinera.com> wrote:
> Why does EVP_DigestVerifyFinal fail for ECDSA keys?

Because you're not using it correctly.

> Is it a known problem ?

Yes, incorrect use will lead to unexpected results.  No, there is
no known problem in correct use of EC signature verification.

You can test EC signing and verification with:

  $ openssl genpkey -out /tmp/eckey.pem -algorithm ec \
      -pkeyopt "ec_paramgen_curve:prime256v1" \
      -pkeyopt ec_param_enc:named_curve
  $ openssl pkey -in /tmp/eckey.pem -pubout -out /tmp/ecpub.pem
  $ echo foobar | openssl dgst -sign /tmp/eckey.pem > /tmp/sig.dat
  $ echo foobar | openssl dgst -verify /tmp/ecpub.pem -signature /tmp/sig.dat ; echo $?
  Verified OK
  $ echo goobar | openssl dgst -verify /tmp/ecpub.pem -signature /tmp/sig.dat ; echo $?
  Verification Failure

Your code should be able to generated signature files that "openssl dgst -verify" can
verify, or verify signatures that "openssl dgest -sign" produced.  The default digest
algoritm in the operations above was SHA256, you can make it explicit if you like
via appropriate additional options.


More information about the openssl-users mailing list