[openssl-users] OpenSSL occasionally generates wrong signature

Dmitry dimanne at gmail.com
Tue Oct 16 17:56:21 UTC 2018

Looks like there is some problem in higher-level EVP_ functions.

I completely rewrote the example using lower-level ECDSA_do_sign and it
started to work always.

Here is the code:
   EVP_MD_CTX *Ctx = EVP_MD_CTX_create();
   EVP_DigestInit(Ctx, EVP_sha256());
   EVP_DigestUpdate(Ctx, dt.data(), dt.size());
   QByteArray Digest;
   unsigned int Len;
   EVP_DigestFinal(Ctx, reinterpret_cast<unsigned char *>(Digest.data()),

   BIO *   Bio   = BIO_new_mem_buf(pk.data(), pk.size());
   EC_KEY *ECKey = PEM_read_bio_ECPrivateKey(Bio, nullptr, nullptr,
   ECDSA_SIG *Signature = ECDSA_do_sign(reinterpret_cast<unsigned char
*>(Digest.data()), Digest.size(), ECKey);
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20181016/a1e977a5/attachment.html>

More information about the openssl-users mailing list