OpenSSL在C中使用RAW EC生成的密钥进行签名和验证 [英] OpenSSL Sign and Verify in C with RAW EC generated Keys
问题描述
我将EC私钥生成为随机数,将EC公钥生成为随机数生成器的乘法。
I generate my EC private key as random number and my EC public key as the multiplication of the generator for the random number.
现在,我将使用这些密钥签名并验证消息,但是有关验证的操作失败。您是否有解决此问题的提示?
Now I would to use these keys to sign and verify a message, but the operation about the verification fails. Do you have any hint to solve this problem?
我出于某些限制使用OpenSSL 1.0.0。我不能切换新的。
I'm using OpenSSL 1.0.0 for some constraints. I cannot switch the new one.
#include <openssl/ec.h>
#include <openssl/rand.h>
#include <openssl/bn.h>
#include <openssl/sha.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <stdio.h>
#include <string.h>
int main()
{
BN_CTX *ctx;
EC_GROUP *curve;
BIGNUM *q = NULL;
EVP_MD_CTX *hashctx;
unsigned int ol;
unsigned char fh[EVP_MAX_MD_SIZE];
BIGNUM *priv = NULL;
EC_POINT *G, *pub;
EC_KEY *keypriv = EC_KEY_new();
EC_KEY *keypub = EC_KEY_new();
unsigned char *s1 = "hello";
// makes all algorithms available to the EVP* routines
OpenSSL_add_all_algorithms();
// load the error strings for ERR_error_string
ERR_load_crypto_strings();
hashctx = EVP_MD_CTX_new();
const EVP_MD *hashptr = EVP_get_digestbyname("SHA256");
EVP_DigestInit_ex(hashctx, hashptr, NULL);
EVP_DigestUpdate(hashctx, s1, strlen(s1));
EVP_DigestFinal_ex(hashctx, fh, &ol);
// seed PRNG
if (RAND_load_file("/dev/urandom", 256) < 64)
{
printf("Can't seed PRNG!\n");
abort();
}
ctx = BN_CTX_new();
q = BN_new();
// read the generator and order of the curve
curve = EC_GROUP_new_by_curve_name(NID_secp160r1);
G = EC_GROUP_get0_generator(curve);
EC_GROUP_get_order(curve, q, ctx);
// precompute multiples of g (faster multiplications)
EC_GROUP_precompute_mult(curve, ctx);
EC_KEY_set_group(keypriv, curve);
pub = EC_POINT_new(curve);
priv = BN_new();
BN_rand_range(priv, q);
EC_POINT_mul(curve, pub, NULL, G, priv, ctx);
EC_KEY_set_private_key(keypriv, priv);
EC_KEY_set_public_key(keypub, pub);
ECDSA_SIG *signature = ECDSA_do_sign(fh, 64, keypriv);
if (NULL == signature)
{
printf("Failed to generate EC Signature\n");
}
else
{
int verify_status = ECDSA_do_verify(fh, 64, signature, keypub);
const int verify_success = 1;
if (verify_success != verify_status)
{
printf("Failed to verify EC Signature\n");
}
else
{
printf("Verifed EC Signature\n");
}
ECDSA_SIG_free(signature);
}
return 0;
}
推荐答案
我只是通过设置我的代码中的公钥的EC组为:
I solved just by setting the EC Group for the public key in my code as:
EC_KEY_set_group(keypub, curve);
顺便说一句,我希望这个问题也可以回答已接受的第一条评论。答案:
By the way, I hope that this Q/A can answer also for the first comment in the accepted answer:
如何仅使用eckey的公开部分进行验证?
How do you verify with just the public part of the eckey?
这篇关于OpenSSL在C中使用RAW EC生成的密钥进行签名和验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!