But the result of the signature and the verification is the same in both cases, isn't it?
On 18 dic, 17:29, Eugene Zolenko <[email protected]> wrote: > First way will throw exception if verification failed, second returns > false. > > It is possible to suppress exception I think and get an error code > with some combination of filters and flags. Need to use redirector to > pass in verifier filter without giving up ownership and then check > result of verification. > > Anyway, first one also copies message without signature into output > buffer. > > Use first when you get signed message that you need to process with > other filters as well (encryption, encoding, etc). > > Use second if you have the message already at destination buffer and > you need only to verify it. > > On Dec 18, 4:41 am, Charlie <[email protected]> wrote: > > > Hi everybody! > > > I have a question about ECDSA signature. What's the different between > > signing and verifying in this way: > > > //Signing > > ECDSA<ECP, SHA1>::PrivateKey privateKey; > > privateKey.Load(...); > > > AutoSeededRandomPool prng; > > string message = "Yoda said, Do or do not. There is no try."; > > string signature; > > > StringSource( message, true /*pump all*/, > > new SignerFilter( prng, > > ECDSA<ECP,SHA1>::Signer( privateKey ), > > new StringSink( signature ) > > ) // SignerFilter > > ); // StringSource > > > //Verifying > > ECDSA<ECP, SHA1>::PublicKey publicKey; > > publicKey.Load(...); > > > // Result of the verification process > > bool result = false; > > > // Exactly what was signed in the previous step > > string message = ...; > > // Output from the signing operation in the previous step > > string signature = ...; > > > StringSource( signature+message, true /*pump all*/, > > new SignatureVerificationFilter( > > ECDSA<ECP,SHA1>::Verifier(publicKey), > > new ArraySink( (byte*)&result, sizeof(result) ) > > ) // SignatureVerificationFilter > > ); > > > // Verification failure? > > if( !result ) {...} > > > And in this way: > > > //Signing... > > ECDSA<ECP, SHA1>::PrivateKey privateKey; > > privateKey.Load(...); > > > // Message > > string message = "Yoda said, Do or Do Not. There is no try."; > > > // Signer object > > ECDSA<ECP, SHA1>::Signer signer( privateKey ); > > > // Create signature space > > size_t length = signer.MaxSignatureLength(); > > SecByteBlock signature( length ); > > > AutoSeededRandomPool rng; > > > // Sign message > > signer.SignMessage( rng, (const byte*) message.c_str(), > > message.length(), signature ); > > > //Verifying... > > ECDSA<ECP, SHA1>::PublicKey publicKey; > > publicKey.Load(...); > > > // Verifier object > > ECDSA<ECP, SHA1>::Verifier verifier( publicKey ); > > > // Verify > > bool result = verifier.VerifyMessage( (const byte*)message.c_str(), > > message.length(), signature, signature.size() ); > > > // Result > > if( true == result ) { > > cout << "Signature on message verified" << endl;} else { > > > cout << "Message verification failed" << endl; > > > } > > > Thanks. -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
