But why we need to load the public key for signing the data? for signing I need only private key. When I load the public and private both key I could sign the data. but when I load only private key and calling Key_check function its failing.
Thanks Jeetendra On 14 December 2012 15:32, Matt Caswell (fr...@baggins.org) <fr...@baggins.org> wrote: > > > >> char b1[] = >> "18679335321211177614181391980475641049275229937844945546185683145837"; > > > Where did you get this value from? Is this a private key you have been > provided with that you *must* use? > > Unless you particularly need to use a specific private key it is better to > use > > EC_KEY_generate_key > > This will create a private key for you as well as calculating the associated > public key. > >> >> BN_dec2bn(&res,b1); >> // BN_dec2bn(&x,b1); >> // BN_dec2bn(&y,b1); >> >> // BN_dec2bn(&(pub_key->X), "1234567890123456789012345678"); >> // BN_dec2bn(pub_key->Y, "1234567890123456789012345678"); >> >> >> pkey = EC_KEY_new_by_curve_name(NID_secp224r1); >> group = EC_KEY_get0_group(pkey); >> pub_key = EC_POINT_new(group); >> >> ret = EC_KEY_set_private_key(pkey, res); >> //EC_KEY_set_public_key_affine_coordinates(pkey,x,y); > > > It appears you have commented out all of the code above to insert the public > key. This is probably why the EC_KEY_check_key call is failing. One of the > things this function checks is that the public key is sane. > > In addition the code you have that is commented out above for the public key > looks very odd. The public key is not just any (x, y) co-ordinate - it must > point a point which is on the curve! Further it must be equal to the curve > generator multiplied by the private key. If you use the EC_KEY_generate_key > function referred to above then this will all be dealt with for you. If > however you need to calculate the public key itself from an existing private > key then use something like this to create it: > > if (!EC_POINT_mul(group, pub_key, pkey, NULL, NULL, ctx)) > goto err; > > > Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org