Re: Need help in loading private key for ECDSA

Fri, 14 Dec 2012 02:34:14 -0800 

But why we need to load the public key for signing the data?
for signing I need only private key.
When I load the public and private both key I could sign the data.
but when I load only private key and calling Key_check function its failing.



Thanks
Jeetendra

On 14 December 2012 15:32, Matt Caswell (fr...@baggins.org)
<fr...@baggins.org> wrote:
>
>
>
>>     char b1[] =
>> "18679335321211177614181391980475641049275229937844945546185683145837";
>
>
> Where did you get this value from? Is this a private key you have been
> provided with that you *must* use?
>
> Unless you particularly need to use a specific private key it is better to
> use
>
> EC_KEY_generate_key
>
> This will create a private key for you as well as calculating the associated
> public key.
>
>>
>>     BN_dec2bn(&res,b1);
>>   //  BN_dec2bn(&x,b1);
>>    // BN_dec2bn(&y,b1);
>>
>>    // BN_dec2bn(&(pub_key->X), "1234567890123456789012345678");
>>    // BN_dec2bn(pub_key->Y, "1234567890123456789012345678");
>>
>>
>>     pkey = EC_KEY_new_by_curve_name(NID_secp224r1);
>>     group = EC_KEY_get0_group(pkey);
>>     pub_key = EC_POINT_new(group);
>>
>>     ret = EC_KEY_set_private_key(pkey, res);
>>     //EC_KEY_set_public_key_affine_coordinates(pkey,x,y);
>
>
> It appears you have commented out all of the code above to insert the public
> key. This is probably why the EC_KEY_check_key call is failing. One of the
> things this function checks is that the public key is sane.
>
> In addition the code you have that is commented out above for the public key
> looks very odd. The public key is not just any (x, y) co-ordinate - it must
> point a point which is on the curve! Further it must be equal to the curve
> generator multiplied by the private key. If you use the EC_KEY_generate_key
> function referred to above then this will all be dealt with for you. If
> however you need to calculate the public key itself from an existing private
> key then use something like this to create it:
>
>     if (!EC_POINT_mul(group, pub_key, pkey, NULL, NULL, ctx))
>         goto err;
>
>
> Matt
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to