Hi list. I'm currently implementing a signing routine and for that I'm using the high-level API EVP according to this page <https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying>. I'm using openssl 1.0.2m.
I need to sign with hashing SHA256 and prime256v1, with the former retrieved via "EVP_get_digestbyname". The private key is stored in a PEM file and loaded via "PEM_read_bio_PrivateKey". It is correctly loaded and correctly recognized to be of type EC (408). So far so good, I am able to sign the payload and verify it. Hence, the procedure is correctly carried out. HOWEVER, once the signed payload is sent to the server, it is rejected. I believe the issue is with "prime256v1" because, as far as I can tell, that is not the default curve for EC signing. Looking into the documentation I tried to set the correct curve like this (smart pointers used, error handling ignored for the sake of brevity): EVP_PKEY_CTX * pctx; EVP_DigestSignInit(mdctx.get(), &pctx, digestFunction, NULL, key.get())) EVP_PKEY_paramgen_init(pctx); EVP_PKEY_CTX_set_ec_paramgen_curve_nid(pctx, NID_X9_62_prime256v1); // usual steps... But that leads to errors in "EVP_DigestSignFinal" and the inability to sign the payload. Probably this is not the correct way to set the curve. So, what's the correct way to sign a payload with SHA256 and prime256v1? Is EVP api the correct one? Thanks in advance for the help. F.
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
