gpt4 book ai didi

c - OpenSSL ECDSA 签名有效性

转载 作者:行者123 更新时间:2023-11-30 17:02:45 32 4
gpt4 key购买 nike

来自OpenSSL documentation

使用命名曲线 prime256v1(又名 P-256)创建给定 SHA-256 哈希值的 ECDSA 签名。

第二步:使用 ECDSA_do_sign() 计算 SHA-256 哈希值的 ECDSA 签名:

sig = ECDSA_do_sign(digest, 32, eckey);
if (sig == NULL) {
/* error */
}

或使用 ECDSA_sign():

unsigned char *buffer, *pp;
int buf_len;
buf_len = ECDSA_size(eckey);
buffer = OPENSSL_malloc(buf_len);
pp = buffer;
if (ECDSA_sign(0, dgst, dgstlen, pp, &buf_len, eckey) == 0) {
/* error */
}

第三步:使用ECDSA_do_verify()验证创建的ECDSA签名:

ret = ECDSA_do_verify(digest, 32, sig, eckey);

或使用 ECDSA_verify():

ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);

最后评估返回值:

if (ret == 1) {
/* signature ok */
} else if (ret == 0) {
/* incorrect signature */
} else {
/* error */
}

文件结束

这让我明白,我需要验证使用 ECDSA_do_signECDSA_sign 创建的每个签名,是吗?创建的签名会无效吗?

最佳答案

来自NIST PUB 186-4 - Digital Signature Standard第 4.7 节:

Signature verification may be performed by any party (i.e., the signatory, the intended recipient or any other party) using the signatory’s public key. A signatory may wish to verify that the computed signature is correct, perhaps before sending the signed message to the intended recipient. The intended recipient (or any other party) verifies the signature to determine its authenticity.

(其中签名者是签名创建者)

关于c - OpenSSL ECDSA 签名有效性,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/36452829/

32 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com