Talk:EVP Signing and Verifying

From OpenSSLWiki
Jump to: navigation, search

Clarification required[edit]

Why is

 if(1 != EVP_DigestSignFinal(mdctx, *sig, slen)) goto err;

done two times?--Doru001 13:04, 16 June 2013 (UTC)

Good question! I've added some extra code comments to explain it. Basically the first call has a NULL sig parameter to obtain the length of the signature. Memory is then allocated sufficient to hold the sig, and then the sig is obtained in the second call to EVP_DigestSignFinal.

--Matt 21:16, 15 June 2013 (UTC)

Thank you, now it is clear. Doru001 13:04, 16 June 2013 (UTC)