Difference between revisions of "EVP Signing and Verifying"
(Added See also section) |
(Corrected EVP_DigestVerifyFinal call to show that 0 indicates a failure to verify (not a more serious error)) |
||
Line 54: | Line 54: | ||
if(!EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, key)) goto err; | if(!EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, key)) goto err; | ||
if(!EVP_DigestVerifyUpdate(mdctx, msg, strlen(msg))) goto err; | if(!EVP_DigestVerifyUpdate(mdctx, msg, strlen(msg))) goto err; | ||
− | if( | + | if(EVP_DigestVerifyFinal(mdctx, sig, slen)) |
+ | { | ||
+ | /* Success */ | ||
+ | } | ||
+ | else | ||
+ | { | ||
+ | /* Failure */ | ||
+ | } | ||
Note: MAC operations do not support the verify operation. Verifying a MAC code is done by calling the sign operations and confirming that the generated code is identical to the one provided. | Note: MAC operations do not support the verify operation. Verifying a MAC code is done by calling the sign operations and confirming that the generated code is identical to the one provided. |
Revision as of 09:14, 1 March 2013
There are two APIs available for performing sign and verify operations. The older EVP_Sign* functions, and the newer and more flexible EVP_DigestSign* functions. They are very similar, but for new applications the EVP_DigestSign* versions should be preferred.
Signing a Message
Signing a message is a three stage process:
- Initialise the operation.
- Add message data (this step can be repeated as many times as necessary to add more message data)
- Create the signature
In order to initialise the operation, you need to have first set up a EVP_PKEY object containing a public key for an algorithm that supports signing (this includes MAC codes). Refer to Working with EVP_PKEYs for further information. You also need to provide a message digest algorithm (refer to Working with Algorithms and Modes).
See the following for an example of signing a message:
EVP_MD_CTX *mdctx = NULL; int ret = 0; *sig = NULL; /* Create the Message Digest Context */ if(!(mdctx = EVP_MD_CTX_create())) goto err; /* Initialise the DigestSign operation */ if(!EVP_DigestSignInit(mdctx, NULL, EVP_sha256(), NULL, key)) goto err; /* Call update with the message */ if(!EVP_DigestSignUpdate(mdctx, msg, strlen(msg))) goto err; /* Finalise the DigestSign operation */ if(!EVP_DigestSignFinal(mdctx, *sig, slen)) goto err; if(!(*sig = malloc(sizeof(unsigned char) * (*slen)))) goto err; if(!EVP_DigestSignFinal(mdctx, *sig, slen)) goto err; /* Success */ ret = 1; err: if(ret != 1) { /* Do some error handling */ } /* Clean up */ if(*sig && !ret) free(*sig); if(mdctx) EVP_MD_CTX_destroy(mdctx);
Note: There is no difference in the API between signing using an asymmetric algorithm, and generating a MAC code. Signing using the EVP_Sign* functions is very similar to the above example, except there is no support for MAC codes.
Refer to http://www.openssl.org/docs/crypto/EVP_DigestSignInit.html for further details on the EVP_DigestSign* functions, and http://www.openssl.org/docs/crypto/EVP_SignInit.html for the EVP_Sign* functions.
Verifying a Message
Verifying a message is very similar to signing except the EVP_DigestVerify* functions (or EVP_Verify* functions) are used instead. Clearly only a public key is required for a verify operation:
if(!EVP_DigestVerifyInit(mdctx, NULL, EVP_sha256(), NULL, key)) goto err; if(!EVP_DigestVerifyUpdate(mdctx, msg, strlen(msg))) goto err; if(EVP_DigestVerifyFinal(mdctx, sig, slen)) { /* Success */ } else { /* Failure */ }
Note: MAC operations do not support the verify operation. Verifying a MAC code is done by calling the sign operations and confirming that the generated code is identical to the one provided.
Refer to http://www.openssl.org/docs/crypto/EVP_DigestVerifyInit.html and http://www.openssl.org/docs/crypto/EVP_VerifyInit.html for further information on the verify functions.