Talk:EVP Signing and Verifying
From OpenSSLWiki
Clarification required
Why is
if(1 != EVP_DigestSignFinal(mdctx, *sig, slen)) goto err;
done two times?--Doru001 13:04, 16 June 2013 (UTC)
Good question! I've added some extra code comments to explain it. Basically the first call has a NULL sig parameter to obtain the length of the signature. Memory is then allocated sufficient to hold the sig, and then the sig is obtained in the second call to EVP_DigestSignFinal.
--Matt 21:16, 15 June 2013 (UTC)
Thank you, now it is clear. Doru001 13:04, 16 June 2013 (UTC)