Creating a ECDSA signature of given SHA-1 hash value using the named curve secp192k1.
First step: create a EC_KEY object (note: this part is not ECDSA specific)
int ret;
ECDSA_SIG *sig;
EC_KEY *eckey = EC_KEY_new();
if (eckey == NULL)
{
/* error */
}
key->group = EC_GROUP_new_by_nid(NID_secp192k1);
if (key->group == NULL)
{
/* error */
}
if (!EC_KEY_generate_key(eckey))
{
/* error */
}
Second step: compute the ECDSA signature of a SHA-1 hash value using ECDSA_do_sign
sig = ECDSA_do_sign(digest, 20, eckey);
if (sig == NULL)
{
/* error */
}
or using ECDSA_sign
unsigned char *buffer, *pp;
int buf_len;
buf_len = ECDSA_size(eckey);
buffer = OPENSSL_malloc(buf_len);
pp = buffer;
if (!ECDSA_sign(0, dgst, dgstlen, pp, &buf_len, eckey);
{
/* error */
}
Third step: verify the created ECDSA signature using ECDSA_do_verify
ret = ECDSA_do_verify(digest, 20, sig, eckey);
or using ECDSA_verify
ret = ECDSA_verify(0, digest, 20, buffer, buf_len, eckey);
and finally evaluate the return value:
if (ret == -1)
{
/* error */
}
else if (ret == 0)
{
/* incorrect signature */
}
else /* ret == 1 */
{
/* signature ok */
}