C implementation of ECDSA signature and verification with openssl

Question

I am trying to create C program were I can choose from a menu which options I want from Signing a message and Verify a message. I have the code that signs the message and verifies at the same time. What I would like was to be able to parse a message and sign it and this to output the certificate for example. Next when I choose verify I would insert the same message and the certificate, so I could actually verify or not the message.

I am using the code from: Signing a message using ECDSA in OpenSSL

PS: Basically I don't know how to actually print the signature, private and public keys.

Thank you so much.

Answer 1

Use those functions:

int i2d_ECDSA_SIG(const ECDSA_SIG *sig, unsigned char **pp);

ECDSA_SIG* d2i_ECDSA_SIG(ECDSA_SIG **sig, const unsigned char **pp, long len);

As per OpenSSL docs:

" i2d_ECDSA_SIG() creates the DER encoding of the ECDSA signature sig and writes the encoded signature to *pp (note: if pp is NULL i2d_ECDSA_SIG returns the expected length in bytes of the DER encoded signature). i2d_ECDSA_SIG returns the length of the DER encoded signature (or 0 on error).

d2i_ECDSA_SIG() decodes a DER encoded ECDSA signature and returns the decoded signature in a newly allocated ECDSA_SIG structure. *sig points to the buffer containing the DER encoded signature of size len. "

If you want to printout the signature on the screen than you will have to Base64 it :)

Answer 2

I think I found out the way to print the r and s values. The key pair from the signature (r,s)

After we have the signature it self:

ECDSA_SIG *signature = ECDSA_do_sign(hash, strlen(hash), eckey);

We can print the r and s values this way:

    printf("(sig->r, sig->s): (%s,%s)\n", BN_bn2hex(ECDSA_SIG_get0_r(signature)), BN_bn2hex(ECDSA_SIG_get0_s(signature)));

Thanks Best Regards