In order to thank you for all members' support of our website, we are holding new events - Getting Free Samples by Paying Freight only.
Want to get free samples? Please check this post for more details.

Tool - ECDSA Sign/Verify features

JCIDE related questions and answers.

Moderators: product, kuafu

shimizus3106
Posts: 19
Joined: Thu Oct 06, 2016 10:05 pm
Points :226
Contact:

Tool - ECDSA Sign/Verify features

Post by shimizus3106 » Wed Jun 06, 2018 5:05 am

Dear user in furum.

I have question about ECDSA Sign/Verify features.
Those are very useful but its on browser, not stand alone.

So I want to know :

1 . Can we use the function on Stand alone - any souce code or binary ?
2 . Can we realize same features with OpenSSL command (or anyother tool) ?

Indeed, I trying with Openssl but have difficulty in..

Any information and help highly appreciate.

thanks,
Shigenori

shimizus3106
Posts: 19
Joined: Thu Oct 06, 2016 10:05 pm
Points :226
Contact:

Re: Tool - ECDSA Sign/Verify features

Post by shimizus3106 » Fri Jun 08, 2018 1:53 am

Hello, user.

Additionally, I will try to check ECDSA to know its algo with ECDSA Sign/Verify and OpenSSL, ECC key gen / ECDSA sign.
I put Keypair parameter to ECDSA Sign/Verify and also HM to get signature with secp256k1,
but I dont know what I should set "K"... I dont find parameters from OpenSSL, secp256k1.
As I dont know ECC/ECDSA well for now,
Could you let me know what I making mistake ??

thanks,

parkplaza
Posts: 2
Joined: Mon Jun 11, 2018 1:20 am
Points :16
Contact:

Re: Tool - ECDSA Sign/Verify features

Post by parkplaza » Tue Jun 12, 2018 2:09 am


AlexLiu
Posts: 7
Joined: Thu Sep 22, 2016 4:52 am
Points :120
Contact:

Re: Tool - ECDSA Sign/Verify features

Post by AlexLiu » Fri Jun 15, 2018 1:14 am

(1)I'm not very clear with your question, but you can see if I make the right guesses: You want to call an ECDSA_sign interface make a ecdsa signature,using parameters(private key of key pair, Hm, ecc curve parameters secp256k1),but there is parameter K, you don't know how to deal with it. Then you checked the public API ECDSA_sign of openssl, and there is no need to offer this parameter when do a signature, so you are more confused.
(2)About ECDSA_sign algo, there involves a random number during the signature, so if you don't fixed this random number, even if other parameters you input are the same, the output signature will still differ. So I guess the parameter K indicates the random number during signature, let you to choose a random number and input it, doing this helps users to verify the correctness of the interface. But it's not safe in a security view. Most other ECDSA_sign apis do not let users to offer the random number,they used their own random numbers generated by the Random number generator.
(3)If you want to verify the correctness of ECDSA_sign interface you called, you can using this interface to generate a signature(let's say signatureA), and then using ECDSA_verify offered by a trusted platform (like openssl) to verify signatureA; if verify passes, then using ECDSA_sign offered by a trusted platform (like openssl) to generate a signature(let's say signatureB), and unsing ECDSA_verify(correspond to ECDSA_sign interface you called) to verify signatureB, if verify passes, then proves that the correctness of the interface you called is okay.

Post Reply Previous topicNext topic

Who is online

Users browsing this forum: No registered users and 1 guest

JavaCard OS : Disclaimer