1

There are plenty of examples written in C on how to verify a digital signature on a message but my use case requires me to provide only the message hash.

So is there an alternative to EVP_DigestVerifyUpdate(mdctx, msg, strlen(msg)); where I could directly provide a hash?

jww
  • 97,681
  • 90
  • 411
  • 885
Jan Moritz
  • 2,145
  • 4
  • 23
  • 33
  • Not going to say it isn't possible, but with EVP I've never seen it (but always willing to learn). Whenever I've had to do something similar (for me it's usually the signing where I already have the digest, rarely the verifying) I've had to use [RSA_sign and RSA_verify](https://www.openssl.org/docs/man1.0.2/crypto/RSA_verify.html) directly, which requires the message digest, not the original message. If you're using RSA (I can't imagine you wouldn't be) that may be an option for you. – WhozCraig Jan 28 '17 at 10:34
  • Unfortunately I'm using ECDSA :/ – Jan Moritz Jan 28 '17 at 13:54

1 Answers1

1

Is this what you are looking for?

EVP_PKEY *public_key = ...;
EVP_PKEY_CTX *public_key_ctx = EVP_PKEY_CTX_new(public_key, NULL);

EVP_PKEY_verify_init(public_key_ctx);
if (1 != EVP_PKEY_verify(public_key_ctx, sig, siglen, hash, hashlen))
    // invalid signature
Marek Klein
  • 1,410
  • 12
  • 20