I am fairly new to Rust but I am trying to build a command line tool similar to OpenSSL written in Rust.
I am trying to implement a digital signature using Rust Crypto and the ecdsa crate. I already have a hashed file and my next steps would be as followed:
Now I am not sure how to use the ecdsa crate. How can I generate a private key?
An example of generation of the private key can be found here in the documentation. It's a bit hidden because the key pair generation is specific to the curve used:
use p256::{
ecdsa::{SigningKey, Signature, signature::Signer},
};
use rand_core::OsRng; // requires 'getrandom' feature
// Signing
let signing_key = SigningKey::random(&mut OsRng); // Serialize with `::to_bytes()`
Do note that ECDSA works a bit different from RSA, so you do not "encrypt" the hash with the private key (actually, that's a bad description for RSA as well). You'd use a signer instead, and the hashing of the message is generally considered part of that. The example also shows how to do this.
The documentation is pretty horrible, it seems SHA-256 is used as hashing underneath but that's not on this page. In the source code I found:
impl ecdsa_core::hazmat::DigestPrimitive for NistP256 {
type Digest = sha2::Sha256;
}
So I hope that Rust users do understand how to set / unset a hash given that.
