summaryrefslogtreecommitdiff
path: root/src/lib
diff options
context:
space:
mode:
authortb <>2024-11-15 20:14:58 +0000
committertb <>2024-11-15 20:14:58 +0000
commit6a22cb2662a65fcc708c1076799aebd0596f3747 (patch)
treebcfb004137eb4851446a14a446c868ca86661cdd /src/lib
parent00d406aeea0b66f7f4205870c7cef172c459660d (diff)
downloadopenbsd-6a22cb2662a65fcc708c1076799aebd0596f3747.tar.gz
openbsd-6a22cb2662a65fcc708c1076799aebd0596f3747.tar.bz2
openbsd-6a22cb2662a65fcc708c1076799aebd0596f3747.zip
Use a better curve and a better hash for the ECDSA_do_sign() example
(Many examples in this directory are really bad. This is no exception.)
Diffstat (limited to 'src/lib')
-rw-r--r--src/lib/libcrypto/man/ECDSA_SIG_new.318
1 files changed, 9 insertions, 9 deletions
diff --git a/src/lib/libcrypto/man/ECDSA_SIG_new.3 b/src/lib/libcrypto/man/ECDSA_SIG_new.3
index c9ef8e8143..2b72e6f1b9 100644
--- a/src/lib/libcrypto/man/ECDSA_SIG_new.3
+++ b/src/lib/libcrypto/man/ECDSA_SIG_new.3
@@ -1,4 +1,4 @@
1.\" $OpenBSD: ECDSA_SIG_new.3,v 1.20 2023/08/29 10:07:42 tb Exp $ 1.\" $OpenBSD: ECDSA_SIG_new.3,v 1.21 2024/11/15 20:14:58 tb Exp $
2.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100 2.\" full merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
3.\" selective merge up to: OpenSSL da4ea0cf Aug 5 16:13:24 2019 +0100 3.\" selective merge up to: OpenSSL da4ea0cf Aug 5 16:13:24 2019 +0100
4.\" 4.\"
@@ -50,7 +50,7 @@
50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51.\" OF THE POSSIBILITY OF SUCH DAMAGE. 51.\" OF THE POSSIBILITY OF SUCH DAMAGE.
52.\" 52.\"
53.Dd $Mdocdate: August 29 2023 $ 53.Dd $Mdocdate: November 15 2024 $
54.Dt ECDSA_SIG_NEW 3 54.Dt ECDSA_SIG_NEW 3
55.Os 55.Os
56.Sh NAME 56.Sh NAME
@@ -342,8 +342,8 @@ error.
342The error codes can be obtained by 342The error codes can be obtained by
343.Xr ERR_get_error 3 . 343.Xr ERR_get_error 3 .
344.Sh EXAMPLES 344.Sh EXAMPLES
345Creating an ECDSA signature of given SHA-1 hash value using the named 345Creating an ECDSA signature of given SHA-384 hash value using the named
346curve secp192k1. 346curve secp384r1.
347.Pp 347.Pp
348First step: create an 348First step: create an
349.Vt EC_KEY 349.Vt EC_KEY
@@ -356,7 +356,7 @@ int ret;
356ECDSA_SIG *sig; 356ECDSA_SIG *sig;
357EC_KEY *eckey; 357EC_KEY *eckey;
358 358
359eckey = EC_KEY_new_by_curve_name(NID_secp192k1); 359eckey = EC_KEY_new_by_curve_name(NID_secp384r1);
360if (eckey == NULL) { 360if (eckey == NULL) {
361 /* error */ 361 /* error */
362} 362}
@@ -365,10 +365,10 @@ if (!EC_KEY_generate_key(eckey)) {
365} 365}
366.Ed 366.Ed
367.Pp 367.Pp
368Second step: compute the ECDSA signature of a SHA-1 hash value using 368Second step: compute the ECDSA signature of a SHA-384 hash value using
369.Fn ECDSA_do_sign 369.Fn ECDSA_do_sign
370.Bd -literal -offset indent 370.Bd -literal -offset indent
371sig = ECDSA_do_sign(digest, 20, eckey); 371sig = ECDSA_do_sign(digest, SHA384_DIGEST_LENGTH, eckey);
372if (sig == NULL) { 372if (sig == NULL) {
373 /* error */ 373 /* error */
374} 374}
@@ -391,12 +391,12 @@ if (!ECDSA_sign(0, dgst, dgstlen, pp, &buf_len, eckey) {
391Third step: verify the created ECDSA signature using 391Third step: verify the created ECDSA signature using
392.Fn ECDSA_do_verify 392.Fn ECDSA_do_verify
393.Pp 393.Pp
394.Dl ret = ECDSA_do_verify(digest, 20, sig, eckey); 394.Dl ret = ECDSA_do_verify(digest, SHA384_DIGEST_LENGTH, sig, eckey);
395.Pp 395.Pp
396or using 396or using
397.Fn ECDSA_verify 397.Fn ECDSA_verify
398.Pp 398.Pp
399.Dl ret = ECDSA_verify(0, digest, 20, buffer, buf_len, eckey); 399.Dl ret = ECDSA_verify(0, digest, SHA384_DIGEST_LENGTH, buffer, buf_len, eckey);
400.Pp 400.Pp
401and finally evaluate the return value: 401and finally evaluate the return value:
402.Bd -literal -offset indent 402.Bd -literal -offset indent
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-03-22 13:40:07 +0000