(MFC) ECDSA Sign Data and Verify Signature

Demonstrates using the Elliptic Curve Digital Signature Algorithm to hash data and sign it. Also demonstrates how to verify the ECDSA signature.

Chilkat C/C++ Library Downloads MS Visual C/C++ Libs

See Also: Using MFC CString in Chilkat

#include <CkCrypt2.h>
#include <CkPrivateKey.h>
#include <CkPrng.h>
#include <CkEcc.h>
#include <CkPublicKey.h>

void ChilkatSample(void)
    {
    CkString strOut;

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // To create an ECDSA signature, the data first needs to be hashed.  Then the hash
    // is signed.

    // Use Chilkat Crypt2 to generate a hash for any of the following
    // hash algorithms: SHA256, SHA384, SHA512, SHA1, MD5, MD2, HAVAL, RIPEMD128/160/256/320

    CkCrypt2 crypt;
    crypt.put_HashAlgorithm("SHA256");
    crypt.put_Charset("utf-8");
    crypt.put_EncodingMode("base64");

    // Hash a string.
    const char *hash1 = crypt.hashStringENC("The quick brown fox jumps over the lazy dog");
    strOut.append("hash1 = ");
    strOut.append(hash1);
    strOut.append("\r\n");

    // Or hash a file..
    const char *hash2 = crypt.hashFileENC("qa_data/hamlet.xml");
    strOut.append("hash2 = ");
    strOut.append(hash2);
    strOut.append("\r\n");

    // (The Crypt2 API provides many other ways to hash data..)

    // -----------------------------------------------------------
    // An ECDSA private key is used for signing.  The public key is for signature verification.
    // Load our ECC private key.
    // Our private key file contains this:

    // 	// -----BEGIN PRIVATE KEY-----
    // 	MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg3J8q/24D1sEKGdP9
    // 	72MGYElLGpw/a56Y3t6pfON3uhShRANCAATlSmoizyhAwoYZAOuFBATl07/1RR54
    // 	a1Dzfm16grxJe666AGKR+bSs24hk7TEpaeCTvT8YOOM3l+xKFg7zq6Q9
    // 	-----END PRIVATE KEY-----

    CkPrivateKey privKey;
    bool success = privKey.LoadPemFile("qa_data/ecc/secp256r1-key-pkcs8.pem");
    if (success != true) {
        strOut.append(privKey.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    // We'll need a PRNG source for random number generation.
    // Use Chilkat's PRNG (for the Fortuna PRNG algorithm).
    CkPrng prng;

    // Sign the hash..
    CkEcc ecdsa;
    const char *ecdsaSigBase64 = ecdsa.signHashENC(hash1,"base64",privKey,prng);
    if (ecdsa.get_LastMethodSuccess() != true) {
        strOut.append(ecdsa.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    strOut.append("ECDSA signature = ");
    strOut.append(ecdsaSigBase64);
    strOut.append("\r\n");

    // -----------------------------------------------------------
    // Now let's verify the signature using the public key.

    CkPublicKey pubKey;
    success = pubKey.LoadFromFile("qa_data/ecc/secp256r1-pubkey.pem");
    if (success != true) {
        strOut.append(pubKey.lastErrorText());
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    int result = ecdsa.VerifyHashENC(hash1,ecdsaSigBase64,"base64",pubKey);
    if (result == 1) {
        strOut.append("Signature is valid.");
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    if (result == 0) {
        strOut.append("Signature is invalid.");
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }

    if (result < 0) {
        strOut.append(ecdsa.lastErrorText());
        strOut.append("\r\n");
        strOut.append("The VerifyHashENC method call failed.");
        strOut.append("\r\n");
        SetDlgItemText(IDC_EDIT1,strOut.getUnicode());
        return;
    }



    SetDlgItemText(IDC_EDIT1,strOut.getUnicode());

    }