C
C
ECDSA Sign Data and Get Raw R and S Values
See more ECC Examples
Demonstrates getting the raw R and S value of an ECDSA signature.Chilkat C Downloads
#include <C_CkCrypt2.h>
#include <C_CkPrivateKey.h>
#include <C_CkPrng.h>
#include <C_CkEcc.h>
#include <C_CkAsn.h>
#include <C_CkXml.h>
#include <C_CkBinData.h>
void ChilkatSample(void)
{
BOOL success;
HCkCrypt2 crypt;
const char *hash1;
HCkPrivateKey privKey;
HCkPrng prng;
HCkEcc ecdsa;
const char *ecdsaSigBase64;
HCkAsn asn;
HCkXml xml;
HCkBinData bd;
const char *r;
const char *s;
success = FALSE;
// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// To create an ECDSA signature, the data first needs to be hashed. Then the hash
// is signed.
crypt = CkCrypt2_Create();
CkCrypt2_putHashAlgorithm(crypt,"SHA256");
CkCrypt2_putCharset(crypt,"utf-8");
CkCrypt2_putEncodingMode(crypt,"base64");
// Hash a string.
hash1 = CkCrypt2_hashStringENC(crypt,"The quick brown fox jumps over the lazy dog");
printf("hash1 = %s\n",hash1);
// -----------------------------------------------------------
// An ECDSA private key is used for signing. The public key is for signature verification.
// Load our ECC private key.
// Our private key file contains this:
// // -----BEGIN PRIVATE KEY-----
// MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg3J8q/24D1sEKGdP9
// 72MGYElLGpw/a56Y3t6pfON3uhShRANCAATlSmoizyhAwoYZAOuFBATl07/1RR54
// a1Dzfm16grxJe666AGKR+bSs24hk7TEpaeCTvT8YOOM3l+xKFg7zq6Q9
// -----END PRIVATE KEY-----
privKey = CkPrivateKey_Create();
success = CkPrivateKey_LoadPemFile(privKey,"qa_data/ecc/secp256r1-key-pkcs8.pem");
if (success != TRUE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkCrypt2_Dispose(crypt);
CkPrivateKey_Dispose(privKey);
return;
}
// Sign the hash..
prng = CkPrng_Create();
ecdsa = CkEcc_Create();
ecdsaSigBase64 = CkEcc_signHashENC(ecdsa,hash1,"base64",privKey,prng);
if (CkEcc_getLastMethodSuccess(ecdsa) != TRUE) {
printf("%s\n",CkEcc_lastErrorText(ecdsa));
CkCrypt2_Dispose(crypt);
CkPrivateKey_Dispose(privKey);
CkPrng_Dispose(prng);
CkEcc_Dispose(ecdsa);
return;
}
// The ECDSA signature is ASN.1 that contains a sequence of 2 large integers (r and s)
// For example:
// SEQUENCE (2 elem)
// INTEGER (255 bit) 792134D9B4AD82D5431ED03835A88E2596EB35E5B13054BD9B05A0069281ACC9
// INTEGER (255 bit) 481E758CC1E3CBF825537EC3D9A2CA627E5FAD1137BBEA65DF38658DCB0A9ED5
printf("Base64 ECDSA signature = %s\n",ecdsaSigBase64);
// If the raw R and S values are needed, here's how to get them:
asn = CkAsn_Create();
success = CkAsn_LoadEncoded(asn,ecdsaSigBase64,"base64");
if (success == FALSE) {
printf("%s\n",CkAsn_lastErrorText(asn));
CkCrypt2_Dispose(crypt);
CkPrivateKey_Dispose(privKey);
CkPrng_Dispose(prng);
CkEcc_Dispose(ecdsa);
CkAsn_Dispose(asn);
return;
}
// The R and X will be in hexidecimal in the XML.
xml = CkXml_Create();
CkXml_LoadXml(xml,CkAsn_asnToXml(asn));
printf("%s\n",CkXml_getXml(xml));
// The XML looks like this:
// <sequence>
// <int>792134D9B4AD82D5431ED03835A88E2596EB35E5B13054BD9B05A0069281ACC9</int>
// <int>481E758CC1E3CBF825537EC3D9A2CA627E5FAD1137BBEA65DF38658DCB0A9ED5</int>
// </sequence>
// Copy raw R and S hex values into a Chilkat BinData object.
bd = CkBinData_Create();
r = CkXml_getChildContent(xml,"int[0]");
s = CkXml_getChildContent(xml,"int[1]");
CkBinData_AppendEncoded(bd,r,"hex");
CkBinData_AppendEncoded(bd,s,"hex");
printf("Number of bytes in bd: %d\n",CkBinData_getNumBytes(bd));
CkCrypt2_Dispose(crypt);
CkPrivateKey_Dispose(privKey);
CkPrng_Dispose(prng);
CkEcc_Dispose(ecdsa);
CkAsn_Dispose(asn);
CkXml_Dispose(xml);
CkBinData_Dispose(bd);
}