C
C
ECDSA Sign and Verify Data using Different Hash Algorithms
See more ECC Examples
Demonstrates how to create ECDSA signatures on data using different hash algorithms.Note: This example requires Chilkat v9.5.0.85 or greater because the SignBd and VerifyBd methods were added in v9.5.0.85.
Chilkat C Downloads
#include <C_CkPrivateKey.h>
#include <C_CkBinData.h>
#include <C_CkEcc.h>
#include <C_CkPrng.h>
#include <C_CkPublicKey.h>
void ChilkatSample(void)
{
BOOL success;
HCkPrivateKey privKey;
HCkBinData bd;
HCkEcc ecdsa;
HCkPrng prng;
const char *sig;
HCkPublicKey pubKey;
HCkEcc ecc2;
int result;
success = FALSE;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
// First load an ECDSA private key to be used for signing.
privKey = CkPrivateKey_Create();
success = CkPrivateKey_LoadEncryptedPemFile(privKey,"qa_data/ecc/secp256r1-key-pkcs8-secret.pem","secret");
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkPrivateKey_Dispose(privKey);
return;
}
// Load some data to be signed.
bd = CkBinData_Create();
success = CkBinData_LoadFile(bd,"qa_data/hamlet.xml");
if (success == FALSE) {
printf("Failed to load file to be hashed.\n");
CkPrivateKey_Dispose(privKey);
CkBinData_Dispose(bd);
return;
}
ecdsa = CkEcc_Create();
prng = CkPrng_Create();
// Sign the sha256 hash of the data. Return the ECDSA signature in the base64 encoding.
printf("ECDSA signing the sha256 hash of the data...\n");
sig = CkEcc_signBd(ecdsa,bd,"sha256","base64",privKey,prng);
printf("sig = %s\n",sig);
// Verify the signature against the original data.
// (We must use the same hash algorithm that was used when signing.)
// Load the public key that corresponds to the private key used for signing.
pubKey = CkPublicKey_Create();
success = CkPublicKey_LoadFromFile(pubKey,"qa_data/ecc/secp256r1-pub.pem");
if (success == FALSE) {
printf("%s\n",CkPublicKey_lastErrorText(pubKey));
CkPrivateKey_Dispose(privKey);
CkBinData_Dispose(bd);
CkEcc_Dispose(ecdsa);
CkPrng_Dispose(prng);
CkPublicKey_Dispose(pubKey);
return;
}
ecc2 = CkEcc_Create();
result = CkEcc_VerifyBd(ecc2,bd,"sha256",sig,"base64",pubKey);
if (result != 1) {
printf("%s\n",CkEcc_lastErrorText(ecc2));
CkPrivateKey_Dispose(privKey);
CkBinData_Dispose(bd);
CkEcc_Dispose(ecdsa);
CkPrng_Dispose(prng);
CkPublicKey_Dispose(pubKey);
CkEcc_Dispose(ecc2);
return;
}
printf("Verified!\n");
// ----------------------------------------------------------------------------------------
// Let's do the same thing, but with sha384 hashing...
printf("--------------------------------------------\n");
printf("ECDSA signing the sha384 hash of the data...\n");
sig = CkEcc_signBd(ecdsa,bd,"sha384","base64",privKey,prng);
printf("sig = %s\n",sig);
result = CkEcc_VerifyBd(ecc2,bd,"sha384",sig,"base64",pubKey);
if (result != 1) {
printf("%s\n",CkEcc_lastErrorText(ecc2));
CkPrivateKey_Dispose(privKey);
CkBinData_Dispose(bd);
CkEcc_Dispose(ecdsa);
CkPrng_Dispose(prng);
CkPublicKey_Dispose(pubKey);
CkEcc_Dispose(ecc2);
return;
}
printf("Verified!\n");
CkPrivateKey_Dispose(privKey);
CkBinData_Dispose(bd);
CkEcc_Dispose(ecdsa);
CkPrng_Dispose(prng);
CkPublicKey_Dispose(pubKey);
CkEcc_Dispose(ecc2);
}