Sample code for 30+ languages & platforms
CkPython

ECDSA Sign and Verify Data using Different Hash Algorithms

See more ECC Examples

Demonstrates how to create ECDSA signatures on data using different hash algorithms.

Note: This example requires Chilkat v9.5.0.85 or greater because the SignBd and VerifyBd methods were added in v9.5.0.85.

Chilkat CkPython Downloads

CkPython
import sys
import chilkat

success = False

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# First load an ECDSA private key to be used for signing.
privKey = chilkat.CkPrivateKey()
success = privKey.LoadEncryptedPemFile("qa_data/ecc/secp256r1-key-pkcs8-secret.pem","secret")
if (success == False):
    print(privKey.lastErrorText())
    sys.exit()

# Load some data to be signed.
bd = chilkat.CkBinData()
success = bd.LoadFile("qa_data/hamlet.xml")
if (success == False):
    print("Failed to load file to be hashed.")
    sys.exit()

ecdsa = chilkat.CkEcc()
prng = chilkat.CkPrng()

# Sign the sha256 hash of the data.  Return the ECDSA signature in the base64 encoding.
print("ECDSA signing the sha256 hash of the data...")
sig = ecdsa.signBd(bd,"sha256","base64",privKey,prng)
print("sig = " + sig)

# Verify the signature against the original data.
# (We must use the same hash algorithm that was used when signing.)

# Load the public key that corresponds to the private key used for signing.
pubKey = chilkat.CkPublicKey()
success = pubKey.LoadFromFile("qa_data/ecc/secp256r1-pub.pem")
if (success == False):
    print(pubKey.lastErrorText())
    sys.exit()

ecc2 = chilkat.CkEcc()
result = ecc2.VerifyBd(bd,"sha256",sig,"base64",pubKey)
if (result != 1):
    print(ecc2.lastErrorText())
    sys.exit()

print("Verified!")

# ----------------------------------------------------------------------------------------
# Let's do the same thing, but with sha384 hashing...

print("--------------------------------------------")
print("ECDSA signing the sha384 hash of the data...")

sig = ecdsa.signBd(bd,"sha384","base64",privKey,prng)
print("sig = " + sig)

result = ecc2.VerifyBd(bd,"sha384",sig,"base64",pubKey)
if (result != 1):
    print(ecc2.lastErrorText())
    sys.exit()

print("Verified!")