Collectives™ on Stack Overflow

Find centralized, trusted content and collaborate around the technologies you use most.

Teams

Q&A for work

Connect and share knowledge within a single location that is structured and easy to search.

From OpenSSL documentation

Creating an ECDSA signature of a given SHA-256 hash value using the named curve prime256v1 (aka P-256).

Second step: compute the ECDSA signature of a SHA-256 hash value using ECDSA_do_sign():

sig = ECDSA_do_sign(digest, 32, eckey);
if (sig == NULL) {
   /* error */
or using ECDSA_sign():
unsigned char *buffer, *pp;
int            buf_len;
buf_len = ECDSA_size(eckey);
buffer  = OPENSSL_malloc(buf_len);
pp = buffer;
if (ECDSA_sign(0, dgst, dgstlen, pp, &buf_len, eckey) == 0) {
   /* error */
Third step: verify the created ECDSA signature using ECDSA_do_verify():
ret = ECDSA_do_verify(digest, 32, sig, eckey);
or using ECDSA_verify():
ret = ECDSA_verify(0, digest, 32, buffer, buf_len, eckey);
and finally evaluate the return value:
if (ret == 1) {
   /* signature ok */
} else if (ret == 0) {
   /* incorrect signature */
} else {
   /* error */
This brings me to an understanding that I need to verify every signature I create with ECDSA_do_sign or ECDSA_sign, do I? Can it happen that a created signature is not valid?
                I believe the short answer to your question is "No", if you just created the signature, then there is no need to validate that the signature generate by libssl/libcrypto is a valid signature. The link (check your link, it isn't valid) to the man page with the example you site (e.g. ECDSA_verify is a generic example of how you would use each of the ecdsa functions, not particularly intended to mean you must use each of them, in order, every time any one of them is used.
– David C. Rankin
                Aug 15, 2016 at 7:08
  
Signature verification may be performed by any party (i.e., the signatory, the intended recipient or any other party) using the signatory’s public key. A signatory may wish to verify that the computed signature is correct, perhaps before sending the signed message to the intended recipient. The intended recipient (or any other party) verifies the signature to determine its
  authenticity.
(where the signatory is the signature creator)
                Old great hunter, please expand on how the NIST standard is applicable to the OP's question regarding the behavior of libssl and libcrypto?
– David C. Rankin
                Aug 15, 2016 at 7:01
                OP asked if he needed to verify every signature he created (because he saw this pattern in the OpenSSL documentation). I referred him/her to the standard which OpenSSL must implement which states that you may verify your own signature after creating it.
– Nimrod Morag
                Aug 15, 2016 at 7:22
                What is posted as the question is the example from the openssl man page, e.g. ECDSA_verify.  The NIST standard isn't applicable to the question asked. I didn't downvote, because it looked like you were trying to help. I was just pointing out that the answer and the question -- don't match.
– David C. Rankin
                Aug 15, 2016 at 7:30
        
Thanks for contributing an answer to Stack Overflow!
Please be sure to answer the question. Provide details and share your research!
But avoid …
Asking for help, clarification, or responding to other answers.
Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.