jsrsasign - wiki static: Tutorial for interoperability with OpenSSL in ECDSA signing and verification

TOP | DOWNLOADS | TUTORIALS | API REFERENCE | DEMOS

This tutorial shows ECDSA signing and verification interoperability between jsrsasign and OpenSSL. datasign and dataverify are sample Node.js script of Signature class.

EC key generation with OpenSSL

Generate private key and public key for secp256r1 elliptic curve by openssl command.

Generate PKCS#5 PEM private key file for EC secp256r1 curve:

% openssl ecparam -genkey -name secp256r1 -out private.key

Export PKCS#8 PEM public key of private.key

% openssl ec -in private.key -pubout -out public.key

Then private key file "private.key" and public key file "public.key" have been generated. They can be used by OpenSSL and jsrsasign.

Sign with datasign and verify with openssl

Please prepare any data file to be signed. I'll use "aaa.txt" file. Sign "aaa.txt" file with EC private key and a signature file "sig1" will be created:

% datasign aaa.txt private.key sig1 SHA256withECDSA
successfully signed

Then verify it with openssl command and it will be verified successfully:

% openssl dgst -sha256 -verify public.key -signature sig1 aaa.txt
Verified OK

Sign with openssl and verify with jsrsasign

Sign "aaa.txt" by the private key with openssl and a signature file "sig2" will be created:

% openssl dgst -sha256 -sign private.key -out sig2 aaa.txt

Then verify it with dataverify tool of jsrsasign and it will be verified successfully:

% dataverify aaa.txt public.key sig2 SHA256withECDSA
signature is valid

Now you can sign and verify a ECDSA signature both OpenSSL and jsrsasign each other.

EC signature data format for OpenSSL and jsrsasign

A EC signature data format for OpenSSL and jsrsasign is a ASN.1 binary data of two integers R and S of sequence like here:

SEQUENCE {
  INTEGER
    4B 5F CF E8 A7 BD 6A C2 1D 25 0D F8 DE 9C EF DC
    C4 DF 33 F3 AF 2F 3D 5B 83 2C 1F BD 98 C8 61 34
  INTEGER
    7E F9 E9 60 B1 E6 7F 59 9E 2C 38 22 39 B2 C4 B1
    71 3E FA AE 24 A4 B7 D2 03 5A 60 8D F3 34 3D E8
  }

Some other implementation may use other signature data format such as just a concatenation of hexadecimal R and S value. Jsrsasign provides some converter static methods in ECDSA class:

asn1SigToConcatSig - convert from a hexadecimal ASN.1 EC signature to a hexadecimal concatenated EC signature
concatSigToASN1Sig - convert from a hexadecimal concatenated EC signature to a hexadecimal ASN.1 EC signature
parseSigHex - parse a hexadecimal ASN.1 EC signature and returns an associative array of BigInteger such as {r: BigInteger, s: BigInteger}
parseSigHexInHexRS - parse a hexadecimal ASN.1 EC signature and returns an associative array of hexadecimal string such as {r: hex string, s: hex string}