I can't verify an ECC 384 key that I created and signed at

I’m doing a basic sequence of create(pkcs11)+sign(pkcss11) +verify(using openSSL) and verification fails

  1. creation of the key:

pkcs11-tool.exe -l --keypairgen --pin 123456 --key-type EC:secp384r1 --id 1 --label “ECDSA P384 Key”

  1. extracting the public key:

pkcs11-tool.exe --read-object --type pubkey --id 1 -o my_pubKey.der

  1. hashing the data , using openSSL:

openssl dgst -sha384 -binary my_binary_to_sign.bin > my_Hashed_binary_to_sign.bin

  1. signing the data:

pkcs11-tool.exe --id 1 -s -p 123456 -m ECDSA --signature-format openssl -i my_Hashed_binary_to_sign.bin --output-file my_sig.sig

  1. verify using openSSL:

openssl dgst -sha384 -keyform der -verify my_pubKey.der -signature my_sig.sig my_Hashed_binary_to_sign.bin

the last stage produces “Verification Failure”.
very important to say that when I’m replacing “sha384” with “sha1” and “ECDSA” with “ECDSA-SHA1” it works!
I have no idea why.

I will appreciate any help here.

Can you try instead?

openssl dgst -sha384 -keyform der -verify my_pubKey.der -signature my_sig.sig my_binary_to_sign.bin

With ECDSA-SHA1 it works because you hash your content twice - so sha1(sha1(my_binary_to_sign.bin)) is signed.

1 Like

thanks! it worked!

  1. can you explain me the difference between “ECDSA-Sha1” to “ECDSA”?
  2. and why don’t I have an option for “ECDSA-sha384”? I ran “-M” and that is not listed as one of the mechanism options
1 Like

Cryptographic tokens usually support some mechanisms, depends on the implementation. The -M list is true for the device currently attached.

ECDSA is done without hashing first, the token is supposed to get the hash prepared by the user (as you did). It will take at most 1024 bytes of input, maybe less.

ECDSA-SHA1 accepts any length of input and does the hashing inside of the token.

ECDSA-SHA1 looks more convenient but can be pretty slow.

More info: