ED25519 Opensslv3.1 is not able to validate signature.

[swanandb2]

I am able to generate ED25519 signature using OpenSSL on Windows, however when I am trying to validate signature openssl throws no error and not able to validate signature.
I did verified using https://cyphr.me/ed25519_tool/ed.html online tool, signature are matching however when try to validate with public key it throws following error.
I am suing ED25519 in combination with SHA512. Can you please help us what could be issue?

    $ DoVerify() Error: 0 error:00000000:lib(0)::reason(0) !!

  bool DoVerify(const byte * msg, const int nMsgLen, const byte * pSignMsg, const int nSignLen, const unsigned char* pKey, const int nKeyLen)
  {
    EVP_PKEY* pSignVerifyKey = nullptr;
    Buff2PrivateKey(EVP_PKEY_ED25519, (byte*)pKey, nKeyLen, &pSignVerifyKey);
    EVP_MD_CTX *mdctx = NULL;
    bool bRet = 0;
    size_t nCount = 0;
    uint8_t* pSig_out = NULL;

    if (!(mdctx = EVP_MD_CTX_create())) goto err;

    /* Initialize `key` with a public key */
    if (1 != EVP_DigestVerifyInit(mdctx, NULL, NULL, NULL, pSignVerifyKey)) goto err;

    if (1 != EVP_DigestVerify(mdctx, pSignMsg, nSignLen, msg, nMsgLen)) goto err;
    {
      bRet = 1;
    }

  err:
    if (bRet != 1)
    {
      CLogger::GetInstance().Log(eError, "DoVerify() Error: %d %s !!\n", ERR_get_error(), ERR_error_string(ERR_get_error(), NULL));

      }
      else
      {
        //Openssl API was successful without any issue.
        bRet = 1;
      }     
    }
    if (pSignVerifyKey)
    {
      FreeEvpKey(pSignVerifyKey);
    }
    /* Clean up */
    if (mdctx) EVP_MD_CTX_destroy(mdctx);
    return bRet;
  }

[mattcaswell]

Has Buff2PrivateKey been successful? i.e. is pSignVerifyKey non-NULL?

Can you supply some sample values for msg, nMsgLen, pSignMsg, nSignLen, pKey and nKeyLen which are failing that you expect to pass?

in combination with SHA512

How exactly are you using SHA512? OpenSSL 3.1 only supports the "pure" variant of Ed25519 not the pre-hash variant (the forthcoming 3.2 does support this).

[swanandb2]

Public Key: E9EB6E7C0862BD458D6DFA41FAD7C2FD8DDF81706DFDA3CF4053B32749C20613 (Signature verification, size 32 bytes)
Private: F0B074F4274853B90CD33330400A9E5123506B413E6EDC9FCC2648BE4FE6205C (Signature creation, size 32 bytes)
msg: B3A6311AFA3813AF6F6E2F5AC3851DD65ED3490CC54AF79DF29DBC86B0ABED3F3331A088B4DE1BF70371DE6F514EFE58E71FEF3E0881CEDAC6D9232962A74B5C (Input to Ed25519 Sign generation and verification)
nMsgLen: 64 bytes
Sign: (pSignMsg, Length: 64 bytes)
F5F59D110DBB44BDD37336805F406B5A52D8998435971077AD150B95BFAACDEAB478DE453EE86456E3D84D839243CA6A1BCDE5E72AA91DFFD601D08169AA700F (Calculated signature)

pSignVerifyKey is not null for sure.

I am getting error at
'''
if (1 != EVP_DigestVerify(mdctx, pSignMsg, nSignLen, msg, nMsgLen)) goto err;
'''
Well I am reading file in binary mode then calculate SHA512 using OpenSSL API, which gives me 64 bytes output.
I use this computed HASH as input for signature generation and verification.

[slontis]

PR #21883 shows a working demo. Maybe see if that passes on your machine.

[swanandb2]

Please help me to understand, what steps I need to follow?

Do I need to build and run openssl on my machine? or something else?

[slontis]

yes grab code for openssl... either download from www.openssl.org/source (or use git. e.g. git clone https://github.com/openssl.git

apply the changes in the PR to the code..

Read openssl/INSTALL.md for instructions on how to build..
set the current directory to demos/signature
Try running the makefile using make (nmake on windows) (Edit the Makefile if it requires windoze changes)
To run the exe on linux you need to then do LD_LIBRARY_PATH=../.. ./EVP_ED_signature_demo (Not sure what the equivalent line is on windows, I assume you set the PATH first)