How do I feed OpenSSL random data for use in ECDSA signing?

Question

I want to feed OpenSSL specific data for use as random seed during the signing of data with an EC key. I\'m doing this to compare my application with another reference one (

Answer 1

I can't find the docs for RAND_clear, so can't comment why it's not resulting in reproducible random numbers.

But even if you get that done, what you want may not be possible. ECDSA signature generation requires choosing a random integer in a particular range. Two different implementations of the algorithm might have completely different ideas about how to generate such an integer from their entropy source. AFAIK the means of transforming bits of entropy into the required number is not part of the ECDSA algorithm.

So for example (very bad examples of course), one implementation might do this:

int random_number = rand() % n;

and another might do this:

int random_number = (rand() * n) / RAND_MAX;

So even if you give them the same seed data, you might still get different signatures from different implementations. All you can do is validate whether you have generated a valid signature.