Hi
i'm trying to verify a signature which is a SHA1 hash of some data,
encrypted with private key with PKCS1 padding.
I have a certificate in DER format .
I think there are 2 ways to do this
Approach One :
a) read the x509 using PEM_read_X509(fp, NULL, NULL, NULL), but there's
a problem here
this function only read a PEM format of the certificate, but i
have DER.
how do i convert DER to PEM ? or is there a corresponding
method like
PEM_read_X509 that works on DER ?
b) moving forward, let say i have the X509, how do get the RSA object
from it ?
c) lets assume i get RSA object (from the answer u may suggest). with
which decrypt the signature. using RSA_public_decrypt(int flen, const
unsigned char
*from, unsigned char *to, RSA *rsa,int padding); passing in the
right padding type PKCS1.
d) step 'c' would give me the hash which is would then compare with my
SHA1 hash of data.
Approach TWO :
a) read the x509 using PEM_read_X509(fp, NULL, NULL, NULL), but i run
into the
same problem here as described in approach one step 'a', on how
to convert DER to PER.
b) let say step 'a' is all sorted out. And i have a X509 object in hand. I
could just call
int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
const EVP_MD *Hash, const unsigned char *EM, int sLen);
but I have question about some on one of the arguments, what
is the 'sLen' here ? can it be null ?
so sum it all. I'll reiterate the question ...
1) How do i get RSA from an X509 object ?
2) How do i convert DER to PEM or is there a corresponding method to
PEM_read_X509
that work on DER ?
3) RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
const EVP_MD *Hash, const unsigned char *EM, int sLen);
but I have question about some of the arguments, what is the 'sLen'
here ?
I would appreciate any pointer.
KB
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
