Yeah i looked at the code myself and couldn't figure out from this comment
about saltlen and therefore the post to see if someone has used it before.
I'll check with different values.
Thanks for your effort and inputs Gerry !
kb
From: [EMAIL PROTECTED]
Reply-To: openssl-dev@openssl.org
To: <openssl-dev@openssl.org>
Subject: RE: How to verify signature data with RSA PKCS1
Date: Fri, 28 Jul 2006 12:53:54 -0400
KB,
The code isn't documented very well, it has something to do with the
salt length. The following is from RSA_verify_PKCS1_PSS() (in
rsa_pss.c):
/*
* Negative sLen has special meanings:
* -1 sLen == hLen
* -2 salt length is autorecovered from signature
* -N reserved
*/
I suggest either trying the values (or even 0), or looking further at
the code, to see what it does.
Gerry
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of k b
Sent: Friday, July 28, 2006 12:38 PM
To: openssl-dev@openssl.org
Subject: RE: How to verify signature data with RSA PKCS1
thanks for your reponse Gerry !
the two method you suggested were helpful
RSA *EVP_PKEY_get1_RSA(EVP_PKEY *pkey) (see evp.h)
and d2i_X509_fp(fp,x509) to read DER directly from the file into an X509
struct.
but i still need to know how would i verify the signature which is
SHA1 hash of data encrypted with RSA with PKCS1 padding.
I know there is this method
int RSA_verify_PKCS1_PSS(RSA *rsa, const unsigned char *mHash,
const EVP_MD *Hash, const unsigned char *EM, int
sLen)
but don't know what should sLen be set to.
thanks
kb
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager [EMAIL PROTECTED]
