Hi! To do the Terminal Authentication for Extended Access Control version 2 we are using the EVP_PKEY interface, which works fine. You can use the EVP_PKEY_CTX to set the padding. See EAC_verify and EAC_sign in http://openpace.git.sourceforge.net/git/gitweb.cgi?p=openpace/openpace;a=blob;f=src/eac.c We are using OpenSSL 1.0.2, but you could check if it is implemented in 1.0.1, too.
On Thursday, October 04 at 10:12AM, Christian Weber wrote: > > Dear OpenSSl developers, > > somewhere we've read about document signature with > RSASSA-PSS has been implemented, maybe in the 1.0.2 > trunk. > > Currently, in 1.0.1 signatures can be created and verified > using PSS padding, if the checks are carried out manually. > > I.e. > RSA_public_decrypt(... , RSA_NO_PADDING); > ... > RSA_verify_PKCS1_PSS_mgf1(...); > > reveals the correct result, but the algorithm oid is wrong > if we use PKCS7_sign() and the PSS-parameters are missing. > Looking into the code, this is very clear. > > Are PSS-signatures supported more completely in the dev trunk > so it's worth to try, or shold we wait or contribute? > > Thanks in Advance > -- > Christian Weber > mailto:[email protected] > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [email protected] > -- Frank Morgner Virtual Smart Card Architecture http://vsmartcard.sourceforge.net OpenPACE http://openpace.sourceforge.net IFD Handler for libnfc Devices http://sourceforge.net/projects/ifdnfc
pgpLb2NWe25JM.pgp
Description: PGP signature
