On Thu, Mar 14, 2013, Leon Brits wrote: > Just a view more questions: > > In my existing code, I used the EVP_SignInit/Update/Final calls. I did not > set the padding so the default (RSASSA_PKCS1.5) was always used. So now, to > set the padding, I've added the code as mentioned after the EVP_SignInit() > and before the first EVP_SignUpdate(). > > This all worked, until I've commented out the EVP_PKEY_CTX_set_rsa_padding() > call from the verification function (as a test). This should cause the > default padding to be used and should fail to verify signatures with the PSS > padding scheme (right?). Well is succeeds. > > 1. Comments? 2. Can I mix the EVP_SignInit/Update/Final() and > EVP_DigestSignInit/Update/Final() calls? > > Info: I've noticed that one should not free the key context (EVP_PKEY_CTX) > returned from EVP_DigestSignInit() since it is deleted in the digest context > (EVP_MD_CTX). This sould be noted somewhere. >
No you can't mix the two. You should use EVP_Digest* throughout. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
