Hello openssl-users, Wednesday, August 9, 2006, 2:02:36 PM, I wrote:
> Do I get it right - I have to try only the two values for "n" - > "RSA_3" and "RSA_F4" ? Definately I'm wrong... I messed "*n" with "*e". >> In your code you generated RSA key and replaced d with your >> data, but p,q and others are from "old" key and because private >> key operation using CRT do not require d then you can have impression >> that this number is recreated when in practice ... is not used. Now I replace both "*n" and "*d" with respective external values - the example CA's public modulus and the example CA's private exponent. Using these I get consistent signatures now - "RSA_sign()" produces the same result between my "utility" runs. Currently I need to clarify what is the "NID_md5_sha1" is for? I get a sort of successful results if I use either of "NID_md5", "NID_sha1", "NID_ripemd160". But if I use "RSA_sign(NID_md5_sha1,...)" it always fails, why? Did I get the concept right - I need to obtain the message hash first and feed it (the hash) to the "RSA_sign()", not the message itself? I'm confused a bit reading the "man RSA_sign" - why "RSA_sign()" needs to know which algorithm was used to produce a hash to be signed? A side note: is it very difficult to reconstruct the whole RSA object if I know "*n", "*e" and "*d" elements? The "*n" and "*d" are 1024 bits long. I noticed that if I use "RSA_3" in the "RSA_generate_key()" - the "RSA_sign()" always fails with the substituted "*n" and "*d", while with "*e" == "RSA_F4" it seems to "work". May I conclude that the example CA's public key uses 65537 as it's public exponent? -- Best regards, Tony mailto:[EMAIL PROTECTED]
gen-mc.c-v0.91.tgz
Description: application/compressed
