On Sat, Nov 22, 2008, Shaun R. wrote: > Can anybody help me out, not sure whats going wrong. My test case right > now is the following > > gcc sign.c -o sign -lcrypto > gcc verify.c -o verify -lcrypto > ./sign > blah.sig > ./verify > >
RSA_sign() and RSA_verify() don't sign arbitrary data they expect the digest of the data being signed/verified. If you want an API that does sign arbitrary data use EVP_Sign*() and EVP_Verify*() instead. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]