BiGNoRm6969: > Never heard about binary specification of the RSA* private key. > Can you give > more more information about that please.
Okay, think about this logically. You want to take the SHA256 hash of an RSA private key and get the same result every time. But the SHA256 hash function takes in arbitrary binary data. So you need to feed it the same arbitrary binary data every time to gt the same hash result. Are you with me so far? That means that you need some kind of specification for converting an RSA private key (which is just a notional thing, it's some numbers) into a binary representation. And you need one and only one true way, because while "3", "3.0" and "03" are the same number, if fed as binary input to a SHA256 hash, you will get a different result. So your algorithm cannot possibly work unless it specifies one and only one precise way to convert an RSA key (a notional thing, some numbers) into binary data suitable for SHA256 hashing. The fact that you didn't even realize that this had to be done proves that you are not even remotely competent to devise a security protocol. If you can't even understand the logical conceptual requirements, the odds of you getting the security right are near zero. I'm sorry to be so blunt, but for your own safety and those of anyone who might use any code you might have an influence on, please don't do what you're doing. Using an established and tested algorithm for its intended purpose. Or, employ someone who is qualified to write security software. If this is anything other than a toy for your own amusement, you're heading towards creating another worthless security product that provides no actual security. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
