Hi,
RSA_sign only supports PKCS# 1 v1.5 padding which always gives the same
output for the same input data.
If you want to perfom a digital signature with PSS padding, you have to
pad the data yourself by calling RSA_padding_add_PKCS1_PSS and then call
RSA_private_encrypt on the padded output after setting its last
parameter to RSA_NO_PADDING.
I have written a small sample code that shows how to perform PSS
signature and verification. You can get the code from the following link:
http://www.idrix.fr/Root/Samples/openssl_pss_signature.c
I hope this answers your questions.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Chevalier Dev wrote:
Dear all:
I have just implemented an RSA signature using openssl. What I observe
is that signing the same data (a SHA-256 hash) multiple times with the
same RSA key always yields the same signature. I thought the data to
be signed would be padded with random bits to avoid this. My search on
the topic has hit a wall with PSS padding (implemented in rsa_pss.c
but undocumented). Is there any way I can pad my own data before
passing it to RSA_sign()?
Thanks for helping
-- Chev
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
