My steps are 1. raw data eg.balamurugan 2. i am calculating hash for this data using sha256 which is 256 bit for readable i convert this into (32 to 64 byte) hex string not hex represent. eg hash string is a123sdf....... which is 64 characters
3. now i am giving this 64 character string into the RSA_sign() function with 2048 RSA Private key. and input is a123sdf...(64 characters). NID_sha1() 4. the output is 256 character (binary) which i encode into base 64... Verification: 1. decode the Base64 code 2. calculate hash for raw data using sha256 which result in 64 character eg.(a123sdf..... 3.Calling RSA-verify() with inputs hash string (a123sdf... 64 character) ,NID_sha1(),RSA public Key, are my steps are right if not in which place i am doing wrong ..? > m data > :a12df146d87db3ce911e61444eed322bbd027a58cfa27ceec3626317ebe62f89 > sig->digest->data :?*?H?b9???A6w?(? > Memcompare fail mLen :64 sig->digest->length :20 > Assuming 'mLen' is the m_length/m_len passed to RSA_verify, it appears your digest-to-compare is 64 hex chars (32 bytes) while the digest specified by the signer is 20 bytes. It looks like you are computing the wrong hash, maybe SHA256 instead of SHA1, and also representing it wrongly. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org -- View this message in context: http://old.nabble.com/Java-signature-verification-fail-in-openssl-tp32589928p32594391.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org