Never mind. I figured it out. As a reference to others, here is more detail. It turns out that OpenSSL sets the salt length = key_modulus_bytesize - hash_bytesize - 2 but Bouncy Castle sets it to be 32 by default. Either setting salt length with a fixed number in OpenSSL or dynamically computing the length and setting it in BC worked.
-- View this message in context: http://openssl.6102.n7.nabble.com/How-to-verify-signature-created-by-OpenSSL-with-RSASSA-PSS-with-Java-tp48808p48826.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
