[ Please post plain text, not HTML ] > On Aug 28, 2018, at 7:08 AM, Linta Maria <lintamaria...@gmail.com> wrote: > > I have used below code, but it’s not working. Please help me to get the > correct API. > > /* > * NB: assumes verify_key, sig, siglen md and mdlen are already set up > * and that verify_key is an RSA public key > */
In what form is the message digest? Is it the raw digest octets, or some hex or base64 encoding? In what form is the signature? > ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */); > if (!ctx) > /* Error occurred */ > > if (EVP_PKEY_verify_init(ctx) <= 0) > /* Error */ > > if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) > /* Error */ > > if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) > /* Error */ Since you're verifying a hash, do not configure a message digest. > /* Perform operation */ > > ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen); This is the right function for verifying public key signatures over some input. For more help, post the *public* key used, the signature and the input digest. You can find similar code in the source code of the rsautl and pkeyutl commands. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users