Re: [Openvpn-devel] [PATCH 0/9] A built-in OpenSSL3.0 provider for external-keys

Selva Nair Thu, 23 Sep 2021 15:58:54 -0700

Hi,


> from the management interface. But I haven't found the right Signature
>> method from java yet to actually sign it correctly:
>>
>> sig = Signature.getInstance(SHA256withRSA/PSS);
>>
>
SHA256withRSA/PSS may be trying to first do Sha256 digest of the data and
then pad and sign. Instead try this: "NonewithRSASSA-PSS" or
"NonewithRSA/PSS"


> sig.setParameter(new PSSParameterSpec("SHA-256", "MGF1",
>> MGF1ParameterSpec.SHA256, 32, 1));
>> sig.initSign(privkey);
>> sig.update(data);
>> signed_bytes = sig.sign();
>
>
>>
You would still need SHA-256 in the PSSParameterSpec.

Selva

_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel

Re: [Openvpn-devel] [PATCH 0/9] A built-in OpenSSL3.0 provider for external-keys

Reply via email to