Re: [openssl-users] RSA sign using SHA256 with mgf1 padding
On Mon, Aug 29, 2016, Moshe Wiener (mowiener) wrote: > Hello, > I'm running an application which runs an authentication session with a > server. The server provides some random data, and my application needs to > sign it with its private key, and send back the signature. The server which > knows the public key verifies the signature, and it good then the client > which runs my application is authenticated. > This session used to run OK, until the server was changed so instead of using > PKCS#1_v1.5 now it uses PKCS#1_v2.1 > Now, the server uses signature algorithm of SHA256 WITH RSA AN DMGF1. > In my application I use OpenSSL. > I think that I need to use 'RSA_padding_add_PKCS1_OAEP_mgf1' but couldn't > figure out what to put in each of its arguments. > Is there somewhere a sample code which implements RSA signature with mgf1 > padding and a SHA256 hash? While you can call the low level RSA padding functions directly that is not recommended. You should instead use the EVP functions to sign the data with the padding mode switched to PSS. In outline: Call EVP_DigestSignInit(), set digest, and key and get the EVP_PKEY_CTX associated with the operation. Use the EVP_PKEY_CTX to change the padding mode to PSS. You do this with: EVP_CTX_set_rsa_padding(ctx, RSA_PKCS1_PSS_PADDING). (optional)use the EVP_PKEY_CTX to change other parameters such as the salt length. Call EVP_DigestSignUpdate() with the data to be hashed. Obtain the signature with EVP_DigestSignFinal(). If that isn't clear I can come up with some sample code. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] RSA sign using SHA256 with mgf1 padding
And if you want to run it on OpenSSL-1.1, see the attached. ☺ -- Regards, Uri Blumenthal On 9/1/16, 6:18 , "openssl-users on behalf of mowiener"wrote: Many thanks Mounir, this is what I was looking for. \ openssl_pss_signature.c Description: Binary data smime.p7s Description: S/MIME cryptographic signature -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] RSA sign using SHA256 with mgf1 padding
Many thanks Mounir, this is what I swa looking for. -- View this message in context: http://openssl.6102.n7.nabble.com/RSA-sign-using-SHA256-with-mgf1-padding-tp68101p68152.html Sent from the OpenSSL - User mailing list archive at Nabble.com. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] RSA sign using SHA256 with mgf1 padding
Hi, I have written a sample few years ago that performs PSS signature using SHA256 like what you need. You can get it from https://www.idrix.fr/Root/Samples/openssl_pss_signature.c It uses the maximum salt length. You should check that the server expects this as well. Cheers, -- Mounir IDRASSI Le 29/08/2016 à 10:59, Moshe Wiener (mowiener) a écrit : > > Hello, > > I’m running an application which runs an authentication session with a > server. The server provides some random data, and my application needs > to sign it with its private key, and send back the signature. The > server which knows the public key verifies the signature, and it good > then the client which runs my application is authenticated. > > This session used to run OK, until the server was changed so instead > of using PKCS#1_v1.5 now it uses PKCS#1_v2.1 > > Now, the server uses signature algorithm of SHA256 WITH RSA AN DMGF1. > > In my application I use OpenSSL. > > I think that I need to use ‘RSA_padding_add_PKCS1_OAEP_mgf1’ but > couldn’t figure out what to put in each of its arguments. > > Is there somewhere a sample code which implements RSA signature with > mgf1 padding and a SHA256 hash? > > Many thanks, > > Moshe > > > > > > > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] RSA sign using SHA256 with mgf1 padding
Hello, I'm running an application which runs an authentication session with a server. The server provides some random data, and my application needs to sign it with its private key, and send back the signature. The server which knows the public key verifies the signature, and it good then the client which runs my application is authenticated. This session used to run OK, until the server was changed so instead of using PKCS#1_v1.5 now it uses PKCS#1_v2.1 Now, the server uses signature algorithm of SHA256 WITH RSA AN DMGF1. In my application I use OpenSSL. I think that I need to use 'RSA_padding_add_PKCS1_OAEP_mgf1' but couldn't figure out what to put in each of its arguments. Is there somewhere a sample code which implements RSA signature with mgf1 padding and a SHA256 hash? Many thanks, Moshe -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users