Hello Stephen, Friday, August 11, 2006, 4:47:33 PM, you wrote: > That padding is not standard and just includes the "raw" digest. It seems that actually the padded hash starts with 00 01 FF .. the leading zero byte was omited during the print-out.
> Yes you are correct you can't use RSA_sign() for that. Neither, it seems, I can't use the "EVP_Sign*" family as well. > You should get that padding by feeding the digest into > RSA_private_encrypt() with the RSA_PKCS1_PADDING type. Yes, it works now - I get exactly the same signature as in the example MiniCert. Now I can go on re-creating the rest of the original "gen_mc"'s functionality. Thank you all very much for the help! Thanks to the folks who made OpenSSL package! -- Best regards, Tony mailto:[EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
