On Wed, Feb 14, 2007 at 02:59:23PM +0530, Kaushalye Kapuruge wrote: > Nils Larsch wrote: > >Kaushalye Kapuruge wrote: > >>Hi List, > >>I need to sign a text using RSA-SHA1. ( > >>http://www.w3.org/2000/09/xmldsig#rsa-sha1 > >><http://www.w3.org/2000/09/xmldsig#rsa-sha1> as per XML-Signature > >>specification http://www.w3.org/TR/xmldsig-core/) > >> > >>I found a set of EVP_ functions to do this. > >>i.e. > >>EVP_SignInit (&md_ctx, EVP_sha1()); > >>EVP_SignUpdate (&md_ctx, data, strlen(data)); > >>siglen = sizeof(sigbuf); > >>err = EVP_SignFinal (&md_ctx, > >> sigbuf, > >> &siglen, > >> pkey); > >>In the above I have specified to use "SHA-1" as the digest method. > >>But I'm wondering where I have to specify "to sign using RSA". Does > >>these functions automatically decide the algorithm (e.g. DSA-SHA1, > >>RSA-SHA1) by inspecting the EVP_PKEY* ? > >>Please advice. > > > >if you use the cvs head (alias 0.9.9-dev) you can use EVP_sha*() > >together with a RSA, DSA or a EC key to create a RSA etc. > >signature. In OpenSSL <= 0.9.8 you need to use EVP_dss1() > >or EVP_sha1() for RSA (the EVP_<digest name>() functions always > >assume a RSA key). > Hmm.. strange. > If functions always assume RSA key, how am I going to implement DSA-SHA1?
EVP_dss1() -> DSA-SHA1 EVP_sha1() -> RSA-SHA1 EVP_<digest name>() -> RSA-<digest name> Christian ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
