Hi! Some weeks ago I tried some things with Openssl in C. I found evp to be very handy, and so I can cypher, decypher, sign, verify,.. I can work with complete messages, or I can work with streams. I realized the way to everything, except to blind signing.
The way I'm trying is (on the same machine, in the same main() method): -turn rsa_blinding_on //I guess this for avoiding timing attacks, and also for blind signing. Isn't it so? -cypher the message (RSA, key created with rsa_generate_key()) -sign the message (ripe160, for example) -decypher message -decypher signature -verify decyphered signature with decyphered message--> FAIL where am I wrong? pd: thanks for the great openssl. Documentation could be better, but... I must admit I also prefer doing things much more that writing documents :P
