Re: RSASSA-PSS Signature Question

Thu, 19 Mar 2009 08:10:29 -0700 

Thank you for the response and link.
What I am trying to do is use the command line (linux / unix / os x), rather than the c/c++ libraries. It is not clear (to me) how the C library calls translate to command line equivalents, but I'll spend some time trying to figure it out. If anyone knows how to do RSASSA-PSS signature generation and verification from the command line with openssl, your advice would be appreciated. 
Thanks again,
joe
On Mar 19, 2009, at 7:27 AM, Ger Hobbelt wrote:
On Wed, Mar 18, 2009 at 10:51 PM, Joe Percival <j...@bigtreestech.com> wrote:
How can I create and verify a RSASSA-PSS signature using openssl command 
line?
I have searched for any documentation and/or tutorial on the subject and 
have come up empty handed.
I need to be able to set the hash function and Mask Generation Function to 
digest functions available under openssl dgst.
The file for which I need to generate (and verify) the signature is a text 
file.
I have openssl version 0.9.8e installed but could upgrade if necessary. Thanks in advance, and my apologies if the answer is obvious, I'm quite new 
to this subject and this application.
joe


As nobody responded with anything better, here's what I have.
Currently, I don't think the commandline tools support this yet.
OTOH, you can have a look at this (twas posted @ 4/1/2009): copy&paste: 

/*
   Example code how to use PSS padding wih RSA signing.

   Written by Mounir IDRASSI

   ---

   RSA_sign only supports PKCS# 1 v1.5 padding which
   always gives the same output for the same input data.

   If you want to perfom a digital signature with PSS
   padding (i.e. padding with random data), you have to
   pad the data yourself by calling
   RSA_padding_add_PKCS1_PSS and then call
   RSA_private_encrypt on the padded output after
   setting its last parameter to RSA_NO_PADDING.

   I have written a small sample code that shows how to
   perform PSS signature and verification. You can get
   the code from the following link:

   http://www.idrix.fr/Root/Samples/openssl_pss_signature.c

   I hope this answers your questions.

   Cheers,

   --
        Mounir IDRASSI
        IDRIX
        http://www.idrix.fr
*/


---
If the code is not available any longer, give a holler; I've got a
copy archived.




--
Met vriendelijke groeten / Best regards,

Ger Hobbelt

--------------------------------------------------
web:    http://www.hobbelt.com/
        http://www.hebbut.net/
mail:   g...@hobbelt.com
mobile: +31-6-11 120 978
--------------------------------------------------
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to