Hi,
Just to confirm what Ger Hobbelt said in his previous answer: the
openssl command line doesn't support RSASSA-PSS signature generation.
Maybe it will be added in a future release.
In the mean time, you have to use the library to perform this.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Joe Percival wrote:
Thank you for the response and link.
What I am trying to do is use the command line (linux / unix / os x),
rather than the c/c++ libraries. It is not clear (to me) how the C
library calls translate to command line equivalents, but I'll spend
some time trying to figure it out.
If anyone knows how to do RSASSA-PSS signature generation and
verification from the command line with openssl, your advice would be
appreciated.
Thanks again,
joe
On Mar 19, 2009, at 7:27 AM, Ger Hobbelt wrote:
On Wed, Mar 18, 2009 at 10:51 PM, Joe Percival <j...@bigtreestech.com>
wrote:
How can I create and verify a RSASSA-PSS signature using openssl
command
line?
I have searched for any documentation and/or tutorial on the subject
and
have come up empty handed.
I need to be able to set the hash function and Mask Generation
Function to
digest functions available under openssl dgst.
The file for which I need to generate (and verify) the signature is
a text
file.
I have openssl version 0.9.8e installed but could upgrade if necessary.
Thanks in advance, and my apologies if the answer is obvious, I'm
quite new
to this subject and this application.
joe
As nobody responded with anything better, here's what I have.
Currently, I don't think the commandline tools support this yet.
OTOH, you can have a look at this (twas posted @ 4/1/2009): copy&paste:
/*
Example code how to use PSS padding wih RSA signing.
Written by Mounir IDRASSI
---
RSA_sign only supports PKCS# 1 v1.5 padding which
always gives the same output for the same input data.
If you want to perfom a digital signature with PSS
padding (i.e. padding with random data), you have to
pad the data yourself by calling
RSA_padding_add_PKCS1_PSS and then call
RSA_private_encrypt on the padded output after
setting its last parameter to RSA_NO_PADDING.
I have written a small sample code that shows how to
perform PSS signature and verification. You can get
the code from the following link:
http://www.idrix.fr/Root/Samples/openssl_pss_signature.c
I hope this answers your questions.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
*/
---
If the code is not available any longer, give a holler; I've got a
copy archived.
--
Met vriendelijke groeten / Best regards,
Ger Hobbelt
--------------------------------------------------
web: http://www.hobbelt.com/
http://www.hebbut.net/
mail: g...@hobbelt.com
mobile: +31-6-11 120 978
--------------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
