Dear All, For a custom application, I use the function RSA_private_encrypt to calculate the signature of a SHA256 hash with padding set to RSA_PKCS1_PADDING.
In effect, it's a non-standard PKCS#1 padding which uses the raw SHA256 hash instead of the DigestInfo. Would like to know if there are any security risks in omitting the AlgorithmIdentifier (both signature creation and verification part will only use SHA256). Will be very helpful if you could point me to a document which deals with this topic. -- Regards, Vijairaj
