Dear all,
I am sorry for the bad email formation. Here is another post.
I am programming to achieve the RSA PSS sign for the messages. For the
signature, I think the result is correct by the information in gdb. However,
for the verification, the RSA_public_decrypt() always fails to put the
decrypted signature into the designed buffer, which makes the verification
process fails. I would like to post my code segment and solicit your
suggestions for my code. I really appreciate your help. Thank you so much.
/*Sig function*/
unsigned char* sign(unsigned char *apdu_dig, RSA *pKey)
{
unsigned char sig[128];
unsigned char pad[128];
RSA_padding_add_PKCS1_PSS(pKey, pad, apdu_dig, EVP_sha256(), -2);
RSA_private_encrypt(128, pad, sig, pKey, RSA_NO_PADDING);
retrurn goose_sig;
}
/*Veri function*/
int verification (unsigned char *apdu_data, unsigned char *signature, int
data_len, int sig_len, RSA *pKey)
{
unsigned char decrypted_sig[128];
unsigned char *apdu_dig;
int ret;
apdu_dig = digest(apdu_data, data_len); //This function works fine.
RSA_public_decrypt(128, signature, decrypted_sig, pKey, RSA_NO_PADDING);
ret = RSA_verify_PKCS1_PSS(pKey, apdu_dig, EVP_sha256(), decrypted_sig,
-2);
return ret;
}
FYI, the RSA *pKey is generated by RSA_generate_key(1024, RSA_F4, NULL,
NULL).
Thank you so much.
Best Regards,
Xiang
