On 10/5/2011 8:15 AM, brajan wrote:
My steps are
1. raw data eg.balamurugan
2. i am calculating hash for this data using sha256 which is 256 bit for
readable i convert this into (32 to 64 byte) hex string not hex represent.
eg hash string is a123sdf....... which is 64 characters
3. now i am giving this 64 character string into the RSA_sign() function
with 2048
RSA Private key. and input is a123sdf...(64 characters). NID_sha1()
WRONG, If you hashed with SHA256, you need to pass NID_sha256() and
the binary (not hex) SHA256 value. If you have to use NID_sha1(), pass in
the binary output of SHA1 of something, not some raw message of any other
form or contents.
4. the output is 256 character (binary) which i encode into base 64...
Verification:
1. decode the Base64 code
2. calculate hash for raw data using sha256 which result in 64 character
eg.(a123sdf.....
3.Calling RSA-verify() with inputs hash string (a123sdf... 64 character)
,NID_sha1(),RSA public Key,
Same mistake as in your other step 3.
are my steps are right if not in which place i am doing wrong ..?
m data
:a12df146d87db3ce911e61444eed322bbd027a58cfa27ceec3626317ebe62f89
sig->digest->data :?*?H?b9???A6w?(?
Memcompare fail mLen :64 sig->digest->length :20
Assuming 'mLen' is the m_length/m_len passed to RSA_verify,
it appears your digest-to-compare is 64 hex chars (32 bytes)
while the digest specified by the signer is 20 bytes.
It looks like you are computing the wrong hash, maybe SHA256
instead of SHA1, and also representing it wrongly.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
