There are a few issues here: RSA_Verify does not return a signature. It returns a boolean pass/fail.
If reply is a hash, strlen(reply) is not the length of the hash. The length is 20 for SHA-1.
On 10/9/2013 1:46 PM, aqueelmirza wrote:
I am using OpenSSL in iOS app to sign a message. I use RSA_sign to sign. When I use RSA_verify to verify the signature, result is like this 050 +(f2d7846a5f495a743e470663facf7a2858d052cf Where f2d7846a5f495a743e470663facf7a2858d052cf is the original signature. So I am getting additional 050 +( at the beginning of the signature. Can anyone please tell me the reason of this? This is how I am signing int sign = RSA_sign(NID_sha1,( char *)reply, strlen(reply), signature, &siglen, myRSA ); where reply contains sha1 hashed data to be signed.
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
