Hi All, I am using openssl-0.9.9za and I came to know EVP_PKEY_CTX is available from 1.0.0. Please let me know which API i can use in FIPS context instead of RSA_public_decrypt().
Thanks, Gayathri On Tue, Oct 28, 2014 at 10:45 AM, Gayathri Manoj <gayathri.an...@gmail.com> wrote: > Hi All, > > Thank you all for your detailed update. Now I understood my mistake. I > haven't copied the original message in dBuffer while calling > EVP_VerifyUpdate(). Actually my aim is to make my system FIPs complaint. > RSA_public_decrypt() is not FIPS complaint. hence I tried to replace this > with EVP_Verify*(). Please let me know EVP_PKEY_public_decrypt() to make my > system FIPs complaint. > > Thanks, > Gayathri > > On Tue, Oct 28, 2014 at 12:54 AM, Tom Francis <thomas.francis...@pobox.com > > wrote: > >> >> > On Oct 27, 2014, at 4:33 AM, Gayathri Manoj <gayathri.an...@gmail.com> >> wrote: >> > >> > Hi All, >> > >> > How can I replace RSA_public_decrypt() with EVP_Verify*(). >> > >> > I wanted to replace the below api with EVP_verify*() >> > >> > RSA_public_decrypt(Len, SgnData, dBuffer, rsa_pub_key, >> RSA_PKCS1_PADDING); >> > >> >> You’d need to share more of the code around the call to >> RSA_public_decrypt(). RSA_public_decrypt() only does some of the work done >> by EVP_Verify*. EVP_Verify* are intended to: >> >> 1) Hash user data using the hash type passed to EVP_VerifyInit(), SHA1 in >> your example below, using EVP_VerifyUpdate(); >> 2) Decrypt the encrypted data (SgnData in your example below) in >> EVP_VerifyFinal(); and >> 3) Verify the hash type specified in EVP_VerifyInit() matches the one in >> the decrypted data from step 2, and verify the hash value from step 1 >> matches the hash value in the decrypted data from step 2. >> >> Your code below probably fails because you didn’t pass the correct data >> to EVP_Update(), SgnData isn’t in a valid signature format, OR you use the >> wrong keys somewhere. :) >> >> Oh, and the signature algorithm for the certificate is meaningless unless >> you’re trying to verify the certificate’s signature —- and if you want to >> do that, I strongly recommend using X509_verify_cert() for verifying the >> certificate’s signature, if at all possible, and X509_check_issued() if you >> can't. >> >> TOM >> >> > I have tried with >> > >> > EVP_MD_CTX md_ctx; >> > unsigned char *decryptBuffer = NULL; >> > EVP_PKEY *pubKey = NULL; >> > PubKey = X509_get_pubkey(X509cert); >> > decryptBuf = (uchar *) malloc(EVP_MD_size(EVP_sha1())); >> > >> > EVP_VerifyInit(&md_ctx, EVP_sha1()); >> > EVP_VerifyUpdate (&md_ctx, dBuffer, strlen(dBuffer)-1); >> > errorCode = EVP_VerifyFinal(&md_ctx, SgnData, Len, PubKey); >> > >> > Getting errorCode as 0. ERR[bad signature] >> > >> > certificate's Signature Algorithm is SHA256withRSA >> > >> > Please let me know how can I solve this issue. >> > >> > Thanks, >> > Gayathri >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org >> > >
