On 28 October 2014 05:58, Gayathri Manoj <gayathri.an...@gmail.com> wrote: > Hi All, > > I am using openssl-0.9.9za and I came to know EVP_PKEY_CTX is available > from 1.0.0. > Please let me know which API i can use in FIPS context instead of > RSA_public_decrypt().
Well FIPS puts a different light on your question. From what I can understand from your question you are attempting to verify a signature, and you want that verification to be FIPS compliant, correct? That is only ever going to work if the signature has been generated using a FIPS compliant signature scheme in the first place. If you have some home grown or non-standard signature scheme then you are never going to be compliant without replacing both the signing and the verifying code. The problem with RSA_public_decrypt is that it is a very low level function. It can be used as part of a process to create a standardised signature...or it can be used in a completely non-standard way. Its use is definitely not encouraged. Some questions which might help us to understand your situation better: Do you control both the signing and the verifying? Do you know what signature scheme is in use? E.g. RSASSA-PKCS1-v1.5, or RSASSA-PSS. Can you provide more of your existing source code so that we can see how you are using RSA_public_decrypt? If you want FIPS compliance, and you want to stay on openssl 0.9.8 then EVP_Verify* is the way to go...but only if the signature scheme in place is compliant in the first place (or can be changed to be so). Finally, I would recommend that you move off of 0.9.8. This version will no longer be receiving support (including security updates) after 31st December 2015. See: http://marc.info/?l=openssl-announce&m=141338840924517&w=2 Matt ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
