Hi Stephen,
I am extracting raw digest by using then below command.
/* decrypt the content using the RSA pub key */
elen = RSA_public_decrypt(sLen, sData, ebuf, rsaKey, RSA_PKCS1_PADDING);
/* comuptes SHA1 hash*/
SHA1_Init(&ctx);
SHA1_Update(&ctx, dataBlk, dataLen);
SHA1_Final(hash, &ctx);
/* compare the signed data from phone and locally generated one */
if (memcmp(hash, ebuf, elen) == 0)
authenticated = true;
>From the baove answer i cam eto know Its not possible to make FIPs
compliance in openssl-0.9.8za without modifying the signature schema which
is sent by some other entity ( In this case sData). and in the above
example , no other way we can check the authentication. Please update me
if the above sentence is wrong.
Thanks,
Gayathri
On Wed, Nov 12, 2014 at 10:03 PM, Dr. Stephen Henson <st...@openssl.org>
wrote:
> On Wed, Nov 12, 2014, Gayathri Manoj wrote:
>
> > Hi Steve,
> >
> > Conclusion of previous thread : For making FIPS compliance we have to
> > replace RSA_public_decrypt() with EVP_verify*() APIs. It requires hash
> of
> > the the entire message and not the hash of the 'signed message'.
> >
> > Currently I am getting only hash of the signed message from my phone and
> i
> > can't make any changes here.
> > then how can i verify this message in FIPs mode pother than
> > RSa_public_decrypt().
> >
>
> It isn't completely clear how you're verifying the digest using
> RSA_public_decrypt. I suspect you're using it to extrat a raw digest and
> then
> comparing the result to verify. If so then the signature scheme is not FIPS
> compliant and there's nothing you can do to make it compliant without
> modifying the signature format which you say you can't do.
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
