lloyd at randombit.net
Fri Nov 28 08:35:27 EST 2008
On Fri, Nov 28, 2008 at 11:20:10AM +0100, Rickard Bondesson wrote:
> Are there any known issues with SHA512/RSA signing?
> My code is looking similar to this:
> EMSA *hashFunc = NULL_PTR;
> hashFunc = new EMSA3(new SHA_512);
> session->pkSigner = new PK_Signer(*signKey, &*hashFunc);
> session->pkSigner->update(pPart, ulPartLen);
> session->pkSigner->update(pPart2, ulPartLen2);
> SecureVector<byte> signResult = session->pkSigner->signature(*softHSM->rng);
OK, this looks fine.
> The signature produced by PK_Signer is the same as the one produced by OpenSSL when used together with one of these functions:
> hashFunc = new EMSA3(new MD5);
> hashFunc = new EMSA3(new RIPEMD_160);
> hashFunc = new EMSA3(new SHA_160);
> hashFunc = new EMSA3(new SHA_256);
> hashFunc = new EMSA3(new SHA_384);
> But the signature produced by SHA512/RSA is not the same as the one from OpenSSL.
> Where could the problem be?
I'm not sure, but thank you for the report! I will investigate
this. For reference, which versions of OpenSSL and Botan are you
More information about the botan-devel