[Botan-devel] SHA512/RSA

Jack Lloyd lloyd at randombit.net
Fri Nov 28 08:35:27 EST 2008


On Fri, Nov 28, 2008 at 11:20:10AM +0100, Rickard Bondesson wrote:
> Are there any known issues with SHA512/RSA signing?
> 
> My code is looking similar to this:
> 
> *****
>   EMSA *hashFunc = NULL_PTR;
>   hashFunc = new EMSA3(new SHA_512);
>   session->pkSigner = new PK_Signer(*signKey, &*hashFunc);
>   session->pkSigner->update(pPart, ulPartLen);
>   session->pkSigner->update(pPart2, ulPartLen2);
>   SecureVector<byte> signResult = session->pkSigner->signature(*softHSM->rng);
> *****

OK, this looks fine.

> The signature produced by PK_Signer is the same as the one produced by OpenSSL when used together with one of these functions:
> 
>   hashFunc = new EMSA3(new MD5);
>   hashFunc = new EMSA3(new RIPEMD_160);
>   hashFunc = new EMSA3(new SHA_160);
>   hashFunc = new EMSA3(new SHA_256);
>   hashFunc = new EMSA3(new SHA_384);
> 
> But the signature produced by SHA512/RSA is not the same as the one from OpenSSL.
> 
> Where could the problem be?

I'm not sure, but thank you for the report! I will investigate
this. For reference, which versions of OpenSSL and Botan are you
using?

-Jack



More information about the botan-devel mailing list