[Botan-devel] SHA512/RSA

Jack Lloyd lloyd at randombit.net
Fri Nov 28 10:07:58 EST 2008


On Fri, Nov 28, 2008 at 11:20:10AM +0100, Rickard Bondesson wrote:

> But the signature produced by SHA512/RSA is not the same as the one from OpenSSL.
> 
> Where could the problem be?

The problem was in fact that the EMSA3 hash id for SHA-512 was incorrect! :(

Thank you for the report.

#
# old_revision [1f9ae9cc3a749f2814e52b717904e9566a5b1916]
#
# patch "src/pk_pad/hash_id/hash_id.cpp"
#  from [2308b1690b408dce2448e781b75fb1c31360dab6]
#    to [a98b4c01d53d1a7dc68af37ccdf44e3ee7a36918]
#
============================================================
--- src/pk_pad/hash_id/hash_id.cpp      2308b1690b408dce2448e781b75fb1c31360dab6
+++ src/pk_pad/hash_id/hash_id.cpp      a98b4c01d53d1a7dc68af37ccdf44e3ee7a36918
@@ -39,7 +39,7 @@ const byte SHA_512_ID[] = {
 0x65, 0x03, 0x04, 0x02, 0x02, 0x05, 0x00, 0x04, 0x30 };
 
 const byte SHA_512_ID[] = {
-0x30, 0x31, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
+0x30, 0x51, 0x30, 0x0D, 0x06, 0x09, 0x60, 0x86, 0x48, 0x01,
 0x65, 0x03, 0x04, 0x02, 0x03, 0x05, 0x00, 0x04, 0x40 };
 
 const byte TIGER_ID[] = {



More information about the botan-devel mailing list