RSA sign/verify and hash generation functions
Murray S. Kucherawy
msk at cloudmark.com
Wed Dec 8 23:40:04 CET 2010
> -----Original Message-----
> From: Nikos Mavrogiannopoulos [mailto:n.mavrogiannopoulos at gmail.com] On Behalf Of Nikos Mavrogiannopoulos
> Sent: Wednesday, December 08, 2010 2:28 PM
> To: Murray S. Kucherawy
> Cc: help-gnutls at gnu.org
> Subject: Re: RSA sign/verify and hash generation functions
>
> On 12/08/2010 12:30 AM, Murray S. Kucherawy wrote:
>
> > assert(gnutls_privkey_sign_hash(rsa_key, &dd, &rsa_out ==
> GNUTLS_E_SUCCESS);
>
> Also check the documentation of the functions you are using :)
I did. By the looks of things, the *_sign_hash() functions look like they sign a hash that's already been computed, which is the case for me, so that's what I used.
> The sign_hash is low-level and isn't intended to be used like that.
> Use gnutls_x509_privkey_sign_data() and
> gnutls_x509_privkey_verify_data().
OK, I'll give those a try.
More information about the Gnutls-help
mailing list