[openssl-users] RSA Digital Signing
prithiraj.das at gmail.com
Sun Jan 27 17:43:14 UTC 2019
Using OpenSSL, I need to implement digital signing. My approach as of now
1) At the sender side, generate the hash of the data using sha256.
2) Encrypt the hash of the data using RSA Private key for the purpose of
signing. Send this encrypted hash and the data from Step 1 to the receiverr
3) At the receiver's end, Decrypt the signed data(encrypted hash) using
the corresponding RSA Public key.
4) Generate hash of the data and verify the decrypted content against this
hash to verify the signature
I was thinking of using RSA_private_encrypt() method to do the signing and
RSA_public_decrypt() method to decrypt the signed hash using the
corresponding RSA public key. Would the above be a bad approach especially
when it comes to using the methods mentioned ? Please recommend the methods
to be used that would be better for the purpose of digital signing and
verification using sha256 and RSA keys
Thanks and Regards,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users