[openssl-users] RSA Digital Signing
Viktor Dukhovni
openssl-users at dukhovni.org
Sun Jan 27 18:22:27 UTC 2019
> On Jan 27, 2019, at 12:43 PM, prithiraj das <prithiraj.das at gmail.com> wrote:
>
> Using OpenSSL, I need to implement digital signing. My approach as of now is:
> 1) At the sender side, generate the hash of the data using sha256.
> 2) Encrypt the hash of the data using RSA Private key for the purpose of signing. Send this encrypted hash and the data from Step 1 to the receiverr side.
> 3) At the receiver's end, Decrypt the signed data(encrypted hash) using the corresponding RSA Public key.
> 4) Generate hash of the data and verify the decrypted content against this hash to verify the signature
>
> I was thinking of using RSA_private_encrypt() method to do the signing and RSA_public_decrypt() method to decrypt the signed hash using the corresponding RSA public key. Would the above be a bad approach especially when it comes to using the methods mentioned ? Please recommend the methods to be used that would be better for the purpose of digital signing and verification using sha256 and RSA keys
Do not invent your own RSA-based signature scheme. Use a standard
RSA signature primitive. Either RSA-PSS, or PKCS#1 v1.5
https://en.wikipedia.org/wiki/PKCS_1#Schemes
Typically, you would use CMS, which handles all the details internally.
https://www.openssl.org/docs/man1.1.0/apps/cms.html
--
Viktor.
More information about the openssl-users
mailing list