Wan-Teh Chang wrote:
Actually just checking the padding is sufficient, PK11_VerifyRecover only strips the PKCS #1 padding, so if you've signed the raw hashes (not recommended BTW), or encoded the hashes in your own non-ASN.1 DigestInfo structure, then you can still use PK11_VerifyRecover().On 10/23/07, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:Well, contrary to my expectations, I have now got the code working with PK11_PubEncryptRaw - so again a big thank you.Glad to hear that. If after you decrypt the data with the RSA public key, you check for PKCS #1 padding and decode an ASN.1 DigestInfo structure to get the hash (message digest), then you can replace all this code with PK11_Verify or PK11_VerifyRecover.
bob
Wan-Teh _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
