RSASSA-PKCS1-v1_5 in OpenSSL/XML Security Library

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

RSASSA-PKCS1-v1_5 in OpenSSL/XML Security Library

Szabó Áron
Dear Members,

I've read through manuals of OpenSSL and XML Security Library (as it was
recommended by Rich and Dmitry at OpenSSL mailing list), but I haven't found
anything about the supportation of RSASSA-PKCS1-v1_5 algorithm (as it is
required by W3C XML-Signature Syntax and Processing and IETF RFC 3275 as

In OpenSSL (RSA_sign function in rsa.h) RSA_padding_add_PKCS1_type_1 flag is
described as EMSA-PKCS1-v1_5 but PKCS#1 (IETF RFC 2437) describes that
"RSASSA-PKCS1-v1_5 combines the RSASP1 and RSAVP1 primitives with the
EMSA-PKCS1-v1_5 encoding method".

Generating C14N canonicalized data, and SHA-1 digest works well for me, but
my SignatureValue is not correct (using "sha1 -sign" or "rsautl -sign -pkcs"
functions of OpenSSL), therefore I think that some parameter or flag is not
set, when I create signature (maybe I get EMSA-PKCS1-v1_5 signature as
default? I don't know...). Could you tell me exactly what I should put into
the command line to get RSASSA-PKCS1-v1_5 signature?

Thanks in advance!
Best regards,

Aron Szabo, M. Sc.
Research Associate,
Center of Information Technology
Budapest University of Technology and Economics

OpenSSL Project                       
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]