[Help-gnutls] Re: Signature Verify functions
Juan Pablo Ugarte
juanpablougarte at gmail.com
Wed Apr 2 21:53:52 CEST 2008
Hi, thanks for reply
[...]
>
> Assuming you don't want the overheads of X.509 or OpenPGP, you should
right
> look into libgcrypt which is the low-level crypto library. It supports
> signing and verification of RSA signatures. If you have a bignum math
> library available, writing a simple (and insecure) RSA verifier
> shouldn't be that tricky. It may be easier than trying to understand
> the libgcrypt code and extract the necessary functions (which will
> include the MPI code which is messy).
After reading a bit more, i do not really need a signature verify
function, i just need a RSA decrypt function since the text i want to
sign/encrypt will be short (it will probably be just a name)
So there is no point in hashing the text and then encrypting the hash :)
Would not that be the insecure part you mention before?
btw, i am looking into xyssl library, seem like i can grab rsa.c and
bignum.c and save the public modulus and exponent as a string.
Hope that would be enough to decrypt.
hehe
thanks
Juan Pablo
More information about the Gnutls-help
mailing list