RSA sign/verify and hash generation functions

Nikos Mavrogiannopoulos nmav at
Thu Dec 9 09:22:33 CET 2010

On 12/08/2010 11:40 PM, Murray S. Kucherawy wrote:
>> -----Original Message----- From: Nikos Mavrogiannopoulos
>> [mailto:n.mavrogiannopoulos at] On Behalf Of Nikos
>> Mavrogiannopoulos Sent: Wednesday, December 08, 2010 2:28 PM To:
>> Murray S. Kucherawy Cc: help-gnutls at Subject: Re: RSA
>> sign/verify and hash generation functions
>> On 12/08/2010 12:30 AM, Murray S. Kucherawy wrote:
>>> assert(gnutls_privkey_sign_hash(rsa_key, &dd, &rsa_out ==
>> Also check the documentation of the functions you are using :)
> I did.  By the looks of things, the *_sign_hash() functions look like
> they sign a hash that's already been computed, which is the case for
> me, so that's what I used.

The current sign_hash function is not what you want. They are tricky to
use to generate correct signatures (for DSA they work ok, but for RSA
require one more step to generate a PKCS #1 compliant signature - i.e.
BER encode the hash as DigestInfo). I'll add a safer to use API for
2.12.x and deprecate those functions.

The _sign_data() functions work as expected.


More information about the Gnutls-help mailing list