xxxxxxxxxx
/* sign a document using RSA-PSS with SHA256 and maximal salt length
*/
try
/* read Alice private key */
rsaKeyPEM = Read("alice_private_key.pem")
rsaKey = rsa_import_pem(rsaKeyPEM)
/* hash file content */
ctx = SHA256Init()
cFileContent = Read ("document.txt")
SHA256Update(ctx, cFileContent)
digest = SHA256Final(ctx)
/* perform PSS signing */
cSignature = rsa_signhash_pss(rsaKey,digest)
/* store the signature */
Write("document.txt.sig", cSignature)
catch
See "Unexpected error occured: " + cCatchError + nl
done
xxxxxxxxxx
rsa_sign_pss(pRsaKey,cData,nHashAlgorithm[,nSaltLength]) ---> return a string containing RSA PSS signature
nHashAlgorithm indicates the hash algorithm to use for hashing and PSS padding.
nSaltLength indicates the length of PSS salt to use. If ommited, then maximum salt length is used.
nSaltLength can have the special values -1 and -2: -1 indicates that salt length is equal to hash size
and -2 indicates that maximum salt length is used.
Possible values for nHashAlgorithm argument are:
- $OSSL_HASH_MD5 which is equal to 0
- $OSSL_HASH_SHA1 which is equal to 1
- $OSSL_HASH_SHA256 which is equal to 2
- $OSSL_HASH_SHA384 which is equal to 3
- $OSSL_HASH_SHA512 which is equal to 4
xxxxxxxxxx
/* sign a document using RSA-PSS with SHA256 and maximal salt length
*/
try
/* read Alice private key */
rsaKeyPEM = Read("alice_private_key.pem")
rsaKey = rsa_import_pem(rsaKeyPEM)
/* read file content */
cFileContent = Read ("document.txt")
/* perform PSS signing */
cSignature = rsa_sign_pss(rsaKey,cFileContent,$OSSL_HASH_SHA256)
/* store the signature */
Write("document.txt.sig", cSignature)
catch
See "Unexpected error occured: " + cCatchError + nl
done
xxxxxxxxxx
rsa_signhash_pss(pRsaKey,cHashValue[,nSaltLength]) ---> return a string containing RSA PSS signature
nSaltLength indicates the length of PSS salt to use. If ommited, then maximum salt length is used.
nSaltLength can have the special values -1 and -2: -1 indicates that salt length is equal to hash size
and -2 indicates that maximum salt length is used.
xxxxxxxxxx
rsa_verifyhash_pss(pRsaKey,cHashValue,cSignature[,nSaltLength]) ---> returns 1 if signature is valid and 0 otherwise
nSaltLength indicates the length of PSS salt to use. If ommited, then maximum salt length is used.
nSaltLength can have the special values -1 and -2: -1 indicates that salt length is equal to hash size
and -2 indicates that maximum salt length is used.
xxxxxxxxxx
/* verify a document signature using RSA-PSS with SHA256 and maximal salt length
*/
try
/* read Alice public key */
rsaPublicKeyPEM = Read("alice_public_key.pem")
rsaPublicKey = rsa_import_pem(rsaPublicKeyPEM)
/* hash file content */
ctx = SHA256Init()
cFileContent = Read ("document.txt")
SHA256Update(ctx, cFileContent)
digest = SHA256Final(ctx)
/* read file signature */
cSignature = Read ("document.txt.sig")
/* perform PSS verification */
if rsa_verifyhash_pss(rsaPublicKey,digest,cSignature)
See "file signature is valid" + nl
else
See "file signature is INVALID" + nl
ok
catch
See "Unexpected error occured: " + cCatchError + nl
done