xxxxxxxxxx
rsa_verify_pss(pRsaKey,cData,cSignature,nHashAlgorithm[,nSaltLength]) ---> returns 1 if signature is valid and 0 otherwise
nHashAlgorithm indicates the hash algorithm to use for hashing and PSS padding.
nSaltLength indicates the length of PSS salt to use. If ommited, then maximum salt length is used.
nSaltLength can have the special values -1 and -2: -1 indicates that salt length is equal to hash size
and -2 indicates that maximum salt length is used.
Possible values for nHashAlgorithm argument are:
- $OSSL_HASH_MD5 which is equal to 0
- $OSSL_HASH_SHA1 which is equal to 1
- $OSSL_HASH_SHA256 which is equal to 2
- $OSSL_HASH_SHA384 which is equal to 3
- $OSSL_HASH_SHA512 which is equal to 4
xxxxxxxxxx
rsa_verify_pkcs(pRsaKey,cData,cSignature) ---> returns 1 if signature is valid and 0 otherwise
xxxxxxxxxx
/* verify a document signature using RSA-PKCS with SHA256
* digest OID is added manually
*/
try
/* read Alice public key */
rsaPublicKeyPEM = Read("alice_public_key.pem")
rsaPublicKey = rsa_import_pem(rsaPublicKeyPEM)
/* read file content */
cFileContent = Read ("document.txt")
/* hash content */
digest = SHA256(cFileContent)
/* digest OID of SHA256 */
digestOID = hex2str("3031300d060960864801650304020105000420")
/* read file signature */
cSignature = Read ("document.txt.pkcs1.sig")
/* perform PKCS verification */
dataToVerify = digestOID + digest
if rsa_verify_pkcs(rsaPublicKey,dataToVerify,cSignature)
See "file signature is valid" + nl
else
See "file signature is INVALID" + nl
ok
catch
See "Unexpected error occured: " + cCatchError + nl
done
xxxxxxxxxx
/* verify a document signature using RSA-PSS with SHA256 and maximal salt length
*/
try
/* read Alice public key */
rsaPublicKeyPEM = Read("alice_public_key.pem")
rsaPublicKey = rsa_import_pem(rsaPublicKeyPEM)
/* read file content */
cFileContent = Read ("document.txt")
/* read file signature */
cSignature = Read ("document.txt.sig")
/* perform PSS verification */
if rsa_verify_pss(rsaPublicKey,cFileContent,cSignature,$OSSL_HASH_SHA256)
See "file signature is valid" + nl
else
See "file signature is INVALID" + nl
ok
/* store the signature */
Write("document.txt.sig", cSignature)
catch
See "Unexpected error occured: " + cCatchError + nl
done
xxxxxxxxxx
rsa_verifyhash_pss(pRsaKey,cHashValue,cSignature[,nSaltLength]) ---> returns 1 if signature is valid and 0 otherwise
nSaltLength indicates the length of PSS salt to use. If ommited, then maximum salt length is used.
nSaltLength can have the special values -1 and -2: -1 indicates that salt length is equal to hash size
and -2 indicates that maximum salt length is used.
xxxxxxxxxx
/* verify a document signature using RSA-PSS with SHA256 and maximal salt length
*/
try
/* read Alice public key */
rsaPublicKeyPEM = Read("alice_public_key.pem")
rsaPublicKey = rsa_import_pem(rsaPublicKeyPEM)
/* hash file content */
ctx = SHA256Init()
cFileContent = Read ("document.txt")
SHA256Update(ctx, cFileContent)
digest = SHA256Final(ctx)
/* read file signature */
cSignature = Read ("document.txt.sig")
/* perform PSS verification */
if rsa_verifyhash_pss(rsaPublicKey,digest,cSignature)
See "file signature is valid" + nl
else
See "file signature is INVALID" + nl
ok
catch
See "Unexpected error occured: " + cCatchError + nl
done