xxxxxxxxxx
rsa_verifyhash_pss(pRsaKey,cHashValue,cSignature[,nSaltLength]) ---> returns 1 if signature is valid and 0 otherwise
nSaltLength indicates the length of PSS salt to use. If ommited, then maximum salt length is used.
nSaltLength can have the special values -1 and -2: -1 indicates that salt length is equal to hash size
and -2 indicates that maximum salt length is used.
xxxxxxxxxx
rsa_verifyhash_pkcs(pRsaKey,cHashValue,cSignature) ---> returns 1 if signature is valid and 0 otherwise
xxxxxxxxxx
/* verify a document signature using RSA-PKCS with SHA256
*/
try
/* read Alice public key */
rsaPublicKeyPEM = Read("alice_public_key.pem")
rsaPublicKey = rsa_import_pem(rsaPublicKeyPEM)
/* read file content */
cFileContent = Read ("document.txt")
/* hash content */
digest = SHA256(cFileContent)
/* read file signature */
cSignature = Read ("document.txt.pkcs1.sig")
/* perform PKCS verification */
if rsa_verifyhash_pkcs(rsaPublicKey,digest,cSignature)
See "file signature is valid" + nl
else
See "file signature is INVALID" + nl
ok
catch
See "Unexpected error occured: " + cCatchError + nl
done
xxxxxxxxxx
rsa_signhash_pss(pRsaKey,cHashValue[,nSaltLength]) ---> return a string containing RSA PSS signature
nSaltLength indicates the length of PSS salt to use. If ommited, then maximum salt length is used.
nSaltLength can have the special values -1 and -2: -1 indicates that salt length is equal to hash size
and -2 indicates that maximum salt length is used.
xxxxxxxxxx
/* sign a document using RSA-PSS with SHA256 and maximal salt length
*/
try
/* read Alice private key */
rsaKeyPEM = Read("alice_private_key.pem")
rsaKey = rsa_import_pem(rsaKeyPEM)
/* hash file content */
ctx = SHA256Init()
cFileContent = Read ("document.txt")
SHA256Update(ctx, cFileContent)
digest = SHA256Final(ctx)
/* perform PSS signing */
cSignature = rsa_signhash_pss(rsaKey,digest)
/* store the signature */
Write("document.txt.sig", cSignature)
catch
See "Unexpected error occured: " + cCatchError + nl
done
xxxxxxxxxx
rsa_verify_pss(pRsaKey,cData,cSignature,nHashAlgorithm[,nSaltLength]) ---> returns 1 if signature is valid and 0 otherwise
nHashAlgorithm indicates the hash algorithm to use for hashing and PSS padding.
nSaltLength indicates the length of PSS salt to use. If ommited, then maximum salt length is used.
nSaltLength can have the special values -1 and -2: -1 indicates that salt length is equal to hash size
and -2 indicates that maximum salt length is used.
Possible values for nHashAlgorithm argument are:
- $OSSL_HASH_MD5 which is equal to 0
- $OSSL_HASH_SHA1 which is equal to 1
- $OSSL_HASH_SHA256 which is equal to 2
- $OSSL_HASH_SHA384 which is equal to 3
- $OSSL_HASH_SHA512 which is equal to 4
xxxxxxxxxx
/* verify a document signature using RSA-PSS with SHA256 and maximal salt length
*/
try
/* read Alice public key */
rsaPublicKeyPEM = Read("alice_public_key.pem")
rsaPublicKey = rsa_import_pem(rsaPublicKeyPEM)
/* read file content */
cFileContent = Read ("document.txt")
/* read file signature */
cSignature = Read ("document.txt.sig")
/* perform PSS verification */
if rsa_verify_pss(rsaPublicKey,cFileContent,cSignature,$OSSL_HASH_SHA256)
See "file signature is valid" + nl
else
See "file signature is INVALID" + nl
ok
/* store the signature */
Write("document.txt.sig", cSignature)
catch
See "Unexpected error occured: " + cCatchError + nl
done
xxxxxxxxxx
/* verify a document signature using RSA-PSS with SHA256 and maximal salt length
*/
try
/* read Alice public key */
rsaPublicKeyPEM = Read("alice_public_key.pem")
rsaPublicKey = rsa_import_pem(rsaPublicKeyPEM)
/* hash file content */
ctx = SHA256Init()
cFileContent = Read ("document.txt")
SHA256Update(ctx, cFileContent)
digest = SHA256Final(ctx)
/* read file signature */
cSignature = Read ("document.txt.sig")
/* perform PSS verification */
if rsa_verifyhash_pss(rsaPublicKey,digest,cSignature)
See "file signature is valid" + nl
else
See "file signature is INVALID" + nl
ok
catch
See "Unexpected error occured: " + cCatchError + nl
done