On 5/11/21 5:54 PM, Dimitry Sibiryakov wrote:
11.05.2021 16:38, Alex Peshkoff via Firebird-devel wrote:
In tomcrypt rsa_sign_hash() signs message digests (hashes)
Because it is supposed to have hash on input (and this fact is
reflected in its name). Tomcrypt is low-level library and its user is
supposed to do whole high-level work.
Firebird is different. It has dedicated function for signing of
messages so user don't have to write RSA_CRYPT(HASH(message)||salt)
everywhere. That's RSA_SIGN(message, hash_function, salt).
Stop-stop. You are mixing crypt and hash in single mix. Suggested crypt
of mesage's hash is meaningless operation. Crypt and sign are similar im
many aspects (have almost same set of parameters), but differ in an aim
of use.
- rsa_crypt - to encrypt symmetric keys (or something else, but also
small enough) using public rsa key. Result can be decrypted only using
private key.
- rsa_sign - to sign hashes of messages (or something else, but also
small enough) using private rsa key. Public key is enough to verify
something with result.
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
