On Thu, May 13, 2004, Eleanor Nagai wrote: > Hi! > > 1. Is it possible to tell whether a signature is PKCS1v15 or PSS > encoded?
Yes. > 2. Is it possible to verify a signature encoded as RSASSA-PSS in > openssl? > No, or at least not directly. Though you probably want more detail than that :-) You can check if the signature uses PSS by looking at any associated parameters, for example any ASN1 OIDs in a certificate or related structure. You can also decrypt the signature using the -raw option of rsautl and manually check it is of the correct format. It is also possible to make the appropriate verification checks using the raw RSA format but these have to be done manually because OpenSSL currently doesn't support them natively. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
