On 12.06.2013 14:57, Dr. Stephen Henson wrote: > On Fri, Jun 07, 2013, Michael Wild wrote: > >> Thanks for all the answers. Now I feel really stupid about forgetting >> the implicit 0... >> >> Stephen: How do I prevent my program from hashing the data? >> EVP_md_null()? After all, hashing a hash is pretty pointless for my case... >> > > It depends on how you want to sign it. The data your program used is the > hexdump of a digest and not the digest itself. You'd first need to convert > that hex into the digest value and then use that digest for the signature. > > How you use that digest depends on the format you want to use. It's normal > follow the PKCS#1 standard which packages the digest into a DigestInfo > structure and uses RSA to sign the result. There are several ways to do that. > The easiest is to use the EVP_PKEY API to set the digest algorithm and sign > the result. You can use the corresponding utility pkeyutl to do the same. > > Steve.
Thanks for the clarification. In that case it's probably easier for me to do the double-hashing. It's by no means performance critical or in any other way important. Michael ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
