Understood. Thanks! Yes, it would be nice if 1_0_2-stable and 1_1 branches returned an error on an attempt to sign or verify with RSA_NO_PADDING.
Regards, Uri Sent from my iPhone > On Apr 30, 2017, at 15:19, Dr. Stephen Henson <st...@openssl.org> wrote: > >> On Sun, Apr 30, 2017, Blumenthal, Uri - 0553 - MITLL wrote: >> >> >> Semi-related question. Is RSA_NO_PADDING allowed for EVP signature? When I >> tried that (without using DigestSign of course), signing succeeded but >> verification always failed. Was that expected? Are there some special >> settings one needs to apply besides just setting the padding type? >> > > With RSA_NO_PADDING it isn't possible to determine the length of the decrypted > data during verify. We should really return an error code if an atttempt is > made to use it for sign/verify. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
smime.p7s
Description: S/MIME cryptographic signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users