Mimi, Dmitry, On Wed, Feb 06, 2019 at 04:06:53PM +0300, Vitaly Chikunov wrote: > Convert sign_v2 and related to using EVP_PKEY API instead of RSA API. > This enables more signatures to work out of the box. > > Remove RSA_ASN1_templates[] as it does not needed anymore. OpenSSL sign > is doing proper PKCS1 padding automatically (tested to be compatible > with previous version, except for MD4). This also fixes bug with MD4 > which produced wrong signature because of absence of the appropriate > RSA_ASN1_template. > > Signed-off-by: Vitaly Chikunov <vt@xxxxxxxxxxxx> > --- > Changes since v1: > - More key neutral code in calc_keyid_v1(). > - Fix uninitialized sigsize for EVP_PKEY_sign(). > - Fix memory leaks for openssl types. > > src/evmctl.c | 29 +++--- > src/imaevm.h | 4 +- > src/libimaevm.c | 277 +++++++++++++++++++++++++++----------------------------- > 3 files changed, 152 insertions(+), 158 deletions(-) This probably should be rebased and resent after you make decision on "[PATCH v2] ima-evm-utils: simplify digest alias handling". Also, this is ping.