On 03/12/2019 16:59, Angus Robertson - Magenta Systems Ltd wrote:
>>> I create an RSA JWK using EVP_PKEY_get1_RSA and RSA_get0_key,
>>> but this does not work for RSA-PSS.
>>
>> In what way does this not work?
>
> error:0607907F:digital envelope routines: EVP_PKEY_get0_RSA:expecting
> an rsa key
Hmm. That is odd because that function *does* support PSS:
RSA *EVP_PKEY_get0_RSA(const EVP_PKEY *pkey)
{
if (pkey->type != EVP_PKEY_RSA && pkey->type != EVP_PKEY_RSA_PSS) {
EVPerr(EVP_F_EVP_PKEY_GET0_RSA, EVP_R_EXPECTING_AN_RSA_KEY);
return NULL;
}
return pkey->pkey.rsa;
}
What does EVP_PKEY_base_id() return for your pkey? How did you create it?
Matt
>
>> I notice that 3.0 recently had the accessor RSA_get0_pss_params()
>> added. Probably that should also have been backported to 1.1.1.
>
> Others have asked for that here before, so please. But I don't need it
> for JWK.
>
> Angus
>
