I fixed my code as follows:
On Fri 06/Oct/2023 11:04:31 +0200 Alessandro Vesely wrote:
my scarce crypto knowledge notwithstanding, I'm trying to maintain a DKIM
signing function. With the previous openssl version, I added a snippet to sign
using ed25519, more or less like so:
char *digest; // digest already computed from
size_t diglen; // normalized message header
EVP_PKEY *crypto_pkey; // given
size_t crypto_outlen; // expected
unsigned char *crypto_out;
EVP_MD_CTX *md_ctx = EVP_MD_CTX_new();
if (md_ctx == NULL) goto error;
int status;
if (signalg != ED25519SHA256)
status = EVP_DigestSignInit_ex(md_ctx, NULL,
signalg == SHA1? "SHA1": "sha256", NULL, NULL,
crypto_pkey, NULL);
else
status = EVP_DigestSignInit(md_ctx, NULL,
NULL, NULL, crypto->crypto_pkey);
if (status == 1)
status = EVP_DigestSign(md_ctx,
crypto_out, &crypto_outlen,
digest, diglen);
EVP_MD_CTX_free(md_ctx);
if (status != 1) goto error;
Now, that works well with ED25519. With RSA keys, all tests fail, delivering a
signature different than expected. Can that be because I still don't have set
RSA_PKCS1_PADDING? How could that be done?
Best
Ale
