Hi Unfleshed One,
> Signed char -126 is 130 when converted to unsigned char (256 - x).
> So assuming original byte was 0x82 that's perfectly fine.
Introp can be frustrating for at times. Crypto++ is usually our first
language. We see tricks like this, and we are suspect. It's something
else we have to question because we are not as familiar with languages
such as Java, Bouncy Castle, mcrypt, C#, etc.
Can you pick another language/libray such as C# (another area I am
familiar) or OpenSSL (another area Geoff is familiar)? Just
kidding....
> > Ronald, I never used DSA, so I can't tell if you use it correctly,
DSA uses a random parameter (k). So you will probably have a difficult
time producing the exact output in each library. Below, your signature
on m is the pair (r,s)
1) select random k
2) compute r = (a^k mod p) mod q
3) compute k^-1 mod q
4) compute s = k^-1{ h(m) +ar } mod q
I recall seeing some source code posted for Java/Crpyto++ Interop on
the mailing list by Donald Bergstrom. It is a 3DES sample, but het
works out all the wrinkles (String versus Byte[], etc). See
http://groups.google.com/group/cryptopp-users/browse_thread/thread/914408ffbc6957cf
Here's other topics of ineterst:
1) Test the Java encoders - see
http://groups.google.com/group/cryptopp-users/browse_thread/thread/c7e11cd422d0f088
2) Java String versus Byte[] - see
http://groups.google.com/group/cryptopp-users/browse_thread/thread/8bf6c7f95196d685
3) Verify your use of Java's Str::getBytes() - see
http://groups.google.com/group/cryptopp-users/browse_thread/thread/12c367f7789d6cc6
Jeff
On 3/14/08, UnFleshed One <[EMAIL PROTECTED]> wrote:
> Geoff Beier wrote:
> const byte KEY[] = {
48, -126, 1, -72, 48, -126, 1, 44, 6, 7, 42, -122,
> 72, -50,
> This jumps out at me immediately; I suspect you've not exported your
key
> properly.
A byte is an unsigned type. -126, -72, etc. don't make sense.
> Signed char -126 is 130 when converted to unsigned char (256 - x). So
> assuming original byte was 0x82 that's perfectly fine.
>
> Ronald, I never used DSA, so I can't tell if you use it correctly, but one
> thing you can try is create a signature using Crypto++, encode it into b64
> same way you get it from java, and then verify it using your code. That way
> you can eliminate at least one of possible errors (it is obvious thing, but
> just in case you didn't think about it yet :)).
>
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [EMAIL PROTECTED]
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
-~----------~----~----~----~------~----~------~--~---
