Hello, I've discovered the answer, like I said before, conversion was failing, the messages that java was producing were, apparently, already the correct format. I have two ideticle pieces of code now, one in sun java running under linux and one running on an Android phone.
The sun code produces a message and signature that I can pass through as a filter with the signature appended to the message. The data from the phone fails when done that way, however it does work if I use the verifier.VerifyMessage(...) syntax. Perhaps there is a bug in CryptoPP. Also, the fact that I didn't need any conversion on the keys seems odd. But there it is...maybe CryptoPP is smarter than I thought, or java switched formats (doesn't seem likely), or...? Thank you for your time, --Mike On Apr 13, 10:31 am, Mike <[email protected]> wrote: > Hello, > > I discovered the problem, at least one of them, Java is encoding in > DER, I found another post on this board that discusses that problem, > but I wasn't really sure why they were converting. Anyway, I now have > the message and signature in two different strings, but I can't > actually convert. The java side has remained largely unchanged > (except for splitting the message and signature into two arrays). > > I still can't decode it, and I can't find much in the way of docs on > DSAConvertSignatureFormat, but here's what I'm trying: > > CryptoPP::SecByteBlock abSigP1363( verifier.SignatureLength() ); > CryptoPP::DSAConvertSignatureFormat( > abSigP1363, abSigP1363.size(), CryptoPP::DSA_P1363, > (const byte *)sSig.getStr(), sSig.getSize(), > CryptoPP::DSA_DER > ); > > This fails with a "BER decode error" I've verified the bytestream, and > the signature is the original. > These two lines are based on code from another message on the list > posted by one ronald. > > Thank you very much, > --Mike > > On Apr 13, 9:34 am, Mike <[email protected]> wrote: > > > I've seen several posts on here about working with java and CryptoPP, > > and I still just can't get this to work. I'm assuming at this point > > that there must be something vital that I'm missing in the stream > > somewhere. I've verified that the binary data on both sides are the > > same, I'm not using java strings anywhere. If you have any ideas, > > please help. > > > The java side creates the message thusly: > > > ByteArrayOutputStream b = new ByteArrayOutputStream(); > > DataOutputStream d = new DataOutputStream(b); > > // Much writing to the d omitted, using mainly writeInt > > > // Compute signature > > Signature instance = Signature.getInstance("SHA1withRSA"); > > instance.initSign(mDB.keys().getPrivateKey()); > > instance.update(b.toByteArray()); > > byte[] signature = instance.sign(); > > > // add the signature to the block > > d.write(signature); > > block = new Bytes(b.toByteArray()); > > > Then block is sent to a server which uses CryptoPP to verify it. I > > assumed that the signature should simply be appended to the message > > since that's what happens in the CryptoPP examples, there could be > > something missing there. > > > On the C++ side I do this: > > CryptoPP::StringSource sSrc( sPubKey ); > > CryptoPP::RSA::PublicKey pk; > > pk.Load( sSrc ); > > CryptoPP::RSASSA_PKCS1v15_SHA_Verifier verifier( pk ); > > > CryptoPP::StringSource( sMsgSrc, true, > > new CryptoPP::SignatureVerificationFilter( > > verifier, NULL, > > > > CryptoPP::SignatureVerificationFilter::THROW_EXCEPTION > > ) // SignatureVerificationFilter > > ); // StringSource > > respondYes( dRes, "Correct"); > > > When I use the same keys and only use CryptoPP, and create the final > > sMsgSrc variable by appending the signature directly to the message it > > works fine. I haven't found a lot of good references for the Java > > side, so I have no idea if I'm even on the right track here. > > > Any help at all would be greatly appreciated. Thank you. > > > --Mike -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. To unsubscribe, reply using "remove me" as the subject.
