Re: Signature Verification Issue, PHP or C++?

[Robert F.]

Have an update, maybe a little easier of a problem to answer now.

The PHP code was not set to the PKCS mode, I have fixed that, I have also
updated my crypto++ code a little more, and am now getting a new and more,
questionable error.

VerifierFilter: digital signature not valid

here is my code:

bool xxz568::caVerify(std::string message, std::string signature) {

   const char * CA_PUBLIC_KEY =
"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/YP/EBPTQUjsav6Uinz1GZgudRFm6yCzTNM4C6IxMPfOLU4yRzTRKXhJREsc+IcFr09J121Qbe6RttZT8DgEDFf8xRjjWQWndEDkoA5mfF7W3rMhY8erGai2StbS1gONLAnd8xHuHioHoWIrsHwhm8oDw1TQ8rwd7xu/wteOfowIDAQAB";

   std::string dec, fin;
   Base64Decode(CA_PUBLIC_KEY, dec);
   HexEncode(dec, fin);

   Integer rsaPub(fin.c_str()), rsaexp("65537");
    
   InvertibleRSAFunction certAuth;
   certAuth.SetModulus(rsaPub);
   certAuth.SetPublicExponent(rsaexp);

   RSA::PublicKey publicKey(certAuth);
   std::string holder;

   try {
      RSASSA_PKCS1v15_SHA_Verifier verifier(publicKey);
          verifier.AccessKey().Initialize(rsaPub, rsaexp);

      HexDecode(signature, holder);

      StringSource(holder, true,
          new SignatureVerificationFilter(
              verifier, NULL,
              SignatureVerificationFilter::THROW_EXCEPTION
         ) // SignatureVerificationFilter
      ); // StringSource
   }
   catch(CryptoPP::Exception e) {
          cout << e.GetWhat() << endl;
          cout << e.GetErrorType() << endl;
      return false;
   }

   return true;
}

here is the updated php code and outputted hex result:

include("../php/Crypt/RSA.php");

$rsa = new Crypt_RSA();
//extract($rsa->createKey(512));

$plaintext = "terrafrost";
$rsa->loadKey(CA_private());

$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
$signature = $rsa->sign($plaintext);

echo "S: ".$signature."<p>";
echo "H: ".bin2hex($signature)."<p>";

$rsa->loadKey(CA_public());
echo $rsa->verify($plaintext, $signature) ? 'verified<p>' : 'unverified<p>';

and gives me this:

34fecdcf4b989f26341856d658cfedf5cb1bb7743834c587b064818b1fcd8de538e58a734c6e895ed44d967c3767fa65033c30992d4770c273895de38e375b27033c36b903b358a827d77424845704ec7fa33775b5d1f24704a8f9646e2f4a9668a10e18c71539c7c0450dc8bf4f82ead4c67879e0e4739e819a11091afac2ee
-- 
View this message in context: 
http://old.nabble.com/Signature-Verification-Issue%2C-PHP-or-C%2B%2B--tp30852734p30879245.html
Sent from the Crypto++ Users mailing list archive at Nabble.com.

-- 
You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to cryptopp-users-unsubscr...@googlegroups.com.
More information about Crypto++ and this group is available at 
http://www.cryptopp.com.