The key comes in PEM Format (PHP generates PEM KEY: ie -----BEGIN RSA PRIVATE KEY------KEY------END RSA PRIVATE KEY-----).
I stripped the begin.end objects, decrypt the base 64 which puts the key in ASCII Binary Format (HexDecoded) is this what I need to be putting into the integer object, or one that is encoded by hex? Jeffrey Walton-3 wrote: > > > > On Feb 8, 9:15 pm, "Robert F." <[email protected]> wrote: >> Have an update, maybe a little easier of a problem to answer now. >> >> The PHP code was not set to the PKCS mode, I have fixed that, I have also >> updated my crypto++ code a little more, and am now getting a new and >> more, >> questionable error. >> >> VerifierFilter: digital signature not valid >> >> here is my code: >> >> bool xxz568::caVerify(std::string message, std::string signature) { >> >> const char * CA_PUBLIC_KEY = >> "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/YP/EBPTQUjsav6Uinz1GZgudRFm6yCzTNM4C6IxMPfOLU4yRzTRKXhJREsc+IcFr09J121Qbe6RttZT8DgEDFf8xRjjWQWndEDkoA5mfF7W3rMhY8erGai2StbS1gONLAnd8xHuHioHoWIrsHwhm8oDw1TQ8rwd7xu/wteOfowIDAQAB"; >> >> std::string dec, fin; >> Base64Decode(CA_PUBLIC_KEY, dec); >> HexEncode(dec, fin); > Why is the Base64 key being Hex encoded? You might try dunping the > keys after this operation. See > http://www.cryptopp.com/wiki/Keys_and_Formats. > >> >> Integer rsaPub(fin.c_str()), rsaexp("65537"); >> >> InvertibleRSAFunction certAuth; >> certAuth.SetModulus(rsaPub); >> certAuth.SetPublicExponent(rsaexp); >> >> RSA::PublicKey publicKey(certAuth); >> std::string holder; >> >> try { >> RSASSA_PKCS1v15_SHA_Verifier verifier(publicKey); >> verifier.AccessKey().Initialize(rsaPub, rsaexp); >> >> HexDecode(signature, holder); >> >> StringSource(holder, true, >> new SignatureVerificationFilter( >> verifier, NULL, >> SignatureVerificationFilter::THROW_EXCEPTION >> ) // SignatureVerificationFilter >> ); // StringSource >> } >> catch(CryptoPP::Exception e) { >> cout << e.GetWhat() << endl; >> cout << e.GetErrorType() << endl; >> return false; >> } >> >> return true; >> >> } >> >> here is the updated php code and outputted hex result: >> >> include("../php/Crypt/RSA.php"); >> >> $rsa = new Crypt_RSA(); >> //extract($rsa->createKey(512)); >> >> $plaintext = "terrafrost"; >> $rsa->loadKey(CA_private()); >> >> $rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1); >> $signature = $rsa->sign($plaintext); >> >> echo "S: ".$signature."<p>"; >> echo "H: ".bin2hex($signature)."<p>"; >> >> $rsa->loadKey(CA_public()); >> echo $rsa->verify($plaintext, $signature) ? 'verified<p>' : >> 'unverified<p>'; >> >> and gives me this: >> >> 34fecdcf4b989f26341856d658cfedf5cb1bb7743834c587b064818b1fcd8de538e58a734c6e895ed44d967c3767fa65033c30992d4770c273895de38e375b27033c36b903b358a827d77424845704ec7fa33775b5d1f24704a8f9646e2f4a9668a10e18c71539c7c0450dc8bf4f82ead4c67879e0e4739e819a11091afac2ee >> -- > > -- > You received this message because you are subscribed to the "Crypto++ > Users" Google Group. > To unsubscribe, send an email to > [email protected]. > More information about Crypto++ and this group is available at > http://www.cryptopp.com. > > -- View this message in context: http://old.nabble.com/Signature-Verification-Issue%2C-PHP-or-C%2B%2B--tp30852734p30886862.html Sent from the Crypto++ Users mailing list archive at Nabble.com. -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
