Hi, Your approach is producing a very non-standard "signature" that's unlikely to work with anything else. Here's what you're doing:
- writing a textual representation of a digest to a file - using the contents of that file as input to the RSA PKCS#1 v1.5 signature operation, as if it were a DigestInfo structure - writing the result of that to a file - attempting to verify that using crypto++ as if it were a correctly encoded PSS signature If you want to interoperate with, well, anything that's not rsautl, you'll have to encode the digest before you feed it to the rsa sign operation. The easiest way to do that in your situation is probably to use the dgst utility from openssl. Here's a simple program that verifies file signatures using crypto++. Signature algorithm is hardcoded to PKCS#1 v1.5 RSA with SHA-256: http://pastebin.com/0Ba7Xcve Here's a small script that uses openssl to generate a key, sign a file, verify the file, dump some info about the signature, then verifies it with the above program: http://pastebin.com/tji0JPBZ HTH, Geoff On Wed, Nov 14, 2012 at 1:42 AM, Wizard Of Oz <[email protected]>wrote: > Hi, > > I'm trying to verify a digital signature which I created (and verified) > using OpenSSL (on a different host). The digital signature verifies > correctly via OpenSSL, but I can't, for the life of me, get it to verify it > in Crypto++. On OpenSSL, I did the following: > > openssl dgst -sha1 -out <digest> <input_file> > openssl rsautl -sign -in <digest> -out <signature> -inkey <key> > openssl rsautl -verify -in <signature> -out <digest> -inkey <key> -pubin > > The digest file looks something like this: > > SHA1(license.txt)= 1b9dff5c528f4c17136ff2da1bce5f47b62b54b1 > > I also have a signature file which is 128 bytes big. I transferred this > file via binary mode from the BSD machine (using openssl) to the Windows > machine (crypto++). > > Loading the public key seems to work (it was saved in openssl in "der" > format), but verification always fails. I'd have to admit that I'm unsure > how to go about it though. > > First, I'm reading the binary signature file into a byte array: > > byte sigBuffer[128] = { 0 }; > > using fopen/fread > > I then create a verifier: > > RSASS<PSS, SHA1>::Verifier verifier(keyPub); > > and finally verify the message: > > bool result = verifier.VerifyMessage( (const byte*) > message.c_str(), message.length(), sigBuffer, 128); > > This always returns false. > > Can I just load the signature into a byte array and pass that to the > VerifyMessage() function? > > What do I specify in the message parameter? Do I specify the > > * actual source message which is to be verified? I was assuming so, since > the verifier indicates "SHA1" > * the SHA1 hash "1b9dff5c528f4c17136ff2da1bce5f47b62b54b1" > * the string that OpenSSL generated "SHA1(license.txt)= > 1b9dff5c528f4c17136ff2da1bce5f47b62b54b1" > > I've tried just about every combination without success. Any insight would > be much appreciated! > > Thanks. > > -- > You received this message because you are subscribed to the "Crypto++ > Users" Google Group. > To unsubscribe, send an email to > [email protected]. > More information about Crypto++ and this group is available at > http://www.cryptopp.com. -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
