> But another weird behaviour surfaced when I was testing it on Linux.
> Following the prior RSA decrypt I added a more complex transformation:
>
> CBC_Mode<AES>::Decryption aes(key.data(), key.size(), iv.data());
> RSASS<PKCS1v15, SHA256>::Verifier verifier(publicKey);
> auto snf = new SignatureVerificationFilter(verifier, new StringSink(
> plaintext),
> SignatureVerificationFilter::PUT_MESSAGE | SignatureVerificationFilter
> ::SIGNATURE_AT_BEGIN);
>
> StringSource source1(ciphertext, true, new StreamTransformationFilter(aes,
> new StringSink(decrypted_data)));
> StringSource source2(decrypted_data, true, new Gunzip(new StringSink(
> uncompressed_data)));
> StringSource source3(uncompressed_data, true, snf);
> assert(snf->GetLastResult());
>
> The above code runs and passes on both Windows and Linux, and I've
> verified that the final plaintext is correct (which you would hope is the
> case when the signature verifies). But keeping the preamble and replacing
> the sources with this:
>
> StringSource source(ciphertext, true, new StreamTransformationFilter(aes,
> new Gunzip(snf)));
> assert(snf->GetLastResult());
>
> This runs and passes on Windows, but on Linux while it runs and appears to
> generate the correct plaintext (I only verified the first hundred bytes, as
> the test data was fairly large), the assertion fails. Isn't this how
> you're supposed to chain filters? Why does it work on Windows but not
> Linux?
>
I'm guessing the third pipeline is not quite correct:
StringSource source3(uncompressed_data, true, snf);
I'm guessing you need to either pump (1) uncompressed_data+hash; or (2)
hash+uncompressed_data. This is typically how one uses a
SignatureVerificationFilter:
http://www.cryptopp.com/wiki/SignatureVerificationFilter .
Also, be careful of the way those primitives are combined in a public key
system. There's a lot to it, but see this question on the Crypto.SE:
https://crypto.stackexchange.com/questions/5458/should-we-sign-then-encrypt-or-encrypt-then-sign.
Also see this paper:
http://world.std.com/~dtd/sign_encrypt/sign_encrypt7.html.
Jeff
--
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
