On Tuesday, June 30, 2020 at 1:28:41 PM UTC-4, Phil Atkin wrote: > > I currently use the following command to sign a short message: > > openssl pkeyutl -sign -in message -inkey privateKey.pem -out > signedMessage > > I am trying to use CryptoPP to verify and recover this message (using the > public key). Note that this openssl command does not generate or use a > digest; it signs the original message. This may be undesirable but I need > my implementation to work with messages that have already been signed in > this way. > > If I use > RSA::PrivateKey privateKey; > privateKey.Load(FileSource("privateKey", true, NULL, true > /*binary*/).Ref()); > RSASS<PSSR, SHA1>::Signer signer(privateKey); > > ... then I can sign a message but the output is different for every run. > The openssl command above always gives the same output, and I need CryptoPP > to reproduce this. I think this is to do with the hash function (digest) > that CryptoPP is including (as per convention) and that I can't work out > how to exclude. > > Similarly, if I try to use a RSASS<PSSR, SHA1>::Verifier to do a > RecoverMessage on the output of openssl (which is my ultimate goal), the > verification fails. > > Is there a way to define a Verifier that does not expect to find a hash > value? >
https://crypto.stackexchange.com/questions/6515/are-rsa-signatures-deterministic OpenSSL is using PKCS#1, which is deterministic. PKCS#1 is the old way of doing things. Also see https://blog.cryptographyengineering.com/2012/06/21/bad-couple-of-years-for-cryptographic/ and https://www.openssl.org/docs/man1.0.2/man1/pkeyutl.html. In Crypto++ you are using a randomized signature scheme via PSS in PSSR. PSS is "probabilistic signature scheme" and the "R" indicates recovery. PSSR is the new way of doing things. Randomized signature schemes always produce a different signature on the same message because the padding is randomized. Or if it does not, then there's something wrong with the implementation. Also see https://www.cryptopp.com/wiki/RSA_Signature_Schemes Jeff -- You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/6ca8e0d9-3ed0-4b64-9a0e-f3c7fefd8f1fo%40googlegroups.com.