Couple updates...
Command Line:
> OpenSSL generate DSA public and private keys using the command line
> interface (PEM Files)
> OpenSSL command line interface convert to DER format for Java
>
> Code:
> Load them into Java using PCKS#8 Reader Classes
> -Sign a Message (Use Java String.getbytes("UTF8")) Read about problems
> verify due to string encoding problems.
> -Base64 Encode the Signature
> -Transmit it over a Socket with Message Concatenated at end
> -Receive it over a Socket in C with OpenSSL Lob
>
Base64 Decode it into unsigned char Array
> -Load Public Key from PEM files into OpenSSL use BIO Object
> -Call OpenSSL Verify and returns Invalid Signature.
>
Testing:
-Java Signature Validate fine within Java
- OpenSSL generated signature validates fine within OpenSSL.
They do not validate with each other though.
> Couple Questions:
> 1. Does anyone see any problems in this process (format conversations
> etc.)?
> 2. I notice the Java Signature is ASN.1 object with r & s value, except
> they r value is 0x15 = 21 bytes ... The OpenSSL signature I have analyzed
> have 0x30 <len> 0x20 0x40, then start with R&S Values 20 byte each....
> What are the 0x20 and 0x40 tags of the ASN.1 notation from OpenSSL? Do I
> have to convert any of these since they are slightly 2 different signature
> types? I've reach on CodeProject about Cryptographic Interoperability and
> IEEE P1363, but both Java and OpenSSL are using DER encoded ASN.1
> encoding.
> 3. Is there any method to get any debug / error information from an invalid
> signature verify function? It would be great if I had a idea of where to
> begin?
>
4. Is Endianess of the signature a possible problem? Both are win PC
(x64) but cygwin gdb is probably (x86)
Thanks for any suggestions! I'm pretty stumped at the minute.
>
> Regards,
> --
> Kevin
>
