Geek asks and answers

OpenSSL RSA Signature Verification: Hash and Indentation?

I am trying to write code to verify some RSA signatures. Signatures were made using the OpenSSL command line tool, using the equivalent of this command line:

openssl dgst -sha1 -sign private_key_file.pem < binary_data_file > sig

I am trying to use libtomcryptfor verification:

http://www.libtom.org/

Here is the calling signature of the RSA validation function in libtomcrypt:

int rsa_verify_hash_ex(
    const unsigned char *sig, unsigned long siglen,  // signature to verify
    const unsigned char *hash, unsigned long hashlen,  // hash value to check against sig
    int padding,  // defined constant value, see below
    int hash_idx,  // identifies which hash algorithm, see below
    unsigned long saltlen,  // specify salt length, see below
    int *stat,  // output parameter, returns whether verify succeeded or not
    rsa_key *key);  // RSA public key to use for verify

This function returns 0 if it works without errors, otherwise it returns an error code. If it works without errors, the output parameter statindicates whether the signature is verified.

: , , , RSA . hash_idx , libtomcrypt; -, : hash_idx = find_hash("sha1")

padding saltlen. padding , , . saltlen?

OpenSSL OpenSSL RSA saltlen. openssl dgst (.. man dgst) .

, :

  • ?
  • OpenSSL dgst - , : (stdin)=

( , (stdin)= , StackOverflow: RSA-SHA256 OpenSSL Java ?)

  • libtomcrypt , pkcs_1_pss_decode(), " PSS-". , , ?

, .

EDIT: , @Jonathan Ben-Avraham, . , :

  • 0 , .
  • , OpenSSL , (stdin)=
  • rsa_verify_hash_ex(), padding LTC_LTC_PKCS_1_V1_5.
+5
2

:

SHA1 :

openssl dgst -sha1 -binary -out hash1 some_data_file

SHA1 . some_data_file ​​. openssl dgst -sha1 . , 20- SHA1- . , , , 20 , SHA1.

SHA1 hash1 :

openssl pkeyutl -sign -in hash1 -inkey privkey.pem -pkeyopt digest:sha1 -out sig1

some_data_file openssl dgst:

openssl dgst -sha1 -sign privkey.pem < some_data_file > sig2

, :

diff sig1 sig2

, . , SHA1- openssl dgst -sha1 -sign , , openssl dgst -sha1 -sign SHA1 sig2.

, , rsautl:

openssl rsautl -sign -in hash1 -inkey privkey.pem -out sig1

openssl pkeyutl, -, openssl rsautl -sign , . . SE.

+7

: . . , ( sha256):

void
verify_tomcrypt(unsigned char *keyblob, size_t klen,
                unsigned char *payload, size_t dlen,
                unsigned char *signature, size_t slen)
{
    rsa_key key;
    int stat;
    unsigned long len;
    unsigned char digest2[SHA256_DIGEST_LENGTH];

    ltc_mp = ltm_desc;
    register_hash(&sha256_desc);

    /* try reading the key */
    if (rsa_import(keyblob, klen, &key) != CRYPT_OK) {
        printf("Error reading key\n");
        exit(-1);
    }

    int hash_idx = find_hash("sha256");
    if (hash_idx == -1) {
        printf("LTC_SHA256 not found...?\n");
        exit(-1);
    }
    len = sizeof(digest2);
    if (hash_memory(hash_idx, payload, dlen, digest2, &len) != CRYPT_OK) {
        printf("sha256 fails...?\n");
        exit(-1);
    }

    if (rsa_verify_hash_ex(signature, slen, digest2, sizeof(digest2), LTC_LTC_PKCS_1_V1_5, hash_idx, 0, &stat, &key) == CRYPT_OK) {
        if (stat == 1)
            printf("Tomcrypt: Signature OK!\n");
        else
            printf("Tomcrypt: Signature NOK?\n");
    } else {
        printf("Tomcrypt: Signature error\n");
    }
}
+3

More articles:


All Articles