[openssl-users] Is it mandatory to reverse windows signature while doing verification in OpenSSL?

Rishabh K Dubey rishabh.dubey at igate.com
Thu Apr 2 08:46:22 UTC 2015


Thanks Jeff for quick confirmation.

Regards,
Rishabh



-----Original Message-----
From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of Jeffrey Walton
Sent: Thursday, April 02, 2015 1:25 PM
To: OpenSSL Users List
Subject: Re: [openssl-users] Is it mandatory to reverse windows signature while doing verification in OpenSSL?

> We have signed data on Win 7 using Crypto APIs and generated 
> signature. We have observed this signature data needs to be reversed 
> for verification using OpenSSL. If we reverse signature data and pass 
> it to OpenSSL verification command then OpenSSL verifies it 
> successfully. We wanted to confirm, whether such reversing of 
> signature bytes is valid operation or not. Thanks in advance.
>
As Tom said, reversing the bytes is quite common when interop'ing with MS CAPI. See, for example, http://www.google.com/search?q=ms+capi+reverse+bytes.

For the longest time, it was the only library I was aware that you had to be mindful of the endian issues. Poly1305 is now a similar island.
Crypto++'s Integer class recently modified to take the little endian
strings and byte arrays for testing straight from Bernstein's parameters.

Jeff
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Disclaimer~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Information contained and transmitted by this e-mail is confidential and proprietary to IGATE and its affiliates and is intended for use only by the recipient. If you are not the intended recipient, you are hereby notified that any dissemination, distribution, copying or use of this e-mail is strictly prohibited and you are requested to delete this e-mail immediately and notify the originator or mailadmin at igate.com <mailto:mailadmin at igate.com>. IGATE does not enter into any agreement with any party by e-mail. Any views expressed by an individual do not necessarily reflect the view of IGATE. IGATE is not responsible for the consequences of any actions taken on the basis of information provided, through this email. The contents of an attachment to this e-mail may contain software viruses, which could damage your own computer system. While IGATE has taken every reasonable precaution to minimise this risk, we cannot accept liability for any damage which you sustain as a result of software viruses. You should carry out your own virus checks before opening an attachment. To know more about IGATE please visit www.igate.com <http://www.igate.com>.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



More information about the openssl-users mailing list