[openssl-users] Fwd: Openssl api for signature verification using digest

Viktor Dukhovni openssl-users at dukhovni.org
Wed Aug 29 14:09:34 UTC 2018



> On Aug 29, 2018, at 5:53 AM, Linta Maria <lintamaria194 at gmail.com> wrote:
> 
> As you suggested, signature wasn't correct.
> With below input also it's not working.

Once again, the code is working correct, the key below did not produce
the posted signature.  Please use "openssl rsautl" as shown in my
previous message to check that the signature matches the code, before
using these to test your code.  There's no use asking for help with
making work something that should not and must not work.

> 
> Pubkey is read to evp_PKEY format
> 
> EVP_PKEY * vkey;
> char PubKey [] ="-----BEGIN PUBLIC KEY-----""\n"
>             "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxEZo8DRHBFBN0w1YYw3w" "\n"
> 
>             "C/C/IxCH3WSDCBTZgPux+/Cm+Q+LtSHjxV2x+hHuR8+cWMgFIrpvN0jw1F6g0f3A" "\n"
> 
>             "QQvQmPkyIUZGN1C9Da+SEdpc12gZdAOdILUaeiDRNUYXJinbBPQaNGAQIWwuzCuj" "\n"
> 
>             "5sjZPrlJYDQ52kq2U86ZNcS/NVRZi+pFB4u0YHHiqJkQYT6yCQjR9Rdvxvjyg9L5" "\n"
> 
>             "9petX/xa0tBurw5eTLOC9UlufblJnS7zrVkpoHdtt9rRgDBJ4kTJypeHq0Tybgro" "\n"
> 
>             "hhxG1EqdAjoD0OjLV93JWr0DOmwWVE1SoJH/UBbgRXf40hxhdzswgJFWJLIdxfdj" "\n"
> 
>             "BwIDAQAB" "\n"
> 
>             "-----END PUBLIC KEY-----";
> 
>             BIO  *bio;
> 
>             bio = BIO_new_mem_buf(PubKey, strlen(PubKey) );
> 
>             PEM_read_bio_PUBKEY( bio, &vkey, NULL, NULL );
> 
>    
> 
> unsigned char  signew[]={0x14, 0x7e, 0x86, 0x9f, 0xfb, 0x10, 0xc8, 0xa4, 0x98, 0xae, 0xcb, 0xf8, 0xd4, 0xd7, 0xad, 0xf2, 0x18, 0x40, 0xaf, 0x06, 0x85, 0x8a, 0x69, 0xde, 0x29, 0x50, 0xf2, 0x52, 0x1c, 0x01, 0xbc, 0x3c, 0x45, 0x42, 0xb1, 0x32, 0xd8, 0x19, 0xf6, 0xf3, 0x11, 0x39, 0x03, 0xbf, 0x23, 0xfb, 0x5d, 0x97, 0x41, 0xb9, 0x85, 0xaf, 0x31, 0xf8, 0x32, 0x2f, 0xd2, 0xb6, 0x5b, 0xf1, 0x22, 0xfd, 0xda, 0x28, 0x58, 0x6f, 0x45, 0x4b, 0x5c, 0x74, 0xf0, 0x84, 0xf2, 0x1e, 0xfa, 0x33, 0xa3, 0x83, 0x38, 0x9f, 0xcf, 0x71, 0x37, 0x77, 0x6d, 0x86, 0x84, 0xc6, 0x5e, 0x3b, 0x71, 0xf5, 0x29, 0x2a, 0x43, 0xf4, 0x43, 0x38, 0x0a, 0x18, 0xf5, 0xbe, 0x6f, 0x03, 0xd3, 0x16, 0x79, 0x13, 0x89, 0x95, 0xb2, 0xd7, 0x27, 0xcf, 0xd4, 0x2b, 0x6b, 0xa1, 0xbd, 0xe3, 0x8e, 0xac, 0x24, 0x1b, 0xdd, 0x17, 0xf8, 0xe1, 0xf5, 0xb9, 0x5a, 0xd4, 0x97, 0xf4, 0xc3, 0xfc, 0x69, 0xc8, 0x40, 0x30, 0x76, 0x7d, 0x18, 0x7c, 0x58, 0x11, 0x3d, 0x78, 0x27, 0x41, 0xab, 0x1c, 0xd2, 0xd3, 0x5f, 0xe2, 0x94, 0xe1, 0x49, 0xba, 0x6b, 0xd7, 0xbe, 0x3a, 0x9d, 0x86, 0x62, 0xdc, 0xd7, 0x46, 0xae, 0xa3, 0x8e, 0xe1, 0x46, 0x27, 0xbc, 0xb2, 0x31, 0x69, 0xc5, 0x54, 0x15, 0x85,0x74, 0x1a, 0x66, 0x94, 0xa6, 0x68, 0x5e, 0xa2,0x1c, 0x38, 0x3d, 0x84, 0xd8, 0x3f, 0x84, 0x81,0x56, 0xc2, 0x9c, 0xac, 0xef, 0x68, 0xef, 0x68,0x96, 0xb3, 0xd1, 0xa9, 0x3a, 0x43, 0x75, 0xef,0xaf, 0xf2, 0x1b, 0xea, 0x96, 0xb8, 0x23, 0xef,0xa6, 0x09, 0x89, 0x15, 0x52, 0x26, 0xce, 0x1f,0x98, 0x02, 0x83, 0x22, 0x08, 0x60, 0x6c, 0xd9,0x14, 0x64, 0xe8, 0xef, 0x53, 0xea, 0x48, 0x60,0xbb, 0x69, 0x49, 0x64, 0xa3, 0x0d, 0xdb, 0xaa};

$ perl -pe 'chomp; s/(..)/chr(hex($1))/eg' /tmp/sig.hex | od -vtx1
0000000    14  7e  86  9f  fb  10  c8  a4  98  ae  cb  f8  d4  d7  ad  f2
0000020    18  40  af  06  85  8a  69  de  29  50  f2  52  1c  01  bc  3c
0000040    45  42  b1  32  d8  19  f6  f3  11  39  03  bf  23  fb  5d  97
0000060    41  b9  85  af  31  f8  32  2f  d2  b6  5b  f1  22  fd  da  28
0000100    58  6f  45  4b  5c  74  f0  84  f2  1e  fa  33  a3  83  38  9f
0000120    cf  71  37  77  6d  86  84  c6  5e  3b  71  f5  29  2a  43  f4
0000140    43  38  0a  18  f5  be  6f  03  d3  16  79  13  89  95  b2  d7
0000160    27  cf  d4  2b  6b  a1  bd  e3  8e  ac  24  1b  dd  17  f8  e1
0000200    f5  b9  5a  d4  97  f4  c3  fc  69  c8  40  30  76  7d  18  7c
0000220    58  11  3d  78  27  41  ab  1c  d2  d3  5f  e2  94  e1  49  ba
0000240    6b  d7  be  3a  9d  86  62  dc  d7  46  ae  a3  8e  e1  46  27
0000260    bc  b2  31  69  c5  54  15  85  74  1a  66  94  a6  68  5e  a2
0000300    1c  38  3d  84  d8  3f  84  81  56  c2  9c  ac  ef  68  ef  68
0000320    96  b3  d1  a9  3a  43  75  ef  af  f2  1b  ea  96  b8  23  ef
0000340    a6  09  89  15  52  26  ce  1f  98  02  83  22  08  60  6c  d9
0000360    14  64  e8  ef  53  ea  48  60  bb  69  49  64  a3  0d  db  aa
0000400


$ perl -pe 'chomp; s/(..)/chr(hex($1))/eg' /tmp/sig.hex |
  openssl rsautl -inkey /tmp/key.pem -pubin -encrypt -raw |
  od -vtx1
0000000    19  5c  c4  8f  80  35  35  17  c6  17  b9  71  4d  8b  04  a2
0000020    f7  e4  8f  95  dc  1f  5d  15  b8  c2  41  16  78  fd  44  77
0000040    88  c1  b9  46  3d  48  d4  d6  b3  5e  d2  bc  4b  8e  0e  bc
0000060    7d  bb  6d  b5  2b  2d  aa  40  01  a3  5e  48  31  76  a7  23
0000100    1f  90  d4  0a  d3  b1  1a  10  05  a0  c3  49  e7  5e  60  04
0000120    82  02  34  43  d4  90  af  63  0f  90  67  3f  97  2a  e7  9c
0000140    c4  4d  2c  1a  ca  d3  c5  95  9f  d7  92  cd  71  32  b1  60
0000160    28  88  25  7a  ea  58  dd  22  83  f1  cb  4d  a7  39  ab  f3
0000200    4f  d8  b6  7d  e3  a6  74  77  76  73  f5  1f  9e  d3  09  5e
0000220    b3  a1  6f  f8  84  0c  75  14  11  c8  0a  93  32  d7  ea  78
0000240    7c  f3  48  7e  1c  0e  89  77  3d  48  ac  ba  80  fc  b3  01
0000260    f8  84  f4  cc  08  da  98  d7  67  00  9a  b6  f2  9e  38  db
0000300    b4  af  d7  38  ec  0d  f4  06  6a  3f  32  8e  c6  74  88  94
0000320    00  3d  11  fe  e7  f5  96  0c  7e  7a  bf  4c  1b  32  b4  7f
0000340    c3  ae  7e  a3  c9  d5  5b  e9  c5  2d  34  25  31  84  69  3c
0000360    eb  d9  7f  f5  a9  46  12  c3  35  a7  e4  19  68  69  d2  bc
0000400

That's not PKCS1 padding.

-- 
	Viktor.



More information about the openssl-users mailing list