m2crypto - verify data signature generated with openssl, using crypto++ -

-

i have server, running under python, signing message sha256 digest using m2crypto use public , private rsa key generated openssl cli. on server side everythgin ok
python code :

privatekey = m2crypto.rsa.load_key(sys.argv[2])
signeddigest = privatekey.sign(digest, 'sha256')

i double check signature :

pubkey = m2crypto.rsa.load_pub_key("key.pub.pem")
if pubkey.verify(digest, signeddigest, 'sha256') (etc....)

i store signed sha256 digest in file , send original message client.
on client side, running under c++ vc6, load signed sha256 digest (as binary), , message signed. aim verify message , signed sha256. have cryptopp static link, , know works fine, because can compute sha256, , compare sha256 python having same result. here code :

rsa::publickey pubkey;
pubkey.load( filesource(licensecontrol::pubkeypath, true));
rsass< pkcs1v15, sha >::verifier verifier(pubkey);
//shadigest newly computed sha256, signaturebyte signature of message received server
result = verifier.verifymessage( shadigest, cryptopp::sha256::digestsize, signaturebyte, 512);

this compiles , run, return false. ensure signature valid, have verified using directly openssl cli (not through m2crypto python wrapper) :

openssl dgst -sha256 -verify key.pub.pem -signature sign original_file
verified ok

this confirms signed sha256 digest ok, , can used verify message using public key. aware of der , pem format (using pem openssl, der cryptopp). believe public key correct. problem how use cryptopp library verify signature ??? have been through doc, after days on it, still looks chinese me. hav tried thing

rsass< pssr, sha >::verifier verifier(pubkey);

using pssr encrypt in python code, no luck... considering decrypt public key signed sha256 digest , compare myself newly sha256 digest computed receive file. simple, hevn't found in doc... idea how use verifier ?
how decrypt using public key ? in case previous question can not solved

two issues here think:

first, sha in rsass< pkcs1v15, sha > means sha-1, not sha_256. you'd want sha256 here instead.

also, verifymessage takes entire message, not hash - hash computed internally you. right when you're trying verify message, you're (as far crypto++ concerned) trying verify sha-1(sha-256(msg)), naturally fails. pass entire actual message instead, skipping sha-256 computation.


Comments

Post a Comment

Popular posts from this blog

javascript - Enclosure Memory Copies -

-
function myclass() { //lots , lots of vars , code here. this.bar = function() { //do numerous enclosed myclass vars } this.foo = function() { alert('hello'); //don't enclosed variables. } } each instance of myclass gets own copy of bar , foo, why prototyped methods use less memory. however, know more memory use of inner methods. it seems obvious me (1) below must true. agree? not distinct myclass instances have own distinct copies of bar, must have own distinct copies of myclass enclosure. (or else how bar method keep myclass variables straight on per instance basis?) now (2) question i'm after. since inner foo method doesn't use in myclass enclosure natural qustion is: javascript smart enough not keep myclass enclosure in memory use of foo? this depend entirely on implementation not language. naive implementations keep far more around others. answer true e.g. v8 (chrome's js engine) may not true spider...
Read more

php - Replacing tags in braces, even nested tags, with regex -

-
example preg_replace('/\{[a-za-z.,\(\)0-9]+\}/', 'replaced', 'lorem ipsum dolor sit {tag1({tag2()})}, consectetur adipiscing elit.'); the result: lorem ipsum dolor sit {tag1(replaced)}, consectetur adipiscing elit. question as can see "tag2" has been replaced, want replace "tag1" know how can this? (in cases might this: {tag1({tag2({tag3()})})}) , on.) btw using preg_replace_callback, easier show preg_replace here site can test code: http://www.spaweditor.com/scripts/regex/index.php you need add curly braces character set. here's pattern used: /\{[a-za-z.,\(\)\{\}0-9]+\}/ and here result: "lorem ipsum dolor sit replaced, consectetur adipiscing elit."
Read more