[erlang-questions] Old and new crypto: sign, rsa_sign, verify, rsa_verify compatibility
Evgeny M
donpedrothird@REDACTED
Thu Oct 24 11:23:06 CEST 2013
Followup
I can't even verify rsa signature created with the new sign(rsa,...)
function. verify(rsa, ...) returns always false. No problems with old
functions such as rsa_sign/rsa_verify.
What am I doing wrong, could somebody help me?
PrivateKey =
[<<0,0,0,2,2,1>>,<<0,0,0,65,0,194,170,51,214,70,17,25,24,39,11,190,238,251,171,164,221,80,251,171,85,16,134,227,199,246,113,207,194,211,53,68,253,54,195,192,2,93,91,107,118,147,218,227,151,148,3,165,184,26,199,213,68,18,25,35,249,207,196,111,26,201,150,255,69>>,<<0,0,0,64,104,90,61,184,186,69,12,116,62,217,98,92,46,21,166,57,194,30,29,119,116,166,32,71,194,252,162,197,193,144,84,98,223,170,137,84,25,86,2,237,128,201,216,139,98,173,122,229,3,62,100,69,241,18,186,249,170,25,156,172,32,228,180,129>>].
PublicKey =
[<<0,0,0,2,2,1>>,<<0,0,0,65,0,194,170,51,214,70,17,25,24,39,11,190,238,251,171,164,221,80,251,171,85,16,134,227,199,246,113,207,194,211,53,68,253,54,195,192,2,93,91,107,118,147,218,227,151,148,3,165,184,26,199,213,68,18,25,35,249,207,196,111,26,201,150,255,69>>].
Payload = <<"Launch the nukes.">>.
Hash = crypto:hash(sha, Payload).
Signature1 = crypto:sign(rsa, sha, {digest, Hash}, PrivateKey).
crypto:verify(rsa, sha, {digest, Hash}, Signature1, PublicKey). %% false
Signature2 = crypto:sign(rsa, sha, Payload, PrivateKey).
crypto:verify(rsa, sha, Payload, Signature2, PublicKey). %% false
SizedBinary = fun(Binary) -> <<(size(Binary)):32/integer, Binary/binary>>
end.
Signature3 = crypto:rsa_sign(SizedBinary(Hash), PrivateKey).
crypto:rsa_verify(SizedBinary(Hash), SizedBinary(Signature3), PublicKey).
%% true
четверг, 24 октября 2013 г., 3:07:51 UTC+4 пользователь Evgeny M написал:
>
> Hi,
>
> Is it possible to make RSA signatures compatible between old and new
> crypto methods? I can't find a way how to do this.
> Here's an example, run in R16B02:
>
> crypto:start().
>
> %% these two keys are valid RSA keypair
> PrivateKey =
> [<<0,0,0,2,2,1>>,<<0,0,0,65,0,194,170,51,214,70,17,25,24,39,11,190,238,251,171,164,221,80,251,171,85,16,134,227,199,246,113,207,194,211,53,68,253,54,195,192,2,93,91,107,118,147,218,227,151,148,3,165,184,26,199,213,68,18,25,35,249,207,196,111,26,201,150,255,69>>,<<0,0,0,64,104,90,61,184,186,69,12,116,62,217,98,92,46,21,166,57,194,30,29,119,116,166,32,71,194,252,162,197,193,144,84,98,223,170,137,84,25,86,2,237,128,201,216,139,98,173,122,229,3,62,100,69,241,18,186,249,170,25,156,172,32,228,180,129>>].
> PublicKey =
> [<<0,0,0,2,2,1>>,<<0,0,0,65,0,194,170,51,214,70,17,25,24,39,11,190,238,251,171,164,221,80,251,171,85,16,134,227,199,246,113,207,194,211,53,68,253,54,195,192,2,93,91,107,118,147,218,227,151,148,3,165,184,26,199,213,68,18,25,35,249,207,196,111,26,201,150,255,69>>].
>
> SizedBinary = fun(Binary) -> <<(size(Binary)):32/integer, Binary/binary>>
> end.
>
> Payload = <<"Launch the nukes.">>.
>
> Hash = crypto:sha(Payload).
>
> %%signed with old method
> Signature = crypto:rsa_sign(SizedBinary(Hash), PrivateKey).
>
> %%verify with old method - returns true
> crypto:rsa_verify(SizedBinary(Hash), SizedBinary(Signature), PublicKey).
>
> %%new method - returns false
> crypto:verify(rsa, sha, {digest, Hash}, Signature, PublicKey).
>
> %%another try of new method - throws an 'bad argument' exception
> crypto:verify(rsa, sha, {digest, SizedBinary(Hash)},
> SizedBinary(Signature), PublicKey).
>
> %%new method yet again - returns false
> crypto:verify(rsa, sha, {digest, Hash}, SizedBinary(Signature),
> PublicKey).
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20131024/0d7b3e85/attachment.htm>
More information about the erlang-questions
mailing list