[erlang-questions] Old and new crypto: sign, rsa_sign, verify, rsa_verify compatibility

Evgeny M <>
Fri Oct 25 14:05:16 CEST 2013


Hi,
Thank you, it works!

пятница, 25 октября 2013 г., 15:28:01 UTC+4 пользователь Ingela Andin 
написал:
>
>
> Hi!
>
> The new API does not want any "mpint" values (binaries with size tags) . 
> If you try inputing the data according to the new API it will work much 
> better.
>
> 1> PrivateKey = 
> [<<2,1>>,<<0,194,170,51,214,70,17,25,24,39,11,190,238,251,171,164,221,80,251,171,85,16,134,227,199,246,113,207,194,211,53,68,253,54,195,192,2,93,91,107,118,147,218,227,151,148,3,165,184,26,199,213,68,18,25,35,249,207,196,111,26,201,150,255,69>>,
> 1> 
> <<104,90,61,184,186,69,12,116,62,217,98,92,46,21,166,57,194,30,29,119,116,166,32,71,194,252,162,197,193,144,84,98,223,170,137,84,25,86,2,237,128,201,216,139,98,173,122,229,3,62,100,69,241,18,186,249,170,25,156,172,32,228,180,129>>].
> [<<2,1>>,
>  <<0,194,170,51,214,70,17,25,24,39,11,190,238,251,171,164,
>    221,80,251,171,85,16,134,227,199,246,113,...>>,
>  <<104,90,61,184,186,69,12,116,62,217,98,92,46,21,166,57,
>    194,30,29,119,116,166,32,71,194,252,...>>]
> 2> 
> 2>  PublicKey = 
> [<<2,1>>,<<0,194,170,51,214,70,17,25,24,39,11,190,238,251,171,164,221,80,251,171,85,16,134,227,199,246,113,207,194,211,53,68,253,54,195,192,2,93,91,107,118,147,218,227,151,148,3,165,184,26,199,213,68,18,25,35,249,207,196,111,26,201,150,255,69>>].
> [<<2,1>>,
>  <<0,194,170,51,214,70,17,25,24,39,11,190,238,251,171,164,
>    221,80,251,171,85,16,134,227,199,246,113,...>>]
> 3> Payload = <<"Launch the nukes.">>.
> <<"Launch the nukes.">>
> 4> Hash = crypto:hash(sha, Payload).
> <<241,220,196,57,84,10,43,93,89,232,208,46,247,79,76,207,
>   109,47,141,175>>
> 5> Signature1 = crypto:sign(rsa, sha, {digest, Hash}, PrivateKey). 
> <<190,229,211,137,209,154,2,175,188,165,201,12,206,80,75,
>   148,11,78,207,14,214,170,105,252,63,128,61,191,217,...>>
> 6> 
> 6> crypto:verify(rsa, sha, {digest, Hash}, Signature1, PublicKey). 
> true
>
> Regards Ingela Erlang/OTP team - Ericsson AB
>
>
> 2013/10/24 John Doe < <javascript:>>
>
>> Hi,
>>
>> Is it possible to make RSA signatures compatible between old and new 
>> crypto methods? I can't find a way how to do this. 
>> Here's an example, run in R16B02:
>>
>> crypto:start().
>>
>> %% these two keys are valid RSA keypair
>> PrivateKey = 
>> [<<0,0,0,2,2,1>>,<<0,0,0,65,0,194,170,51,214,70,17,25,24,39,11,190,238,251,171,164,221,80,251,171,85,16,134,227,199,246,113,207,194,211,53,68,253,54,195,192,2,93,91,107,118,147,218,227,151,148,3,165,184,26,199,213,68,18,25,35,249,207,196,111,26,201,150,255,69>>,<<0,0,0,64,104,90,61,184,186,69,12,116,62,217,98,92,46,21,166,57,194,30,29,119,116,166,32,71,194,252,162,197,193,144,84,98,223,170,137,84,25,86,2,237,128,201,216,139,98,173,122,229,3,62,100,69,241,18,186,249,170,25,156,172,32,228,180,129>>].
>> PublicKey = 
>> [<<0,0,0,2,2,1>>,<<0,0,0,65,0,194,170,51,214,70,17,25,24,39,11,190,238,251,171,164,221,80,251,171,85,16,134,227,199,246,113,207,194,211,53,68,253,54,195,192,2,93,91,107,118,147,218,227,151,148,3,165,184,26,199,213,68,18,25,35,249,207,196,111,26,201,150,255,69>>].
>>
>> SizedBinary = fun(Binary) -> <<(size(Binary)):32/integer, 
>>  Binary/binary>> end.
>>
>> Payload = <<"Launch the nukes.">>.
>>
>> Hash =  crypto:sha(Payload).
>>
>> %%signed with old method
>> Signature = crypto:rsa_sign(SizedBinary(Hash), PrivateKey).
>>
>> %%verify with old method - returns true
>> crypto:rsa_verify(SizedBinary(Hash), SizedBinary(Signature), PublicKey).
>>
>> %%new method - returns false
>> crypto:verify(rsa, sha, {digest, Hash}, Signature, PublicKey).  
>>
>> %%another try of new method - throws an 'bad argument' exception
>> crypto:verify(rsa, sha, {digest, SizedBinary(Hash)}, 
>> SizedBinary(Signature), PublicKey).
>>
>> %%new method yet again - returns false
>> crypto:verify(rsa, sha, {digest, Hash}, SizedBinary(Signature), 
>> PublicKey). 
>>
>> _______________________________________________
>> erlang-questions mailing list
>>  <javascript:>
>> http://erlang.org/mailman/listinfo/erlang-questions
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20131025/9315be9c/attachment.html>


More information about the erlang-questions mailing list