Hi,

for a multiplatform project, I'm trying to find a method to create and verify 
RSA signatures between the following 'worlds' of cryptography:

- MS CryptoAPI (unluckily brought in a certain crypto smart card)
- OpenSSL
- Java Cryptography (currently using the bouncy castle provider)

Whereas 'naked' RSA signatures verify OK between OpenSSL and JCE, MS generated 
signatures (CryptSignHash) won't verify anywhere apart from the MS world, 
though the hashes do match. I understood from my research in different 
mailing lists, that this is a known problem that arises from different (and 
apparently unknown) padding algorithm used by MS CryptAPI.

A proposed way to get interoperability between OpenSSL and CryptoAPI was to 
use PKCS#7 signature standard (S/MIME detached signatures). Surprisingly, 
this seems to kick Java out of the boat, as I couldn't find an implementation 
of S/MIME algorithms for Java (!?).

So, perhaps I'm missing something obvious? Any hints are much appreciated!

Cheers,
Andreas.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to