Hello,
After lots and lots of testing, trying and debugging I still haven't managed
to get the same results from RSA_sign and CryptSignHash. I've discovered a
problem with the base64 decoding function i use to decode the hash i want to
sign, so now i get a different signature from RSA_sign but it's still not
the same as CryptSignHash. I've tried reversing the byte order with all
methods described above but nothing gave me the same result.
I'm pretty desperate about finding the solution, could someone who has tried
this before please post the code where RSA_sign gives the same result as
CryptSignHash after signing the same hash with the same certificate? I'd be
really greatful.
I'm a student working on a project to get my master degree and the only part
that doesn't work yet is the signing part... I've already tried really hard
and searched a lot but I think I'm out of ideas now...
Thanks again to anyone who's trying to help me and who has already tried to
help!
Goblin_Queen wrote:
>
> Thanks for the examples. I'm gonna test them now!
>
>
>
> Carter Browne wrote:
>>
>> You need to look at your data to see how the bytes are swapped:
>> 3 common patterns:
>>
>> 1) Even odd bytes are swapped
>> 2) The data was treated as 32 bit, one system is little ended and the
>> other big ended.
>> 3) The entire buffer is reversed.
>>
>> Assume pcBuffer is the char * pointer to your data, uiLen is the
>> unsigned length of the data.
>>
>> For 1)
>>
>> char acTemp = new char[ uiLen ];
>>
>> _swab(pcBuffer,acTemp,uiLen);
>> memcpy(pcBuffer,acTemp,uiLen);
>> delete acTemp;
>>
>> Note: uiLen is assumed to be even
>>
>> For 2)
>>
>> char cTemp;
>> int i,j;
>>
>> for (i=0;i<uiLen;i+=4)
>> {
>> for (j=0;j<2;j++)
>> {
>> cTemp = pcBuffer[ i+j];
>> pcBuffer[ i+j ] = pcBuffer[ i+3-j ];
>> pcBuffer[ i+3-j] = cTemp;
>> }
>>
>> Note: This code assumes that uiLen is a multiple of 4;
>>
>>
>> For 3)
>>
>> char cTemp;
>>
>> for (i=0;i<uiLen/2;i++)
>> {
>> cTemp = pcBuffer[ i];
>> pcBuffer[ i ] = pcBuffer[ i+uiLen-i-1 ];
>> pcBuffer[ i+uiLen-i-1] = cTemp;
>> }
>>
>> Carter
>>
>>
>> Carter Browne
>> CBCS
>> [email protected]
>> 781-721-2890
>>
>>
>>
>> Goblin_Queen wrote:
>>> Yes, I know that, but I don't know how to do that in code. I've found
>>> the
>>> following post:
>>> http://stackoverflow.com/questions/105252/how-do-i-convert-between-big-endian-and-little-endian-values-in-c
>>> http://stackoverflow.com/questions/105252/how-do-i-convert-between-big-endian-and-little-endian-values-in-c
>>>
>>> where I've tried the method with the template<>, which definitely didn't
>>> give me a correct result.
>>> On that forum they're saying that char's don't have to be converted, but
>>> is
>>> that true?
>>>
>>> Would it be possible for you to provide me with a code sample on how to
>>> convert a char* to little endian? I know it's probably a stupid question
>>> and
>>> I'm taking up your time, but I have to learn it somehow...
>>> Thanks in advance!
>>>
>>>
>>>
>>> Goblin_Queen wrote:
>>>
>>>> Thanks for your reply, I had thought of that too because my search lead
>>>> me
>>>> to such an answer. How can I convert a char* from big endian to little
>>>> endian? I googled for conversion examples but I only found conversions
>>>> for
>>>> int. I know this is probably a stupid question, but I'm still learning
>>>> C++.
>>>>
>>>>
>>>> Dr. Stephen Henson wrote:
>>>>
>>>>> On Wed, Mar 18, 2009, Goblin_Queen wrote:
>>>>>
>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> I'm writing a program that has to sign a SHA1-hash value. I'm using
>>>>>> OpenSSL
>>>>>> to do this. My program has to do the same thing as another program
>>>>>> which
>>>>>> makes use of Microsoft Crypto API. In that program the method
>>>>>> "CryptSignHash" was used in order to sign the hash value.
>>>>>>
>>>>>> When I try to sign a dummy hash value with RSA_sign, the result is
>>>>>> different
>>>>>> from the result I get from CryptSignHash. I've been searching for a
>>>>>> while to
>>>>>> find the reason for this, but haven't found the solution yet.
>>>>>>
>>>>>> I've also tried to sign the hash with other signature methods in
>>>>>> OpenSSL:
>>>>>> RSA_private_encrypt and EVP_SignFinal. Those gave me an error when I
>>>>>> tried
>>>>>> them, but I don't really know the difference between those 3 methods,
>>>>>> the
>>>>>> documentation isn't very clear, and I'm very new to cryptography
>>>>>> functions
>>>>>> and OpenSSL.
>>>>>>
>>>>>> Can anyone help me with this and tell me what I should use to get the
>>>>>> same
>>>>>> result as CryptSignHash returns?
>>>>>>
>>>>>> If you need to see my code in order to help me, just ask, then I'll
>>>>>> post
>>>>>> it.
>>>>>>
>>>>> The output of CryptoAPI is in little endian format, OpenSSL and many
>>>>> others
>>>>> use big endian. Try reversing the bytes.
>>>>>
>>>>> Steve.
>>>>> --
>>>>> Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
>>>>> OpenSSL project core developer and freelance consultant.
>>>>> Homepage: http://www.drh-consultancy.demon.co.uk
>>>>> ______________________________________________________________________
>>>>> OpenSSL Project http://www.openssl.org
>>>>> User Support Mailing List [email protected]
>>>>> Automated List Manager [email protected]
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>> ______________________________________________________________________
>> OpenSSL Project http://www.openssl.org
>> User Support Mailing List [email protected]
>> Automated List Manager [email protected]
>>
>>
>
>
--
View this message in context:
http://www.nabble.com/Difference-between-RSA_sign-and-CryptSignHash-signature-tp22575898p22781033.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
