OK, I got your point, I'll ask what they meant by "the same results" then.
You're saying that I'm not competent for this task. As I said before, I'm a student, and I'm doing this project to get my master degree. Everything security related is still very new to me, especially because it's in C++, which I'm not very familiar with. But it is obvious that I'm not the last person who will be working on this project. The company asked me to do this, so I'll set the start for this project, but after me, many others will check my code and optimise it. It's important for them because it's security related so it should be really safe and bug free, and they also realize that. The people who will work on it after me are experts on the case, I just have to get as far as possible. I also find it annoying that I have to ask these stupid questions, but where else should I seek help? This forum is meant for people who are using OpenSSL, and I'm just trying to learn how. But thanks for your time anyway. David Schwartz wrote: > > >> David, >> When I sign the same hash with the same certificate I should get the same >> signature. That sounds pretty logical to me. > > Really? So if you sign the same contract twice, the two signatures will be > precisely identical? > >> The company I'm doing this >> project for also told me that I should get the same result as the one >> CryptSignHash gives me, that's why I'm trying to get 2 identical results. > > By "the same result", I hope that they mean the same logical result. You > will not get the exact same value. > > Suppose, for example, there were certain hash values that could weaken RSA > keys. If I create a document that you have to sign, I can engineer the > document so that the hash you wind up signing is one of those hash values. > (Because I know the hash you are going to sign.) Adding random padding > means > an attacker, even if he chooses the plaintext you sign, cannot chose the > hash you sign. > > Is this serious? No. But algorithms are not deliberately designed with > vulnerabilities just because those vulnerabilities are not serious. > > If you are comparing the two signatures for literal equality, what you are > doing makes no sense. > > One more point, and I apologize for having to bring this up. You are doing > a > security-related task for which you are not competent. Even if your code > appears to work in simple test cases, there is a serious chance that it > will > have vulnerabilities that could compromise security. For example, if you > had > used 'strlen', an attacker could trivially create multiple documents that > appear to have the same hash simply by choosing documents whose hashes all > begin with a zero byte. > > If anyone is going to rely on your code, you are doing the equivalent of > building a suspension bridge that will carry traffic. That takes an > expert. > That's just a fact. If you blunder you way through it, you will make every > mistake. And some of them will leave code that appears to work. > > DS > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > ----- Stephanie -- View this message in context: http://www.nabble.com/Difference-between-RSA_sign-and-CryptSignHash-signature-tp22575898p22800989.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
