> From: owner-openssl-us...@openssl.org On Behalf Of redpath
> Sent: Tuesday, 30 October, 2012 16:56
> I am using openssl to create a signature for a file contents and use
> openssl to verify the contents using the signature file. The
> public key is from an x509 cert.
> All works great.
>
Specifically, a SHA1-with-RSA PKCS#1 signature; there are many other
public-key signature schemes, many of which OpenSSL and/or Java
(by default) support.
> I need to verify a file contents using Java. So I have
> written a sample Java application
> and it returns false and should return true. I use the same
> artifacts as I did for the openssl.
>
> I think the saved binary file of the signature may need some
> conversion for Java but thats my guess?
>
Nope. A C binary file, as you correctly did (with fopen "wb"),
and a Java File{Input,Output}Stream are compatible, at least
on all platforms supported by "standard" Sun^WOracle Java.
You're double-hashing. The lower-level RSA_{sign,verify}
in OpenSSL takes a hash and directly signs/verifies it using
the standard {AlgId,OCTETSTRING} format and PKCS#1 padding.
If you instead used the high-level EVP_{Sign,Verify}* those
take the _data_, _do_ the hash, and sign/verify the hash.
Java with the Suncle standard providers does only the latter.
The signature algorithm name you used, SHA1WithRSA, says this;
it does SHA1 *and* RSA sign/verify. Feed sig.update the actual
data (in chunks if necessary), not a hash.
There may be other options using non-standard providers, and
for that matter using your own code. If you really want, you
can take the public key (e,n), do the raw-RSA "public decrypt"
(Java has BigInteger with modPow standard), unpad (checking valid),
extract the hash (with checking AlgId), and compare.
<snip rest>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
