... just little P.S.:
the -pkeyopt digest:sha256 is probably (?) necessary while the
signatureAlgorithm in SIgnerInfo is "sha256WithRSAEncryption"
I have another TS reply (from Comodo) and there is only "rsaEncryption"
I thing there the verification will work vice versa only without the -pkeyopt.
And about the HASH - the correct command I had mean:
$ hexdump -C <signedAttrs-with-SET.sha256
00000000 9a 06 83 c6 8f f4 50 76 8f e7 91 e4 34 7b fb 39 |......Pv....4{.9|
00000010 79 3a 80 93 b2 0b 2d a9 07 0f 34 a4 ba 46 9f 67 |y:....-...4..F.g|
$ openssl pkeyutl -verifyrecover -in sig -certin -inkey cert.pem -asn1parse
0:d=0 hl=2 l= 49 cons: SEQUENCE
2:d=1 hl=2 l= 13 cons: SEQUENCE
4:d=2 hl=2 l= 9 prim: OBJECT :sha256
15:d=2 hl=2 l= 0 prim: NULL
17:d=1 hl=2 l= 32 prim: OCTET STRING
0000 - 9a 06 83 c6 8f f4 50 76-8f e7 91 e4 34 7b fb 39 ......Pv....4{.9
0010 - 79 3a 80 93 b2 0b 2d a9-07 0f 34 a4 ba 46 9f 67 y:....-...4..F.g
Ones more thank
--kapetr
----- PŮVODNÍ ZPRÁVA -----
Od: "kapetr" <kap...@mizera.cz>
Komu: dthomp...@prinpay.com, openssl-users@openssl.org
Předmět: RE: how to (more manually) verify signature in SignedData ?
Datum: 22.1.2013 - 11:55:16
> Hello,
>
> ----- PŮVODNÍ ZPRÁVA -----
> Od: "Dave Thompson" <dthomp...@prinpay.com>
> Komu: openssl-users@openssl.org
> Předmět: RE: how to (more manually) verify signature in SignedData ?
> Datum: 22.1.2013 - 0:33:35
>
> > >
> > The RSA-signed value is not just the hash, but a small
> > structure encoding it, and pkeyutl needs to be told that.
> > Add (at the end) -pkeyopt digest:sha256 .
>
> $ openssl pkeyutl -verify -in signedAttrs-with-SET.sha256 -sigfile sig
> -certin -inkey cert.pem -pkeyopt digest:sha256
> Signature Verified Successfully
> $
>
> Yes :-)))
>
> > Since you're using RSA, you can see this by (instead) doing
> > pkeyutl -verifyrecover -in sig -certin&inkey -hexdump .
> > You'll see a SEQUENCE of AlgID which is OID=sha256,NULL
> > and OCTET STRING which is the actual hash value.
>
>
> $ openssl pkeyutl -verifyrecover -in sig -certin -inkey cert.pem -hexdump
> 0000 - 30 31 30 0d 06 09 60 86-48 01 65 03 04 02 01 05 010...`.H.e.....
> 0010 - 00 04 20 9a 06 83 c6 8f-f4 50 76 8f e7 91 e4 34 .. ......Pv....4
> 0020 - 7b fb 39 79 3a 80 93 b2-0b 2d a9 07 0f 34 a4 ba {.9y:....-...4..
> 0030 - 46 9f 67 F.g
>
> $ hexdump <signedAttrs-with-SET.sha256
> 0000000 069a c683 f48f 7650 e78f e491 7b34 39fb
> 0000010 3a79 9380 0bb2 a92d 0f07 a434 46ba 679f
>
> Yes - in hash is only little/big-endian encoding difference.
>
>
> Thank you very much for help!
>
> Best regards
>
> --kapetr
>
>
>
> --
> - - Reklama - - - - - - - - - - - - - -
> Battlestar Galactica Online - kultovní série v nové dimenzi! Člověk proti
> Cylonům - vypravte se do bitvy ve vesmíru a zažij akční hru MMOG v pravém 3D
> na http://bit.ly/J4Fcer
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List openssl-users@openssl.org
> Automated List Manager majord...@openssl.org
>
--
- - Reklama - - - - - - - - - - - - - -
Battlestar Galactica Online - kultovní série v nové dimenzi! Člověk proti
Cylonům - vypravte se do bitvy ve vesmíru a zažij akční hru MMOG v pravém 3D na
http://bit.ly/J4Fcer
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
