For the primary signature it is "rsaEncryption" (OID 1.2.840.113549.1.1.1) and for the
counter signature it is "RSA-SHA1" (OID 1.2.840.113549.1.1.5).
Thanks.
-Prasad
On Sep 22, 2014, at 09:13 AM, Jakob Bohm wrote:
Ok, look in the SignerInfo structure of the secondary signature.
There is a
Ok, look in the SignerInfo structure of the secondary signature.
There is a separate field (digestEncryptionAlgorithm) indicating
the OID of the signature algorithm. Look at this and see if it is
different from the value in the outer signature, and look up the
value online to see what it means.
Well, I am bit confused here.
I am decrypting the signature using RSA_public_decrypt function passing it a
public key with RSA_PKCS1_PADDING option.
For primary signature, I get back a 35 byte value which is inclusive of the
digestAlgorithm. It is in the v1.5 format that you mention about.
Fo
On 19/09/2014 09:14, Prasad Dabak wrote:
The RFC links helped.
I am able to do decrypt the encrypted digest and match it with the
DigestInfo as explained in rfc2315.
DigestInfo ::= SEQUENCE {
digestAlgorithm DigestAlgorithmIdentifier,
digest Digest }
Digest ::= OCTET STRING
The RFC links helped.
I am able to do decrypt the encrypted digest and match it with the DigestInfo
as explained in rfc2315.
DigestInfo ::= SEQUENCE {
digestAlgorithm DigestAlgorithmIdentifier,
digest Digest }
Digest ::= OCTET STRING
I typically get back 35 byte decrypted digest wh
On 16/09/2014 12:22, Prasad Dabak wrote:
Hello,
I am currently focusing on matching various digests that we talked
about earlier in the thread.
1. Computing the hash of the executable (excluding the areas as
defined by MS) and matching it with the value stored in
spcIndirectData. This is st
Hello,
I am currently focusing on matching various digests that we talked about
earlier in the thread.
1. Computing the hash of the executable (excluding the areas as defined by MS)
and matching it with the value stored in spcIndirectData. This is straight
forward and figured out.
2. Computi
http://msdn.microsoft.com/en-us/windows/hardware/gg463180.aspx is the spec for
the Authenticode PE signature format.
http://msdn.microsoft.com/en-us/gg463119 is the Microsoft PE and COFF
Specification.
Better download them now before they disappear, they appear to be deprecated in
favor of Win
Thanks Jacob for your response. Very informative indeed!
Thanks
-Prasad
Sent from my iPhone
> On 09-Sep-2014, at 10:05 pm, Jakob Bohm wrote:
>
>> On 09/09/2014 09:01, Prasad Dabak wrote:
>> Thanks Jacob for an elaborate answer. Somehow I never received your response
>> to my registered email
On 09/09/2014 09:01, Prasad Dabak wrote:
Thanks Jacob for an elaborate answer. Somehow I never received your
response to my registered email address, hence delay in responding.
This time I have CC-ed you in addition to the mail list.
I have a few follow-up questions on your response.
1. So,
Thanks Jacob for an elaborate answer. Somehow I never received your response to
my registered email address, hence delay in responding.
I have a few follow-up questions on your response.
1. So, "encryptedDigest" has no relation to the stored "messageDigest"? I
thought it's a encrypted version
On 07/09/2014 05:43, Prasad Dabak wrote:
Hello,
Given a signed Windows portable executable, I want to programmatically
verify two things using openssl APIs
1. Verify the digital signature.
2. Confirm that the executable is signed by a specific company using
that company's public key.
It se
Hello,
Given a signed Windows portable executable, I want to programmatically verify
two things using openssl APIs
1. Verify the digital signature.
2. Confirm that the executable is signed by a specific company using that
company's public key.
It seems that part (1) can be done by parsing th
13 matches
Mail list logo
