使用 crypto++ 验证使用 openssl 生成的数据签名

发布于 2024-10-17 01:21:28 字数 1593 浏览 10 评论 0原文

我有一个服务器,在 python 下运行,使用 m2crypto 签署消息 sha256 摘要 我使用 openssl CLI 生成的公共和私有 RSA 密钥。在服务器端一切正常
Python代码:

privateKey = M2Crypto.RSA.load_key(sys.argv[2])
signedDigest = privateKey.sign(digest, 'sha256')

我仔细检查签名是否良好:

pubKey = M2Crypto.RSA.load_pub_key("key.pub.pem")
if pubKey.verify(digest,signedDigest,'sha256')(等等....)

我将签名的sha256摘要存储在文件中并将其与原始消息一起发送给客户端。
在客户端,在 c++ vc6 下运行,我加载签名的 sha256 摘要(作为二进制)以及已签名的消息。现在的目的是验证该消息以及签名的 sha256。我有 cryptopp 作为静态链接,我知道它工作得很好,因为我可以计算 sha256,并与来自 python 的 sha256 进行比较,结果相同。这是代码:

RSA::PublicKey pubKey;
pubKey.Load( FileSource(LicenseControl::pubKeyPath, true));
RSASS PKCS1v15,SHA >::验证者verifier(pubKey);
//shaDigest是新计算的sha256,signatureByte是从服务器接收到的消息的签名
结果= verifier.VerifyMessage(shaDigest,CryptoPP :: SHA256 :: DIGESTSIZE,signatureByte,512);

编译并运行,但始终返回 false。为了确保签名有效,我直接使用 openssl CLI(而不是通过 m2crypto python 包装器)对其进行了验证:

openssl dgst -sha256 -verify key.pub.pem -signature 签名original_file
已验证正常

这确认签名的 sha256 摘要正确,并且可用于使用公钥成功验证消息。我知道 DER 和 PEM 格式(对于 openssl 使用 PEM,对于 cryptopp 使用 DER)。所以我相信公钥是正确的。 现在我的问题是如何使用 cryptopp 库来验证签名??? 我已经看过这个文档,但经过几天的研究,它对我来说仍然看起来像中文。我尝试过类似的事情

RSASS< PSSR, SHA >::验证者verifier(pubKey);

使用 PSSR 在 python 代码中加密,但没有运气...... 我现在考虑仅使用公钥解密签名的 sha256 摘要,并将其与从接收文件计算的新 sha256 摘要进行比较。但即使这么简单,我也没有在文档中找到...... 知道如何正确使用验证器吗?
如何使用公钥解密?如果上一个问题无法解决

I have a server, running under python, signing a message sha256 digest using m2crypto
I use a public and private RSA key generated by openssl CLI. On the server side everythgin is OK
Python code :

privateKey = M2Crypto.RSA.load_key(sys.argv[2])
signedDigest = privateKey.sign(digest, 'sha256')

I double check that signature is good :

pubKey = M2Crypto.RSA.load_pub_key("key.pub.pem")
if pubKey.verify(digest, signedDigest, 'sha256') (etc....)

I store the signed sha256 digest in a file and send it with the original message to the client.
On the client side, running under c++ vc6, I load the signed sha256 digest (as binary), and the message that was signed. The aim is now to verify the message , together with the signed sha256. I have cryptopp as static link, and I know it works fine, because I can compute sha256, and compare with sha256 from python having same result. Here is the code :

RSA::PublicKey pubKey;
pubKey.Load( FileSource(LicenseControl::pubKeyPath, true));
RSASS< PKCS1v15, SHA >::Verifier verifier(pubKey);
//shaDigest is newly computed sha256, signatureByte is the signature of the message received from the server
result = verifier.VerifyMessage( shaDigest, CryptoPP::SHA256::DIGESTSIZE, signatureByte, 512);

This compiles and run, but always return false. To ensure that signature is valid, I have verified it using directly openssl CLI (not through m2crypto python wrapper) :

openssl dgst -sha256 -verify key.pub.pem -signature sign original_file
Verified OK

This confirms that signed sha256 digest is ok, and that it can be used to verify message successfully using the public key. I am aware of DER and PEM format (using PEM for openssl, DER for cryptopp). So I believe the public key is correct.
Now my problem is How to use cryptopp library to verify the signature ???
I have been through the doc, but after days on it, it still looks like chinese to me. I hav tried thing like

RSASS< PSSR, SHA >::Verifier verifier(pubKey);

using PSSR to encrypt in python code, but no luck...
I am now considering to only decrypt with public key the signed sha256 digest and compare it myself to the newly sha256 digest computed from the receive file. But even that simple, I hevn't found in the doc...
Any idea how to use verifier properly ?
How to decrypt using public key ? in case previous question can not be solved

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

巷子口的你 2024-10-24 01:21:29

我认为这里有两个问题:

首先,RSASS中的SHA PKCS1v15, SHA > 表示 SHA-1,而不是 SHA_256。您需要在此处使用 SHA256

此外,VerifyMessage 获取整个消息,而不仅仅是哈希值 - 哈希值是在内部为您计算的。所以现在当你尝试验证消息时,你实际上(就 Crypto++ 而言)尝试验证 SHA-1(SHA-256(msg)),所以自然会失败。相反,传递整个实际消息,跳过额外的 SHA-256 计算。

Two issues here I think:

First, SHA in RSASS< PKCS1v15, SHA > means SHA-1, not SHA_256. You'd want SHA256 here instead.

Also, VerifyMessage takes the entire message, not just a hash - the hash is computed internally for you. So right now when you're trying to verify the message, you're actually (as far as Crypto++ is concerned) trying to verify SHA-1(SHA-256(msg)), so naturally it fails. Pass the entire actual message instead, skipping your extra SHA-256 computation.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文