Keep It Simple, Stupid | |
PerlMonks |
Help verifying RSA PSS signature in Perl with Crypt::RSA and Crypt::RSA::SS::PSSby cryptques (Novice) |
on Mar 31, 2013 at 02:52 UTC ( [id://1026320]=perlquestion: print w/replies, xml ) | Need Help?? |
cryptques has asked for the wisdom of the Perl Monks concerning the following question: I'm unable to verify a PSS-signed signature in Perl using Crypt::RSA and Crypt::RSA::SS::PSS.
I have a device that has a 1024-bit RSA key, and signs data using PSS, SHA1 and AES-128. I extract the device's public key successfully, save it in a file with PEM_write_RSA_PUBKEY() I am able to verify this in C/C++ using RSA_verify_PKCS1_PSS(), and also using openssl on the command line, like this:
Where:
I'm trying to do the above in Perl, using Crypt::RSA and Crypt::RSA::SS::PSS, and can't get it to work. I've tested those two modules and I *am* able to generate and verify a PSS signature in Perl when generating my own key, like this: So, instead of creating my own RSA key I read in a public key using something like this: Where "key.public" contains the device's public key, converted to a decimal string, inserted into the "n" field of the structure that is read/written by Crypt::RSA::Key::Public. But I can't get it to verify :-( Methinks I should be able to indicate that it should be using SHA1 and AES-128 (as opposed to, say, Blowfish). Am I barking up the wrong tree? Thanks….
Back to
Seekers of Perl Wisdom
|
|