I have an old app using RSA signature through crypto 4.2. I migrated to 5.2, and now the RSA signature code doesn't work anymore (ie it compiles, but valid signatures aren't verified anymore). I tried some change on the code to use new 5.2 interface but no luck. Here is the actual code, if you see obvious errors:
static RandomPool & GlobalRNG() { static AutoSeededRandomPool randomPool; return randomPool; }
SignCode:
RSASSA_PKCS1v15_SHA_Signer
privsign(StringSource(secKey,secKeySize,true)); SecByteBlock signature(privsign.MaxSignatureLength());
signlen = privsign.SignMessage(GlobalRNG(),(const byte *)buf, len,
signature); StringSink sink(sign);
sink.Put(signature,signlen);
sink.MessageEnd();Where secKey/secKeySize is the private key (generated by crypto++) and buf/len is the buffer to sign. The final sink stores data in 'sign' which is a std::string.
Now for verify: RSASSA_PKCS1v15_SHA_Verifier pub(StringSource(pubKey,pubKeySize,true));
return pub.VerifyMessage((const byte *)buf, len, (const byte *)sign, signlen);
where pubKey/pubKeySize is the public key corresponding to secKey, and buf/len the same buffer than before. It always return false.
The secret key is generated elsewhere with:
AutoSeededRandomPool randPool;
RSAES_OAEP_SHA_Decryptor priv(randPool, keylength);
TransparentFilter privFile(new FileSink(holder));
priv.DEREncode(privFile);
privFile.MessageEnd();and pubkey is derived from it.
I traced down both sign and verify opertions in crypto++, and found that during verify in PK_DeterministicSignatureMessageEncodingMethod::VerifyMessageRepresentative() the ComputeMessageRepresentative() seems to return some kind of null value.
Is there a visible mistake in my code ????
Thanks for your help,
Regards.
