|
Hi, I have the belated task of upgrading our crypto++ from 2.3,
which it has been for years. Currently I am stuck because the NR verifier
won’t verify some messages that were signed by crypt++ 2.3. In
particular, using crypto++ 2.3 and 4.2, unsigned
char testNr[ 31 ] =
"\x0B\xB1\x5B\x75\xED\x14\x3D\x92\x26\x37\xCA\x89\xD7\x8E\x4B\x60\xC7\x60\xA7\x1C\x7A\x24\xBD\x51\x29\x96\x1A\xC2\x9E\x34"; unsigned
char testSha[ CryptoPP::SHA::DIGESTSIZE + 1 ] =
"\xEE\x03\x25\x47\xFF\xBA\x68\x83\xC4\xA2\x12\xE5\x14\xBA\xE5\x45\x61\x3F\x2A\xE4"; Integer
P23("7019381798617006716835813087296001796150962106074841238925864520536688227509092240796275367863849441555369619874101707276200068568845330657310191485021893"); Integer
Q23("695889950734455956990816637440886403"); Integer
G23("6235103830417276907842475920843204847598558146071605570728952034730450371342891060733864638876293941592533109510797887080772668269563778561995271156429372"); Integer
Y23("6003691331075818079980163077354132821700005903596552432667451226242540519520492754527257404731517551898937294150293511876361452905389869989041543063633316"); CryptoPP::Integer
P42("7019381798617006716835813087296001796150962106074841238925864520536688227509092240796275367863849441555369619874101707276200068568845330657310191485021893"); CryptoPP::Integer
Q42("695889950734455956990816637440886403"); CryptoPP::Integer
G42("6235103830417276907842475920843204847598558146071605570728952034730450371342891060733864638876293941592533109510797887080772668269563778561995271156429372"); CryptoPP::Integer
Y42("31275952841998020538913107300713992"); ElGamalSigPublicKey
testpublicKey23( P23, Q23, G23, Y23 ); CryptoPP::NRDigestVerifier
testpublicKey42( P42, Q42, G42, Y42 ); bool
b42testVerified = testpublicKey42.VerifyDigest( (const byte*)testSha,
CryptoPP::SHA::DIGESTSIZE, (const byte*)testNr ); bool
b23testVerified = testpublicKey23.Verify( (const byte*)testSha,
CryptoPP::SHA::DIGESTSIZE, (const byte*)testNr ); The testpublicKey23.Verify() succeeds, but the
testpublicKey42.VerifyDigest() fails, even though they are verifying the same
signature of the same hash, and were constructed with identical
constants. (We use the Integers to serialize public keys (either to files
or for a stream to some network destination) and reconstruct them later.)
If I can’t get a later version of crypto to verify the signatures of byte
streams signed by crypto 2.3, then I don’t think I’ll be able to
effect the upgrade. I also tried with 5.2.1: unsigned
char testNr[ 31 ] = "\x0B\xB1\x5B\x75\xED\x14\x3D\x92\x26\x37\xCA\x89\xD7\x8E\x4B\x60\xC7\x60\xA7\x1C\x7A\x24\xBD\x51\x29\x96\x1A\xC2\x9E\x34"; unsigned
char testSha[ CryptoPP::SHA::DIGESTSIZE + 1 ] =
"\xEE\x03\x25\x47\xFF\xBA\x68\x83\xC4\xA2\x12\xE5\x14\xBA\xE5\x45\x61\x3F\x2A\xE4"; CryptoPP::Integer
P52("7019381798617006716835813087296001796150962106074841238925864520536688227509092240796275367863849441555369619874101707276200068568845330657310191485021893"); CryptoPP::Integer
Q52("695889950734455956990816637440886403"); CryptoPP::Integer
G52("6235103830417276907842475920843204847598558146071605570728952034730450371342891060733864638876293941592533109510797887080772668269563778561995271156429372"); CryptoPP::Integer
Y52("31275952841998020538913107300713992"); NR<DummyHash>::Verifier
testpublicKey52( P52, Q52, G52, Y52 ); bool
b52testVerified = testpublicKey52.VerifyMessage( (const byte*)testSha,
CryptoPP::SHA::DIGESTSIZE, (const byte*)testNr, 30 ); (In “real life” I would not use a dummy hash, I
would use NR<SHA> on the original data instead, but by using a dummy hash
I eliminate SHA from being a factor in the problem.) Is there something I am doing wrong, or has there been a
standards change? How can I get 5.2 to accept 2.3 signatures? |
- Compatibility of 2.3 ElGamal digest signatures with later ve... Bill Shanahan
