ISO/IEC FDIS 9796-2 draft you can take for a free http://isotctest.iso.org/livelink/livelink/4459194/SC27N3032_Text_for_FDIS_9796-2.pdf?func=doc.Fetch&nodeid=4459194 In this document verification scheme is described correctly.
Yes, it is signature scheme with message recovery. To verify signature the following steps should be performed: 1. Decrypt signature(get MessageRepresentative). Message representative in Digital signature scheme 1 consists of [Start byte | recoverable part of Message | hash(Message) | trailing byte(s)] 2. Construct Message* = [recoverable part of Message | non-recoverable part of Message] 3. Check that hash(Message) from signature is equal to hash(Message*). In Internet I have seen only once that somebody had the same problem http://www.groupsrv.com/science/about117544.html On 22 окт, 12:28, "Wei Dai" <[email protected]> wrote: > I'm not familiar with ISO/IEC FDIS 9796-2, and I can't find much information > about it (without paying to buy the standard). Is it some kind of signature > scheme with message recovery (SSR)? I never really finished implementing > support for discrete log-based SSR in Crypto++ (and nobody has complained > about that before), so the only way to do it is to write your own code > directly on top of the Integer and elliptic curve classes. You can try to > reuse DL_Algorithm_GDSA in gfpcrypt.h, or copy the code out and build on top > of that. > > Or, if you want to try to finish the DL SSR framework in Crypto++, take a > look at DL_VerifierBase::RecoverAndRestart() in pubkey.h. But unlike with > RSA, message recovery with discrete log based schemes is complicated and > ultimately kind of pointless. > > -------------------------------------------------- > From: "Alexei" <[email protected]> > Sent: Thursday, October 22, 2009 12:53 AM > To: "Crypto++ Users" <[email protected]> > Subject: Get MessageRepresentative from signature > > > > > > > Hello! > > > I am implementing Digital signature scheme 1 described in ISO/IEC FDIS > > 9796-2. I have signature in binary form and public key. > > I know, how to get MessageRepresentative in case of RSA: call member > > ApplyFunction(...) of CryptoPP::RSA::PublicKey-object. > > But I don't know how to get MessageRepresentative in case of DSA and > > ECDSA... What I should do? Is their any general way to get > > MessageRepresentative independent on type of public key?- Скрыть цитируемый > > текст - > > - Показать цитируемый текст - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
