Signature format (C++/Java)

Tue, 13 Apr 2010 08:34:25 -0700 

I've seen several posts on here about working with java and CryptoPP,
and I still just can't get this to work.  I'm assuming at this point
that there must be something vital that I'm missing in the stream
somewhere.  I've verified that the binary data on both sides are the
same, I'm not using java strings anywhere.  If you have any ideas,
please help.

The java side creates the message thusly:

ByteArrayOutputStream b = new ByteArrayOutputStream();
DataOutputStream d = new DataOutputStream(b);
// Much writing to the d omitted, using mainly writeInt

// Compute signature
Signature instance = Signature.getInstance("SHA1withRSA");
                        instance.initSign(mDB.keys().getPrivateKey());
instance.update(b.toByteArray());
byte[] signature = instance.sign();

// add the signature to the block
d.write(signature);
block = new Bytes(b.toByteArray());

Then block is sent to a server which uses CryptoPP to verify it.  I
assumed that the signature should simply be appended to the message
since that's what happens in the CryptoPP examples, there could be
something missing there.

On the C++ side I do this:
CryptoPP::StringSource sSrc( sPubKey );
CryptoPP::RSA::PublicKey pk;
pk.Load( sSrc );
                CryptoPP::RSASSA_PKCS1v15_SHA_Verifier verifier( pk );

CryptoPP::StringSource( sMsgSrc, true,
                        new CryptoPP::SignatureVerificationFilter(
                                verifier, NULL,
                                
CryptoPP::SignatureVerificationFilter::THROW_EXCEPTION
                                ) // SignatureVerificationFilter
                        ); // StringSource
respondYes( dRes, "Correct");


When I use the same keys and only use CryptoPP, and create the final
sMsgSrc variable by appending the signature directly to the message it
works fine.  I haven't found a lot of good references for the Java
side, so I have no idea if I'm even on the right track here.

Any help at all would be greatly appreciated.  Thank you.

--Mike

-- 
You received this message because you are subscribed to the "Crypto++ Users" 
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at 
http://www.cryptopp.com.

To unsubscribe, reply using "remove me" as the subject.

Reply via email to