On Wed, Nov 14, 2012 at 2:00 PM, Wizard Of Oz <[email protected]>wrote:
> ? What is the difference between calling "rsautl" on a previously > generated hash - and doing it with dgst in one step? I'm not a crypto > specialist as you can see, but trying to understand this better. > > rsautl in sign mode just pads whatever input it receives and encrypts it using the *private* key so that anyone with the *public* key can decrypt it. When things are working right, this input is a digest, the verifying party calculates the same digest, and compares the two. dgst in sign mode calculates the digest and formats it the way anything processing pkcs#1v1.5 data will expect, then does the same thing as rsautl. You could of course imitate the process using the intermediate digest file, but you'll need to format it properly. Here's an example of how to do so, but I'd advise just using dgst :-) http://pastebin.com/GVRGn01q That's mainly interesting as an exercise in fooling around with openssl's asn1parse tool (and understanding the structure of the signature), not for getting things done. I'm also curious why your Crypto++ sample code is not calling > VerifyMessage(), but instead using the VerifyFilter()? Could I use > VerifyMessage() just the same? > > Because that's what I had sitting around on my drive? It's the same reason i hardcoded to SHA256 also. The reason I had that around as opposed to VerifyMessage() is that I frequently use sources, sinks and filters. The SignatureVerificationFilter class is much more convenient in that case. VerifyMessage() should work just the same if you've already got your data in arrays of bytes. http://www.cryptopp.com/wiki/Pipelining is a good read to get an idea why I might prefer the filter. Geoff -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
