On Tuesday, 3 March 2015 06:08:02 UTC+1, Jeffrey Walton wrote: > > > I was wondering if anyone could tell me if it is in fact possible to >> verify a signature created using WTLS-8? >> A reference to the specification of this curve can be found here: >> http://technical.openmobilealliance.org/tech/affiliates/wap/wap-261-wtls-20010406-a.pdf >> >> (page 90) >> > > From page 64 of the document you cited: > > enum { anonymous(0), ecdsa_sha(1), rsa_sha(2), (255)} > SignatureAlgorithm; > > You should be OK with rsa_sha, but its not clear to me if all the > ecdsa_sha are supported. To understand why, you need to look at Table 8 on > page 86 and the curves WTLS calls out. I *think* Crypto++ will support > about 8 of the 12 they specify. > > >> We are currently looking at alternatives to OpenSSL and Crypto++ seems >> like a good way to go. >> I have spent a little time trying to do this in Crypto++ but I have not >> had any success as yet. Before I go any further I thought I'd ask the >> knowledgable folk here. >> > > I think it depends on what you want to accomplish. > > Are you interested *only* in verifying a signature that's already been > parsed? Or are you interested in the bigger package? Here, the bigger > package includes things like implementing the protocol (sub tasks will > include asynchronous socket I/O, record layer implementation, X.509 > parsing, key exchange, bulk transfer, etc). > > If its the former, then Crypto++ should do fine. If the latter, then you > are going to have a lot of work because it looks like a re-implementation > of TLS. In the case of the latter, you should evaluate another library. >
Just the ECDSA signature verification. Its a legacy application and we can't change the private key at the other end.The public key does not name a curve but by comparing to the EC params from open ssl and the aforementioned document it looks like wap-wsg-idm-ecid-wtls8 which is not One of the names curves that crypto++ supports, so I will need to construct the curve manually. > > From your other message: > > > At the moment, all I have is the public key. I can use OpenSSL to dump > > the output of the public key and can convert it to DER format in Crypto++ > > and what I pass it through dumpasn1 it matches... > > This should help if its in PEM format: > http://www.cryptopp.com/wiki/PEM_Pack. You won't need to use OpenSSL to > convert it to ASN.1/DER. > I did try PEM pack and I receive a BER decode error. However if I convert it myself I am able to pass the resulting DER into dumpasn1 and read the key parameters sucessfully. > > eg (I'm not entirely comfortable posting the key in a public forum so I > > have obfuscated some of the detail here): > > That's fine. Call out the curve you are using from page 88. Or, post the > OID, Curve Name or domain parameters (Curve, Base Point and Modulus); keep > the Public Point (Q) and the Private Exponent (x) to yourself. > > Jeff > So I have a few questions - the public key component of starts with 02 (see the openssl output of the key above) which signifies point compression right? Therefore how I can I construct the key in the manner below (taken from the wiki): Integers p, a and b I can construct from the key output above. However how do I construct points q and g? Do I have to solve for y**2 = x**3 + ax + b over GF(p) ? If I assume use the parameters from http://technical.openmobilealliance.org/tech/affiliates/wap/wap-261-wtls-20010406-a.pdf (page 90) have been used I can provide a value for point g which seems to fit. ECP curve( p, a, b ); ECP::Point g( gx, gy ); ECP::Point q( qx, qy ); ECDSA<ECP, SHA1>::PublicKey publicKey; publicKey.Initialize( curve, g, n, q ); bool result = publicKey.Validate( prng, 3 ); if( !result ) { ... } Thanks again Brendan -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
