On 27 Mar 2007 19:43:13 -0700, Peter Djalaliev <[EMAIL PROTECTED]> wrote: > Hello, > > When I had a problem with verifying a RSA signtaure, I was hinted by > Bob Releya that the VFY_* functions are better to use than PK11_Verify > when trying to verify a signature given the digest of what was > actually signed. > > I was intrigued by that (it helped solve a related problem I had), so > I investigated further. Fair enough, the NSS documentation said the > same thing - that the VFY_VerifyDigest is a higher level function and > is, this, preferable to PK11_Verify. > > Can somebody elaborate a little more about why one is better then the > other? > > I went to the VFY_VerifyDigest code and I saw in vfy_VerifyDigest > that: > > - for signatures produced with the RSA encryption algorithm, it would > decrypt the signature using the public key and simply compare the > result to the digest given.
Yes, but the DecryptSigBlock function still calls PK11_VerifyRecover. > - for DSA and EC signtures, however, vfy_VerifyDigest would delegate > the task to PK11_Verify. > > (Reference: > http://lxr.mozilla.org/security/source/security/nss/lib/cryptohi/secvfy.c#600) > > Why does vfy_VerifyDigest treat different signature algorithms > differently? Is the reason the difference between the properties of > the three signature algorithms, or is it some purely implementation > reason? Why doesn't the PKCS#11 token handle verifying RSA > signatures, too? As I pointed out above, the PKCS #11 token also handles verifying RSA signatures. The only difference between the handling of RSA and DSA/ECDSA signatures is when we call PK11_xxx and whether we call PK11_VerifyRecover or PK11_Verify. (PK11_VerifyRecover doesn't make sense for DSA/ECDSA.) It seems that we could call PK11_Verify for RSA signatures, too. Wan-Teh _______________________________________________ dev-tech-crypto mailing list [email protected] https://lists.mozilla.org/listinfo/dev-tech-crypto
