RE: [OCF] Signature Card Service

Carles Barrobes Wed, 9 Jun 1999 02:14:49 -0700
MaSi,

You are correct except that applying the public key to the signature is
actually the "encrypt" algorithm. "Decrypt" is what you did with the
"Private key" when signing...

C A R L E S
---
  Carles Barrob�s i Meix 
  GyD Ib�rica - Giesecke & Devrient



> -----Original Message-----
> From: Siev�nen Markku [SMTP:[EMAIL PROTECTED]]
> Sent: Wednesday, June 09, 1999 11:36 AM
> To:   'opencard'
> Subject:      [OCF] Signature Card Service
> 
> Hi OCF-people!
> 
> I read the API-documentation of the Signature Card Service. I got a little
> confused about the documentation of the *Verfify* functions? For eaxmple
> the
> API says:
> 
> --------------------------------------------------------------------------
> --
> ----------------------
> verifySignedData
> 
> 
> public boolean verifySignedData(PublicKeyRef publicKey,
>                                 java.lang.String signAlgorithm,
>                                 byte[] data,
>                                 byte[] signature)
>                          throws
> opencard.core.service.CardServiceException,
>                                 java.security.InvalidKeyException,
>  
> opencard.core.terminal.CardTerminalException
> 
>     Verify a digital Signature including hashing. First hash the data,
> then
> pad the hash, apply the PKA algorithm to the
>     padded hash, then compare the result to the provided signature. 
> --------------------------------------------------------------------------
> --
> -----------------------
> 
> In my understandig when you verify signature, you first hash the data and
> THEN YOU APPLY THE PKA ALGORITHM (USING SIGNER'S PUBLIC KEY) TO THE
> SIGNATURE (DECRYPT) AND THEN COMPARE THE RESULT TO THE HASH VALUE YOU
> CALCULATED EARLIER FROM THE DATA.
> 
> So, I think that the explanation of all *Verify* functions are incorrect.
> 
> Or, miss I something?
> 
> Regards,
> 
> MaSi
> 
> --------------------------------------------------------------------------
> --
> ---------
> Markku Siev�nen            Tel: +358 9 8941 4253
> Setec Oy                      Fax: +358 9 878 6133
> P. O. Box 31                 E-mail: [EMAIL PROTECTED]
> FIN-01741 Vantaa
> Finland
> 
> Visit the OpenCard Framework's WWW site at http://www.opencard.org/ for
> access to documentation, code, presentations, and OCF announcements.
> --------------------------------------------------------------------------
> ---
> To unsubscribe from the OCF Mailing list, send a mail to
> "[EMAIL PROTECTED]" with the word "unsubscribe" in the BODY of
> the
> message.
Visit the OpenCard Framework's WWW site at http://www.opencard.org/ for
access to documentation, code, presentations, and OCF announcements.
-----------------------------------------------------------------------------
To unsubscribe from the OCF Mailing list, send a mail to
"[EMAIL PROTECTED]" with the word "unsubscribe" in the BODY of the
message.
RE: [OCF] Signature Card Service

Reply via email to
