Hello,
[EMAIL PROTECTED] wrote on 05/30/2008 12:34:15 PM:
> Hello,
> i have created the following code to test the use of RSA (signautre):
>
> #include <stdio.h>
> #include <stdlib.h>
> #include <stdint.h>
> #include <fcntl.h>
> #include <unistd.h>
> #include <string.h>
> #include <openssl/engine.h>
> #include <openssl/err.h>
> #include <openssl/rsa.h>
> #include <openssl/rand.h>
> #include <openssl/sha.h>
>
> main ()
> {
>
> long erreur = 0;
> char *message="vatos locos para siempre";
> char *encrypt, *decrypt, *sign,
hash[SHA_DIGEST_LENGTH],hash1[SHA_DIGEST_LENGTH];
> int longmsg,i,random,ok;
> int siglong;
> RSA *rsa;
>
> random= RAND_load_file("/dev/urandom ",1024);//seeding the
Pseudo random generator
>
> rsa = RSA_generate_key(128,13,NULL,NULL);//generating a key
having a 128 bits modulus
>
> SHA1(message,strlen(message),hash); //computing a digest
using SHA1
> for(i=0; i<20; ++i){
> printf("%x",hash[i]);}
> printf("\n");
>
> sign=(unsigned char*)malloc(RSA_size(rsa));
> ok=
RSA_sign(NID_sha1,hash,strlen(hash),sign,&siglong,rsa);//generating the
> signature using RSA
> erreur= ERR_get_error();
> printf("signature = %d \n",ok);
> printf("signature length =%d \n",siglong);
> printf("erreur =%d \n",erreur);
> printf("PRNG random =%d \n",random);
> printf("strlen(hash) =%d \n",strlen(hash));
> RSA_free(rsa);
> free(sign);
>
> }
>
> After i compiled it using: gcc rsa.c -o rsa -lssl
> And i received the following results:
>
ffffff9c6bffffffdd1c5dffffff915ffffffff7ffffffdbffffff93ffffffab3c23ffffffe5ffffffb344ffffff8b49632
> signature = 0
> signature length =-1209806408
> erreur =67588208
> PRNG random =0
> strlen(hash) =20
>
> here are my questions:
> 1- why RSA_sign returned a 0 (signautre = 0) which means the failure of
the key generation?
> 2- why the signautre has a negative value unstead of having 20 bytes
length?
> 3- why the function RAND_load_file returned zero unstead of returning
the number of
> bytes obtained after seeding the PRNG?
Try:
- buffers for RSA_* functions mostly are "unsigned char*", not "char *"
- use -Wall at compile time and look at any warnings like "passing
argument 2 of ‘RSA_sign’ differ in signedness"
- do not use strlen() on signatures, signatures are binary data, not
strings
- you can not create RSA signature from 160 bit hash using 128 bit RSA
key.
- add SSL_load_error_strings() and SSL_library_init().
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
:��I"Ϯ��r�m�����
(����Z+�K��+����1���x���h����[�z�(����Z+����f�y���������f���h��)z{,���
