Re: Yet another signature Verification

Sat, 06 Feb 2010 11:51:09 -0800 

On Sat, Feb 06, 2010, Jim Welch wrote:

> Hello,
> 
> We started working on a project several months ago that has a need for 
> signature verification of an xml file.  We had completed our tests and 
> everything was woking.  The provider of the file then sent us a new Public 
> Key and said that it is what we will get for the live data.  The file will 
> not read into our programs (one in C++ and one in Java).
> 
> The C code that was working is as follows:
> 
> pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL);
> fclose (fp);
> 
> if (pkey == NULL)
> {
> error stuff
> }
> 
> sigDatEnc = g_base64_decode( (gchar *) sigDat, &sigDatLen);
> EVP_VerifyInit(&md_ctx, EVP_sha512());
> EVP_VerifyUpdate(&md_ctx, xmlDat, strlen((char *) xmlDat));
> err = EVP_VerifyFinal (&md_ctx, sigDatEnc, sigDatLen, pkey);
> free(sigDatEnc);
> EVP_PKEY_free (pkey);
> 
> It fails on the PEM_read_PUBKEY by returning a NULL when it tries to read in 
> the file.  The only help we can get from the provider is the following code 
> (Perl) which woks for them:
> 

The FAQ tells you how to get more information however...


> -----BEGIN RSA PUBLIC KEY-----
> MIICCgKCAgEAvW90MggAl07zMvyQdUk18/iOySyY8P/1vqC5XGNvC5aXIvC8UDpU
> 2v8EK40SUc0FEqP8g893HgW+yDJa7SF2VyW2IEcnum2yot2ifGHjCDUnea2W5wBO
> aFlY9Co9VXDLhRJNQyXyfKCXL/xiM2O2Py1x0+SIXkc1ml2M0x4Fb4QsMO5E2Y6o
> 2mRVlPlooDPkj4BijvVX/EiPWpfbQAoidk8urHif5OTdIyqunce6b1Fqz7NH118n
> DVQp/Txk6hGtGkHxYCC0biG20+u6XlD9qkYWn2KYqxBxJZvV12YO3pC1kzYAR9Xy
> VlCfyHK8pGdcHO8LHZsWR5PeryNBWU14xlOVQsziFE4oMyEiSt00cUQhF+yCLQpr
> T7+xvKTGA9YTXfI59LprKMXN5RPCBF5WuQZoxlREQMjhYV+b1rQx1jkkrflA0liF
> oTgkrGw5mxk9jlQbFNeY4eVAudF3w2OdVD/N5UNoR+L7Jj1gAJjEV6what uYQrJ9f58h
> 7UzsktkHPgROncZGGZLDM/acRbzar3Iv4CK8hnsHrAan8qd7jh9kU8DEXQ1Is2qf
> w1/BMX4DPfijY1zboqUbrFwAmq7twoiTJPK+++aYBU7fu5tvRIPIXdziGOkWmrc6
> gjsIQA8GoM4am19VlD6P1inHMa1P4s8Md6AvbeAPkWXGmsYdsHvRDo8CAwEAAQ==
> -----END RSA PUBLIC KEY-----

That is an RSAPublicKey structure for which you call PEM_read_RSAPublicKey().

That returns an RSA structure which you need to convert to an EVP_PKEY
structure using EVP_PKEY_new() and EVP_PKEY_assign_RSA()

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to