RE: Java signature verification fail in openssl
My steps are 1. raw data eg.balamurugan 2. i am calculating hash for this data using sha256 which is 256 bit for readable i convert this into (32 to 64 byte) hex string not hex represent. eg hash string is a123sdf... which is 64 characters 3. now i am giving this 64 character string into the RSA_sign() function with 2048 RSA Private key. and input is a123sdf...(64 characters). NID_sha1() 4. the output is 256 character (binary) which i encode into base 64... Verification: 1. decode the Base64 code 2. calculate hash for raw data using sha256 which result in 64 character eg.(a123sdf. 3.Calling RSA-verify() with inputs hash string (a123sdf... 64 character) ,NID_sha1(),RSA public Key, are my steps are right if not in which place i am doing wrong ..? m data :a12df146d87db3ce911e61444eed322bbd027a58cfa27ceec3626317ebe62f89 sig-digest-data :?*?H?b9???A6w?(? Memcompare fail mLen :64sig-digest-length :20 Assuming 'mLen' is the m_length/m_len passed to RSA_verify, it appears your digest-to-compare is 64 hex chars (32 bytes) while the digest specified by the signer is 20 bytes. It looks like you are computing the wrong hash, maybe SHA256 instead of SHA1, and also representing it wrongly. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- View this message in context: http://old.nabble.com/Java-signature-verification-fail-in-openssl-tp32589928p32594391.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Java signature verification fail in openssl
Jeffrey Walton-3 wrote: On Tue, Oct 4, 2011 at 10:58 AM, brajan balamurugan@gmail.com wrote: hi can any one tell me why the signature verification in openssl fail when the message is signed bu java IBM fips compliant.i am using openssl 0.9.8g in power Pc. i am getting error in if (((unsigned int)sig-digest-length != m_len) || (memcmp(m,sig-digest-data,m_len) != 0)) line of source code in RSA_verify(). the value are m data :a12df146d87db3ce911e61444eed322bbd027a58cfa27ceec3626317ebe62f89 sig-digest-data :�*�H�b9���A6w�(� Memcompare fail mLen :64 sig-digest-length :20 DSA? Java uses a DER encoded signature per RFC 3279: SEQUENCE ::= { r INTEGER, s INTEGER } Jeff Hi Jeff ,, i didnt get what u are asking as DSA ? . i am using SHA1WithRSA in java __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- View this message in context: http://old.nabble.com/Java-signature-verification-fail-in-openssl-tp32589928p32594404.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Java signature verification fail in openssl
Jakob Bohm-7 wrote: On 10/4/2011 4:58 PM, brajan wrote: hi can any one tell me why the signature verification in openssl fail when the message is signed bu java IBM fips compliant.i am using openssl 0.9.8g in power Pc. i am getting error in if (((unsigned int)sig-digest-length != m_len) || (memcmp(m,sig-digest-data,m_len) != 0)) line of source code in RSA_verify(). the value are m data :a12df146d87db3ce911e61444eed322bbd027a58cfa27ceec3626317ebe62f89 sig-digest-data :�*�H�b9���A6w�(� Memcompare fail mLen :64sig-digest-length :20 why this is happening.? whether is it due to d2i_X509_SIG() this function Was the signature made with a different hash algorithm than the one you try to use to verify it? While signing the message in JAVA they are using Sha1WithRSA ... so i used RSA_verify with NID_sha1(). __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- View this message in context: http://old.nabble.com/Java-signature-verification-fail-in-openssl-tp32589928p32594410.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Java signature verification fail in openssl
On 10/5/2011 8:15 AM, brajan wrote: My steps are 1. raw data eg.balamurugan 2. i am calculating hash for this data using sha256 which is 256 bit for readable i convert this into (32 to 64 byte) hex string not hex represent. eg hash string is a123sdf... which is 64 characters 3. now i am giving this 64 character string into the RSA_sign() function with 2048 RSA Private key. and input is a123sdf...(64 characters). NID_sha1() WRONG, If you hashed with SHA256, you need to pass NID_sha256() and the binary (not hex) SHA256 value. If you have to use NID_sha1(), pass in the binary output of SHA1 of something, not some raw message of any other form or contents. 4. the output is 256 character (binary) which i encode into base 64... Verification: 1. decode the Base64 code 2. calculate hash for raw data using sha256 which result in 64 character eg.(a123sdf. 3.Calling RSA-verify() with inputs hash string (a123sdf... 64 character) ,NID_sha1(),RSA public Key, Same mistake as in your other step 3. are my steps are right if not in which place i am doing wrong ..? m data :a12df146d87db3ce911e61444eed322bbd027a58cfa27ceec3626317ebe62f89 sig-digest-data :?*?H?b9???A6w?(? Memcompare fail mLen :64sig-digest-length :20 Assuming 'mLen' is the m_length/m_len passed to RSA_verify, it appears your digest-to-compare is 64 hex chars (32 bytes) while the digest specified by the signer is 20 bytes. It looks like you are computing the wrong hash, maybe SHA256 instead of SHA1, and also representing it wrongly. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS-capable OpenSSL that works on Windows NT
On 10/5/2011 6:59 AM, William A. Rowe Jr. wrote: On 10/4/2011 10:45 PM, Bill Durant wrote: Does anyone know how to produce a FIPS-capable OpenSSL that works on Windows NT? It's likely not possible... But when I run it under Windows NT, I get the following run-time error: The procedure entry point Module32NextW could not be located in the dynamic link library KERNEL32.dll If you use the equivalent of nm against the fipscanister.lib, I'd expect you'll find the binding there. I see no reason the team would accommodate this in OpenSSL/FIPS 2.0, though. Support for Windows NT 4.xx ended on December 31, 2004. Support for Windows 2000 ended on July 13, 2010. So updating security or cryptographic software validation for such systems is something of an oxymoron. Ah, so OpenSSL has fallen for the propaganda that if the manufacturer (MS) stops supporting a software version, you should do so too, thus increasing harm to those affected by the manufacturer decision. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS-capable OpenSSL that works on Windows NT
On Tue October 4 2011, William A. Rowe Jr. wrote: On 10/4/2011 10:45 PM, Bill Durant wrote: Does anyone know how to produce a FIPS-capable OpenSSL that works on Windows NT? It's likely not possible... But when I run it under Windows NT, I get the following run-time error: The procedure entry point Module32NextW could not be located in the dynamic link library KERNEL32.dll If you use the equivalent of nm against the fipscanister.lib, I'd expect you'll find the binding there. I see no reason the team would accommodate this in OpenSSL/FIPS 2.0, though. Support for Windows NT 4.xx ended on December 31, 2004. I can think of one reason to continue support for Windows NT 4.++ There are people in the world that run it on Alpha machines and NT 4.xx was the last Windows release to support that processor. But the O.P. did quote KERNEL32.dll which isn't present on the 64 bit Alpha, so that isn't their reason for using NT 4.++ Might be the same story for MIPS hardware, can't recall for sure. Mike Support for Windows 2000 ended on July 13, 2010. So updating security or cryptographic software validation for such systems is something of an oxymoron. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS-capable OpenSSL that works on Windows NT
On Tue, Oct 04, 2011, William A. Rowe Jr. wrote: On 10/4/2011 10:45 PM, Bill Durant wrote: Does anyone know how to produce a FIPS-capable OpenSSL that works on Windows NT? It's likely not possible... But when I run it under Windows NT, I get the following run-time error: The procedure entry point Module32NextW could not be located in the dynamic link library KERNEL32.dll If you use the equivalent of nm against the fipscanister.lib, I'd expect you'll find the binding there. I see no reason the team would accommodate this in OpenSSL/FIPS 2.0, though. Support for Windows NT 4.xx ended on December 31, 2004. Support for Windows 2000 ended on July 13, 2010. So updating security or cryptographic software validation for such systems is something of an oxymoron. I'd suggest the OP try to build the 2.0 test module and run fips_test_suite on NT as it may work. A lot of the platform specific code has been removed from the 2.0 module design. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS-capable OpenSSL that works on Windows NT
On Oct 5, 2011, at 8:08 AM, Dr. Stephen Henson wrote: On Tue, Oct 04, 2011, William A. Rowe Jr. wrote: On 10/4/2011 10:45 PM, Bill Durant wrote: Does anyone know how to produce a FIPS-capable OpenSSL that works on Windows NT? It's likely not possible... But when I run it under Windows NT, I get the following run-time error: The procedure entry point Module32NextW could not be located in the dynamic link library KERNEL32.dll If you use the equivalent of nm against the fipscanister.lib, I'd expect you'll find the binding there. I see no reason the team would accommodate this in OpenSSL/FIPS 2.0, though. Support for Windows NT 4.xx ended on December 31, 2004. Support for Windows 2000 ended on July 13, 2010. So updating security or cryptographic software validation for such systems is something of an oxymoron. I'd suggest the OP try to build the 2.0 test module and run fips_test_suite on NT as it may work. A lot of the platform specific code has been removed from the 2.0 module design. Thank you everyone for the comments so far. What is the 2.0 test module? Does it mean to build openssl-fips-1.2.tar.gz? Thanks, Bill Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS-capable OpenSSL that works on Windows NT
On Wed, Oct 05, 2011, Bill Durant wrote: On Oct 5, 2011, at 8:08 AM, Dr. Stephen Henson wrote: On Tue, Oct 04, 2011, William A. Rowe Jr. wrote: On 10/4/2011 10:45 PM, Bill Durant wrote: Does anyone know how to produce a FIPS-capable OpenSSL that works on Windows NT? It's likely not possible... But when I run it under Windows NT, I get the following run-time error: The procedure entry point Module32NextW could not be located in the dynamic link library KERNEL32.dll If you use the equivalent of nm against the fipscanister.lib, I'd expect you'll find the binding there. I see no reason the team would accommodate this in OpenSSL/FIPS 2.0, though. Support for Windows NT 4.xx ended on December 31, 2004. Support for Windows 2000 ended on July 13, 2010. So updating security or cryptographic software validation for such systems is something of an oxymoron. I'd suggest the OP try to build the 2.0 test module and run fips_test_suite on NT as it may work. A lot of the platform specific code has been removed from the 2.0 module design. Thank you everyone for the comments so far. What is the 2.0 test module? Does it mean to build openssl-fips-1.2.tar.gz? For the upcoming 2.0 validation test snapshots are available. You can see them at: ftp://ftp.openssl.org/snapshot/ Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS-capable OpenSSL that works on Windows NT
On 10/5/2011 10:08 AM, Dr. Stephen Henson wrote: On Tue, Oct 04, 2011, William A. Rowe Jr. wrote: On 10/4/2011 10:45 PM, Bill Durant wrote: But when I run it under Windows NT, I get the following run-time error: The procedure entry point Module32NextW could not be located in the dynamic link library KERNEL32.dll If you use the equivalent of nm against the fipscanister.lib, I'd expect you'll find the binding there. I'd suggest the OP try to build the 2.0 test module and run fips_test_suite on NT as it may work. A lot of the platform specific code has been removed from the 2.0 module design. I'd forgotten how significantly the whole POST code has been refactored, thanks for the reminder Steve! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS-capable OpenSSL that works on Windows NT
On Oct 5, 2011, at 9:10 PM, William A. Rowe Jr. wrote: On 10/5/2011 10:08 AM, Dr. Stephen Henson wrote: On Tue, Oct 04, 2011, William A. Rowe Jr. wrote: On 10/4/2011 10:45 PM, Bill Durant wrote: But when I run it under Windows NT, I get the following run-time error: The procedure entry point Module32NextW could not be located in the dynamic link library KERNEL32.dll If you use the equivalent of nm against the fipscanister.lib, I'd expect you'll find the binding there. I'd suggest the OP try to build the 2.0 test module and run fips_test_suite on NT as it may work. A lot of the platform specific code has been removed from the 2.0 module design. I'd forgotten how significantly the whole POST code has been refactored, thanks for the reminder Steve! I will try this and report back my findings soon. Thanks, Bill __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org