RE: problem verifying signature from java

2005-06-22 Thread coco coco


Did you got any break through.



Sorry, didn't read this list for a while. Actually, the code I put up in my 
question

was correct. The problem was with a Base64 lib that I linked with in C++.
The implementation of the library has a small bug, which does not handle
the '+' char properly.

That's why it didn't verify correctly. With the base64 bug fixed, the
code has no problem.

coco

_
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]


Re: problem verifying signature from java

2005-06-22 Thread coco coco


To rule out any problems with your OpenSSL code I'd suggest you check the
signatures using the dgst command and if there are problems analyze them 
using

rsautl.



Thanks for the reply. I got it, by examining basically every function that 
touches
my data. So, in the end, it was the base64 library that I linked with, it 
has a small

bug in dealing with the '+' char in base64-encoded string.

rgds

_
On the road to retirement? Check out MSN Life Events for advice on how to 
get there! http://lifeevents.msn.com/category.aspx?cid=Retirement


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]


RE: problem verifying signature from java

2005-06-22 Thread Madhu Sudhan Reddy

My case is different. Here it is failing bcz of extra SMIME
capability  attribute present in Signature. 
I removed it, it is working fine.

Thank you very much for reply

-Madhu


-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of coco coco
Sent: Thursday, June 23, 2005 10:58 AM
To: openssl-users@openssl.org
Subject: Re: problem verifying signature from java


To rule out any problems with your OpenSSL code I'd suggest you check
the
signatures using the dgst command and if there are problems analyze
them 
using
rsautl.


Thanks for the reply. I got it, by examining basically every function
that 
touches
my data. So, in the end, it was the base64 library that I linked with,
it 
has a small
bug in dealing with the '+' char in base64-encoded string.

rgds

_
On the road to retirement? Check out MSN Life Events for advice on how
to 
get there! http://lifeevents.msn.com/category.aspx?cid=Retirement

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]


#
This Email Message is for the sole use of the intended recipient(s) and May 
contain CONFIDENTIAL and PRIVILEGED information.
LG Soft India will not be responisible for any viruses or defects or
any forwarded attachements emanating either from within
LG Soft India or outside. Any unauthorised review , use, disclosure or 
distribution is prohibited. If you are not intentded
recipient, please contact the sender by reply email and destroy all
copies of the original message.
#:—§IÏ®ˆÞrØm¶ŸÿÃ
(¥éì²Z+K­+©¦Ší1¨¥ŠxŠËh¥éì²[¬z»(¥éì²Z+€­¢f­yÒâ²Ó¨®f£¢·hšŠ)z{,–Šà

Re: problem verifying signature from java

2005-06-21 Thread Dr. Stephen Henson
On Thu, Jun 16, 2005, coco coco wrote:

 
 Sorry to disappoint you, I've been banging my head on the monitor for
 2 days now, going over the code and manual/api docs/examples/google
 for so many times, and I'm still having difficulties to get openssl and Java
 work together. All my crypto coding experiences are on Java, and this
 is the first time trying to get some very basic functionalities in C++,
 and it turns out to be much much harder than I thought :(
 
 And notice the key/cert I used in my test code are actually from the
 openssl examples.
 
 Anyone who has experience making openssl work with java, please give
 a hint. That'll be very much appreciated.
 

To rule out any problems with your OpenSSL code I'd suggest you check the
signatures using the dgst command and if there are problems analyze them using
rsautl.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]


RE: problem verifying signature from java

2005-06-19 Thread Madhu Sudhan Reddy
Did you got any break through.

-Madhu

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of coco coco
Sent: Friday, June 17, 2005 6:49 AM
To: openssl-users@openssl.org
Subject: RE: problem verifying signature from java


   I am also facing the similar problem. I am generating signature
using OpenSSL and passing in to JAVA to verify (running JAVA test
suite). Signature format is in DER encoded PKCS#7 format.

   But JAVA is not able to parse the SignedData content in the
PKCS#7 format. It is giving rejects tag type -96 error while parsing.

   Any comments on this are greatly appreciated.

   If you got any cluekindly let me know.


Sorry to disappoint you, I've been banging my head on the monitor for
2 days now, going over the code and manual/api docs/examples/google
for so many times, and I'm still having difficulties to get openssl and
Java
work together. All my crypto coding experiences are on Java, and this
is the first time trying to get some very basic functionalities in C++,
and it turns out to be much much harder than I thought :(

And notice the key/cert I used in my test code are actually from the
openssl examples.

Anyone who has experience making openssl work with java, please give
a hint. That'll be very much appreciated.

coco

_
Don't just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]


#
This Email Message is for the sole use of the intended recipient(s) and May 
contain CONFIDENTIAL and PRIVILEGED information.
LG Soft India will not be responisible for any viruses or defects or
any forwarded attachements emanating either from within
LG Soft India or outside. Any unauthorised review , use, disclosure or 
distribution is prohibited. If you are not intentded
recipient, please contact the sender by reply email and destroy all
copies of the original message.
#

RE: problem verifying signature from java

2005-06-16 Thread Madhu Sudhan Reddy
Hello coco,

I am also facing the similar problem. I am generating signature
using OpenSSL and passing in to JAVA to verify (running JAVA test
suite). Signature format is in DER encoded PKCS#7 format. 

But JAVA is not able to parse the SignedData content in the
PKCS#7 format. It is giving rejects tag type -96 error while parsing.

Any comments on this are greatly appreciated.

If you got any cluekindly let me know.

Thanking you
Madhu

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of coco coco
Sent: Wednesday, June 15, 2005 5:17 PM
To: openssl-users@openssl.org
Subject: problem verifying signature from java

I'm trying to get a client application written in C++ using OpenSSL to 
verify a signature sent by a
server (in Java) and vice versa. Not sure I specified it correctly, but
the 
signatures generated on
both sides, from the same input data, are not the same, and therefore,
can't 
be verify. And this
is using the same key, of course.

Here is the code in Java for signing it:

==
String testKey =
-BEGIN RSA PRIVATE KEY-\n +

MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ\n +

2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF\n +

oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr\n +

8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc\n +

a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7\n +

WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA\n +
6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=\n +
-END RSA PRIVATE KEY-\n;

String testCert =
-BEGIN CERTIFICATE-\n +

MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD\n +

VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv\n +

bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy\n +

dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X\n +

DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw\n +

EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l\n +

dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT\n +

EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp\n +

MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw\n +

L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN\n +

BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX\n +
9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=\n +
-END CERTIFICATE-\n;

   // same input string for both Java and C++
String input = 9O2CQ14zAXEd7GzJ9XELhQH.aE6;

public void doSign()
{
try
{
   // Note: PEMReader is from BouncyCastle
StringReader sReader = new
StringReader(testKey);
PEMReader pemReader = new PEMReader(sReader);

KeyPair keypair = (KeyPair)
pemReader.readObject();

PrivateKey privKey = keypair.getPrivate();
PublicKey pubKey = keypair.getPublic();

sReader = new StringReader(testCert);
pemReader = new PEMReader(sReader);

X509Certificate cert =
(X509Certificate)pemReader.readObject();
PublicKey pubKey2 = cert.getPublicKey();

Signature sig =
Signature.getInstance(SHA1withRSA);
sig.initSign(privKey);
sig.update(input.getBytes());

byte[] sigvalue = sig.sign();

Base64 b64 = new Base64();
byte[] b = b64.encode(sigvalue);
String s = new String(b);
System.out.println(' + s + ');

sig.initVerify(pubKey2);
sig.update(input.getBytes());
boolean status = sig.verify(sigvalue);

System.out.println(status);

}
catch(Exception e)
{
e.printStackTrace();
}
}

==

And the code in C for verifying:

==

char * testKey =
-BEGIN RSA PRIVATE KEY-\n \

MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ\n \

2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF\n \

oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr\n \

8IECIQD3B5+0l

RE: problem verifying signature from java

2005-06-16 Thread coco coco



I am also facing the similar problem. I am generating signature
using OpenSSL and passing in to JAVA to verify (running JAVA test
suite). Signature format is in DER encoded PKCS#7 format.

But JAVA is not able to parse the SignedData content in the
PKCS#7 format. It is giving rejects tag type -96 error while parsing.

Any comments on this are greatly appreciated.

If you got any cluekindly let me know.



Sorry to disappoint you, I've been banging my head on the monitor for
2 days now, going over the code and manual/api docs/examples/google
for so many times, and I'm still having difficulties to get openssl and Java
work together. All my crypto coding experiences are on Java, and this
is the first time trying to get some very basic functionalities in C++,
and it turns out to be much much harder than I thought :(

And notice the key/cert I used in my test code are actually from the
openssl examples.

Anyone who has experience making openssl work with java, please give
a hint. That'll be very much appreciated.

coco

_
Don?t just search. Find. Check out the new MSN Search! 
http://search.msn.click-url.com/go/onm00200636ave/direct/01/


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]


problem verifying signature from java

2005-06-15 Thread coco coco
I'm trying to get a client application written in C++ using OpenSSL to 
verify a signature sent by a
server (in Java) and vice versa. Not sure I specified it correctly, but the 
signatures generated on
both sides, from the same input data, are not the same, and therefore, can't 
be verify. And this

is using the same key, of course.

Here is the code in Java for signing it:

==
String testKey =
-BEGIN RSA PRIVATE KEY-\n +

MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ\n +

2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF\n +

oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr\n +

8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc\n +

a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7\n +

WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA\n +
6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=\n +
-END RSA PRIVATE KEY-\n;

String testCert =
-BEGIN CERTIFICATE-\n +

MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD\n +

VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv\n +

bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy\n +

dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X\n +

DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw\n +

EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l\n +

dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT\n +

EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp\n +

MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw\n +

L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN\n +

BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX\n +
9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=\n +
-END CERTIFICATE-\n;

  // same input string for both Java and C++
String input = 9O2CQ14zAXEd7GzJ9XELhQH.aE6;

public void doSign()
{
try
{
  // Note: PEMReader is from BouncyCastle
StringReader sReader = new StringReader(testKey);
PEMReader pemReader = new PEMReader(sReader);

KeyPair keypair = (KeyPair) pemReader.readObject();

PrivateKey privKey = keypair.getPrivate();
PublicKey pubKey = keypair.getPublic();

sReader = new StringReader(testCert);
pemReader = new PEMReader(sReader);

X509Certificate cert = 
(X509Certificate)pemReader.readObject();
PublicKey pubKey2 = cert.getPublicKey();

Signature sig = Signature.getInstance(SHA1withRSA);
sig.initSign(privKey);
sig.update(input.getBytes());

byte[] sigvalue = sig.sign();

Base64 b64 = new Base64();
byte[] b = b64.encode(sigvalue);
String s = new String(b);
System.out.println(' + s + ');

sig.initVerify(pubKey2);
sig.update(input.getBytes());
boolean status = sig.verify(sigvalue);

System.out.println(status);

}
catch(Exception e)
{
e.printStackTrace();
}
}

==

And the code in C for verifying:

==

char * testKey =
-BEGIN RSA PRIVATE KEY-\n \

MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ\n \

2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF\n \

oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr\n \

8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc\n \

a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7\n \

WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA\n \
6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=\n \
-END RSA PRIVATE KEY-\n;

char * testCert =
-BEGIN CERTIFICATE-\n \

MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD\n \