MD5WithRSA digital signatures
John Morris
mailjohnmorris at gmail.com
Thu Jun 9 23:24:31 CEST 2011
Hi,
I'm trying to verify digital signatures generated in libgcrypt in a java app
using "MD5WithRSA" type signatures.
I think perhaps I am creating the signature incorrectly in libgcrypt, but I
am not sure what to do to produce one that can be used by the java Signature
class.
Here is how I am verifying in java:
Signature sig = Signature.getInstance("MD5WithRSA");
sig.initVerify(pubKey);
sig.update(data);
boolean result = sig.verify(signature);
The above works for signatures I created with the java Signature class, but
not those I created in my C app with libgcrypt.
Here is my libgcrypt code for creating the signature:
char md5[16];
gcry_md_hash_buffer(GCRY_MD_MD5, md5, data, dataLen);
rc = gcry_sexp_build(&data_sexp, NULL, "(data(flags pkcs1)(hash md5 %b))",
(size_t)16, md5);
rc = gcry_pk_sign(&signature, data_sexp, privKey);
I am able to verify the libgcrypt signatures with libgcrypt itself, so I am
pretty sure I am just specifying some option wrong when creating the
signature, or I am misunderstanding how to include the md5 using libgcrypt
in a way that is compatible with the java Signature class.
Does anyone know how I can create signatures that are compatible with the
Signature class in the standard java libraries?
Thanks,
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20110609/a2c7980f/attachment-0001.htm>
More information about the Gcrypt-devel
mailing list