Digital Signature Verification
Vishal Rana
vishal.rana118 at gmail.com
Tue Apr 19 12:22:43 CEST 2022
Hi Team,
Digital signature verification is failing. Getting "*Bad signature*" error.
How to debug this??
Having some observations.
*scenario 1*: Using 2 machines.
1 for signing message file. using ($ gpg --version gpg (GnuPG) 2.2.19
libgcrypt 1.8.5 ).
another machine for sign verification with (libgcrypt 1.8.5.)
Getting "*Bad signature*" error for *gcry_pk_verify (**gcry_sexp_t* sig*, *
*gcry_sexp_t *data*, **gcry_sexp_t *pkey*) .*
*scenario 2:* Using 1 machine only for signing and verification with
(libgcrypt 1.8.5.).
Getting "* Signature Verified*". Success.
In both scenario's I am using the same "message file", same set of RSA
"private/public keys" and same sha512 hash.
But observation is generated signature,"image.sig" files on both scenarios
are different. means hexdump for image.sig in both scenario is different.
Please suggest how to test or debug this.
Regards,
Vishal Rana.
On Fri, Apr 8, 2022 at 2:34 PM Werner Koch <wk at gnupg.org> wrote:
> On Fri, 8 Apr 2022 14:07, Vishal Rana said:
>
> > But my received signed image is some unreadable "--detach-sign" file .
> > How I am able to make a received signed image to * gcry_sexp_t *please
> > suggest*.*
>
> See gnupg/g10/parse-packet.c
> and gnupg/g10/pkglue.c
>
> and please do yourself a favor and start with a simpler project than
> implementing OpenPGP.
>
>
> Salam-Shalom,
>
> Werner
>
>
> --
> The pioneers of a warless world are the youth that
> refuse military service. - A. Einstein
>
--
*Thanks & Regards,Vishal RanaMobile :09422123401*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220419/4d2615fd/attachment.html>
More information about the Gnupg-users
mailing list