clear.signed outout cannot be verified with openssl backed library

Question

clear.signed outout cannot be verified with openssl backed library

yen936 opened this issue 4 years ago · 1 comments

Thanks for making this library!

A signature made is verified false with an the openssl based Python library Cryptography. I am no advanced cryptographer, so I'm not sure where to dig--but it seems to me that there is a delta between the salts?

Any help would be greatly appreciated!
Version in Podfile: Latest (0.2.1 I think)

let msg = try ClearMessage(string: "My test text", using: .utf8)
let signature = msg.signed(with: privateKey, digestType: .sha256)

let data = signature.data
let base64String = signature.base64String

Python Backend - In between the two code snippets, send the public key, the clear message & signature from the iOS device to my backend for processing.

try:
        public_key.verify(
            signature,
            input_string.encode('utf-8'),
            padding.PSS(
                mgf=padding.MGF1(hashes.SHA256()),
                salt_length=padding.PSS.MAX_LENGTH,
            ),
            hashes.SHA256()
        )
        return "SUCCESS: Signature Verified!"

except cryptography.exceptions.InvalidSignature as e:
        return 'FAILED: Payload and/or signature files failed verification'

returns returns cryptography.exceptions.InvalidSignature

Answer 1 · 2021-02-21T23:53:08.000Z

I found the solution, leaving for others.

I was using padding.PSS but SwiftyRSA defaults to .PKCS1SHA256 Documentation

below code works

try:
        public_key.verify(
            signature_decoded,
            input_string.encode('utf-8'),
            padding.PKCS1v15(),
            hashes.SHA256()
        )
        return "SUCCESS: Signature Verified!"

    except cryptography.exceptions.InvalidSignature as e:
        return 'FAILED: Payload and/or signature files failed verification'