Yes, I have public key and start test verification but I faced in some problem and stopped for today.<br>I can't read public key instance from der bytes (I have pem formated public key file) by same way as I read private key instance (by "aRSAPrivateKeyFileReader asPublicKey").<br>
<br>I think tomorrow I send you my results.<br><br><div class="gmail_quote">2010/9/22 Rob Withers <span dir="ltr"><<a href="mailto:reefedjib@gmail.com">reefedjib@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div style="padding-left: 10px; padding-right: 10px; padding-top: 15px;" name="Compose message area">
<div><font face="Calibri">Denis,</font></div>
<div><font face="Calibri"></font> </div>
<div><font face="Calibri">One other thing. Do you have the publicKey for
that privateKey you used in the test case? We should really be checking
the verification step as well.</font></div>
<div><font face="Calibri"></font> </div>
<div><font face="Calibri">Thanks,<br>Rob</font></div>
<div style="font: 10pt Tahoma;">
<div><br></div>
<div style="background: none repeat scroll 0% 0% rgb(245, 245, 245);">
<div><b>From:</b> <a title="mailto:dionisiydk@gmail.com
CTRL + Click to follow link" href="mailto:dionisiydk@gmail.com" target="_blank">Denis Kudriashov</a> </div>
<div><b>Sent:</b> Wednesday, September 22, 2010 9:51 AM</div><div class="im">
<div><b>To:</b> <a title="squeak-dev@lists.squeakfoundation.org" href="mailto:squeak-dev@lists.squeakfoundation.org" target="_blank">The general-purpose Squeak
developers list</a> </div>
</div><div><div></div><div class="h5"><div><b>Subject:</b> Re: [squeak-dev] Crypto RSAWithSHA1 sign</div></div></div></div></div><div><div></div><div class="h5">
<div><br></div>Hello, Rob.<br><br>I found solution. VW help me very
much.<br><br>Your changes almost right.<br><br>method SHA1
class>>digestInfoAsn1DerEncodingFromMessage: is good and placed right. But
method RSAPrivateKey>>v15SignMessageHash: is wrong:<br><br>
<div style="margin-left: 40px;">RSAPrivateKey>>v15SignMessageHash:
encodedMsg<br><br> | padded toBeSigned |<br>
padded := ByteArray new: (256 - encodedMsg size - 3) withAll:
255.<br> toBeSigned := #(0) asByteArray, #(1) asByteArray,
padded, #(0) asByteArray, encodedMsg.<br> ^ (self crypt:
toBeSigned asInteger) asByteArray.<br></div><br>I examine what happen in VW code
(it is work good like java). And now I have this version:<br><br>
<div style="margin-left: 40px;">v15SignMessageHash:
encodedMsg<br><br> | int emLen |<br>
<br> emLen := (p * q) digitLength -1.<br>
<br> int := LargePositiveInteger basicNew:
emLen.<br> " Our LargeIntegers are little endian, so we have
to reverse the bytes"<br> encodedMsg with: (encodedMsg size
to: 1 by: -1) do: [:each :index |<br> int
basicAt: index put: each].<br> int basicAt: encodedMsg size +
1 put: 0.<br><br> encodedMsg size + 2 to: emLen - 1 do: [ :ind
| int basicAt: ind put: 255].<br> int basicAt: emLen put:
1.<br> <br> ^ (self crypt: int)
asByteArray.<br></div><br><br>This is give me results same as java and
VW.<br><br>I attach this method and acceptence test for it.<br><br><br><br>
<div class="gmail_quote">2010/9/21 Rob Withers <span dir="ltr"><<a href="mailto:reefedjib@gmail.com" target="_blank">reefedjib@gmail.com</a>></span><br>
<blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">
<div style="padding-left: 10px; padding-right: 10px; padding-top: 15px;" name="Compose message area">
<div><font size="2" face="Arial">Denis,</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">I looks like I missed step 2 on page 38. I
am not preappending the AlgorithmIndentifier and producing the DER encoding of
the DigestInfo prior to padding and encrypting. I implemented it in the
attached changeset. Please load this and test for me.
</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Note that it requires either all of Cryptography
from the Cryptography repository loaded, or all of CryptoBase and CryptoCerts
from the inbox. The digest requires ASN1 encoding framework which is in
the certificate package.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Rob</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial"></font> </div>
<div style="font: 10pt Tahoma;">
<div><br></div>
<div style="background: none repeat scroll 0% 0% rgb(245, 245, 245);">
<div><b>From:</b> <a title="mailto:reefedjib@gmail.com
CTRL + Click to follow link" href="mailto:reefedjib@gmail.com" target="_blank">Rob Withers</a> </div>
<div><b>Sent:</b> Tuesday, September 21, 2010 12:31 PM</div>
<div>
<div></div>
<div>
<div><b>To:</b> <a title="mailto:squeak-dev@lists.squeakfoundation.org
CTRL + Click to follow link" href="mailto:squeak-dev@lists.squeakfoundation.org" target="_blank">The
general-purpose Squeak developers list</a> </div>
<div><b>Cc:</b> <a title="mailto:cryptography@lists.squeakfoundation.org
CTRL + Click to follow link" href="mailto:cryptography@lists.squeakfoundation.org" target="_blank">Squeak
Crypto</a> </div>
<div><b>Subject:</b> Re: [squeak-dev] Crypto RSAWithSHA1
sign</div></div></div></div></div>
<div>
<div></div>
<div>
<div><br></div>
<div><font size="2" face="Arial">Denis,</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">I do not know why I was looking at PKCS#11.
THe RSA spec is PKCS#1. In that document (<a title="ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
CTRL + Click to follow link" href="ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf" target="_blank">ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf</a>) on
page 25 it says: </font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">"<font face="Times New Roman">Two signature
schemes with appendix are specified in this document: RSASSA-PSS and
RSASSA-PKCS1-v1_5.</font>"</font></div>
<div style="font: 10pt Tahoma;"><font face="Arial"></font> </div>
<div style="font: 10pt Tahoma;"><font face="Arial">I implemented v1_5. It
may be that Java is using PSS. I may have implemented v1.5 wrong.
The signature creation and verification algorithms start on page 30. The
encoding is on 35.</font></div>
<div style="font: 10pt Tahoma;"><font face="Arial"></font> </div>
<div style="font: 10pt Tahoma;"><font face="Arial">Rob</font></div>
<div style="font: 10pt Tahoma;"><br></div>
<div style="font: 10pt Tahoma; background: none repeat scroll 0% 0% rgb(245, 245, 245);">
<div><b>From:</b> <a title="reefedjib@gmail.com" href="mailto:reefedjib@gmail.com" target="_blank">Rob Withers</a> </div>
<div><b>Sent:</b> Tuesday, September 21, 2010 12:06 PM</div>
<div><b>To:</b> <a title="mailto:squeak-dev@lists.squeakfoundation.org
CTRL + Click to follow link" href="mailto:squeak-dev@lists.squeakfoundation.org" target="_blank">The
general-purpose Squeak developers list</a> </div>
<div><b>Cc:</b> <a title="cryptography@lists.squeakfoundation.org" href="mailto:cryptography@lists.squeakfoundation.org" target="_blank">Squeak
Crypto</a> </div>
<div><b>Subject:</b> Re: [squeak-dev] Crypto RSAWithSHA1 sign</div></div>
<div><br></div>
<div><font size="2" face="Arial">Hi Denis,</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">I originally wrote the v15 signature methods in
April of 2007. I am currently trying to download the PKCS#11 V2.30 doc
to verify, but IIRC there are more than one signature algorithm defined
for RSA. I don't recall why I chose v15. Perhaps Java is using
another RSA signature function.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">There are no explicit tests for this
signature. There is a test inside of the CryptoX509Test
(#verifySHA1WithRSAEncryptionFromParentCertificate: ), but it isn't used as
the certificate that exposed it has expired and so is failing. I removed
that certificate test.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Let's talk bytes...the way this works in Squeak
is that the RSA pads the SHA1 hashed message and encrypts it.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">v15SignMessage: aMessage</font></div>
<div> </div>
<div><font size="2" face="Arial"> ^ self v15SignMessageHash: (SHA1
hashMessage: aMessage).<br></font></div>
<div><font size="2" face="Arial">and</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">v15SignMessageHash: encodedMsg</font></div>
<div> </div>
<div><font size="2" face="Arial"> | padded toBeSigned |<br> padded :=
ByteArray new: (256 - encodedMsg size - 3) withAll: 255.<br> toBeSigned
:= #(0) asByteArray, #(1) asByteArray, padded, #(0) asByteArray,
encodedMsg.<br> ^ (self crypt: toBeSigned asInteger)
asByteArray.<br></font></div>
<div><font size="2" face="Arial">Presumably the #crypt: function will be the same
in Java and Squeak given the same key. So if there are 2 different
signature functions in RSA, I would suspect that the padding would be
different.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Still trying to download the
spec....</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">What do you think?</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Cheers,</font></div>
<div><font size="2" face="Arial">Rob</font></div>
<div style="font: 10pt Tahoma;">
<div><br></div>
<div style="background: none repeat scroll 0% 0% rgb(245, 245, 245);">
<div><b>From:</b> <a title="mailto:dionisiydk@gmail.com
CTRL + Click to follow link" href="mailto:dionisiydk@gmail.com" target="_blank">Denis Kudriashov</a> </div>
<div><b>Sent:</b> Tuesday, September 21, 2010 11:21 AM</div>
<div><b>To:</b> <a title="mailto:squeak-dev@lists.squeakfoundation.org
CTRL + Click to follow link" href="mailto:squeak-dev@lists.squeakfoundation.org" target="_blank">The
general-purpose Squeak developers list</a> </div>
<div><b>Subject:</b> [squeak-dev] Crypto RSAWithSHA1 sign</div></div></div>
<div><font size="2" face="Arial"></font><br></div>Hello <br><br>Is somebody use
Cryptography for RSA with SHA1 digital signature?<br><br>I try do same result
as I hava in java programm<br>I have rsa private key as smalltalk object. It
has same values as java private key object.<br><br>But code<br><br>privateKey
v15SignMessage: message asByteArray .<br><br>returns me wrong result.
Its differ from java working test<br>
<p></p>
<hr>
<p></p><br></div></div></div><br><br><br></blockquote></div><br>
</div></div><p>
</p><hr>
<p></p><br></div>
<br><br>
<br></blockquote></div><br>