Thank you very much Rob.<br><br>All good ok.<br><br><div class="gmail_quote">2010/9/23 Rob Withers <span dir="ltr"><<a href="mailto:reefedjib@gmail.com">reefedjib@gmail.com</a>></span><br><blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<div style="padding-left: 10px; padding-right: 10px; padding-top: 15px;" name="Compose message area">
<div><font size="2" face="Arial">Denis,</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">I found that when you join the "privateKey" bytes
with the publicKey bytes it does nothing. The "privateKey" bytes alone
carry the public key with the private key. The Der bytes result in a 9
element OrderedCollection and fields 2 and 3 are the exponent and modulus for
the public key.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">So I run the following to get both
keys:</font></div>
<div><font size="2" face="Arial"></font> </div><font size="2" face="Arial">
<div><div class="im"><br>key64 :=
'MIICXgIBAAKBgQDkI45GM6mYLlbxrKozE6bXWMoxvtVuIWOIF1KcGLED+4Gipriw<br>Nt0hkosuil513/CMjn9XBSZtaSsiIOLkXLZtbKYhATtvODR1nD/dl0JpFH7BLcD9<br>NGGRKOow0jg8fcPtXhLTy6Dsl7rfmVPJYuc4IlzZImTdErllmhzrTKT3YQIDAQAB<br>AoGBALPQjogomii3hZHQ3QmLGLqtYhjZaBH4wSF3+IXONF+GMcRIklNZuuuGPKt/<br>
JjrUOh4fBqFJDuO3u+aXcx45MRMLVHuQIuUbegJXVS+rnxXI3I6I4SLBkoV7Jqn/<br>J9T9biOXrzq/xN8XVJQm7zq/FXaHR6l+Wo50LaBj7llY+CMBAkEA8bfsbySseTbI<br>D7tR/bytEz/DhQ1knKS3nFo83NYwDm7YcdGC+f0rQIUuS30lKApeoygBUiLOSs7K<br>euxEi6wC0QJBAPGePI59Fc5alAivyTkYdV4sbIL+SL5oXEERRyezogEgRqCGJtyd<br>
MbnVviwREF4MiGTYQIIOx4aFrM/U4q9DL5ECQH+/QImMzEpTlXAbA74iFSZzMJYE<br>+gN/WjqbxkbAPC2kj2e33ozYLB+xQ0JKJXT/5fw8jFYoZvZKS+CjNabLhcECQQDp<br>bgrrToXGu1PRoKMzeiHKPfkIBUuaSZD3fA3WmYGmvNv/MhxRf70O4SW9xS6e7lTH<br>uPV5sXWqzXLLx8zJrotBAkEAgAoiR+5uOW9CgfWkblJ/YIgGbLiLQoFNZbwxXDfr<br>
</div>jcosTQvBjrc//rCnb2Pgm8QRGeN/CXKc9kKoWNqUQSYchQ=='.</div><div class="im">
<div> </div>
<div><br>derKey := (Base64MimeConverter mimeDecodeToBytes: key64
readStream )<br>contents.</div>
<div> </div>
</div><div><div class="im">r := RSAPrivateKeyFileReader new.<br>r decryptedBytes: derKey.<br>publicKey
:= r asPublicKey.<br></div>privateKey := r asPrivateKey.<br>{publicKey.
privateKey}<br></div>
<div> </div>
<div> </div>
<div>Now I look at the publicKey you gave me and the 2 elements of a
OrderedCollection. The second element is a BitString and if you reach in a
grab the bytes, they are also DER encoded. So decode those and you get the
exponent and modulus of the publicKey. I wrote a class attached to process
an RSA Public Key. I used the code below to process it:</div></font><div class="im">
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">key64 :=
'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkI45GM6mYLlbxrKozE6bXWMox<br>vtVuIWOIF1KcGLED+4GipriwNt0hkosuil513/CMjn9XBSZtaSsiIOLkXLZtbKYh<br>ATtvODR1nD/dl0JpFH7BLcD9NGGRKOow0jg8fcPtXhLTy6Dsl7rfmVPJYuc4IlzZ<br>ImTdErllmhzrTKT3YQIDAQAB'.</font></div>
<div> </div>
<div><font size="2" face="Arial">derKey := (Base64MimeConverter
mimeDecodeToBytes: key64 readStream )<br>contents.</font></div>
<div> </div>
</div><div><font size="2" face="Arial">r := RSAPublicKeyFileReader new.<br>r bytes: derKey
.<br>publicKey := r asPublicKey .<br></font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Thanks for the test!</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Cheers,<br>Rob</font></div>
<div style="font: 10pt Tahoma;">
<div><br></div>
<div style="background: none repeat scroll 0% 0% rgb(245, 245, 245);">
<div><b>From:</b> <a title="dionisiydk@gmail.com" href="mailto:dionisiydk@gmail.com" target="_blank">Denis Kudriashov</a> </div>
<div><b>Sent:</b> Thursday, September 23, 2010 3:33 AM</div><div><div></div><div class="h5">
<div><b>To:</b> <a title="squeak-dev@lists.squeakfoundation.org" href="mailto:squeak-dev@lists.squeakfoundation.org" target="_blank">The general-purpose Squeak
developers list</a> </div>
<div><b>Subject:</b> Re: [squeak-dev] Crypto RSAWithSHA1 sign</div></div></div></div></div><div><div></div><div class="h5">
<div><br></div>And verification work good.<br><br>I attatch new tests<br><br>
<div class="gmail_quote">2010/9/23 Denis Kudriashov <span dir="ltr"><<a href="mailto:dionisiydk@gmail.com" target="_blank">dionisiydk@gmail.com</a>></span><br>
<blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">I found when I join private and public keys my code work
good and I get RSAKey instance. <br><br>I join it by:<br><br>key64 :=
'MIICXgIBAAKBgQDkI45GM6mYLlbxrKozE6bXWMoxvtVuIWOIF1KcGLED+4Gipriw<br>Nt0hkosuil513/CMjn9XBSZtaSsiIOLkXLZtbKYhATtvODR1nD/dl0JpFH7BLcD9<br>NGGRKOow0jg8fcPtXhLTy6Dsl7rfmVPJYuc4IlzZImTdErllmhzrTKT3YQIDAQAB<br>AoGBALPQjogomii3hZHQ3QmLGLqtYhjZaBH4wSF3+IXONF+GMcRIklNZuuuGPKt/<br>
JjrUOh4fBqFJDuO3u+aXcx45MRMLVHuQIuUbegJXVS+rnxXI3I6I4SLBkoV7Jqn/<br>J9T9biOXrzq/xN8XVJQm7zq/FXaHR6l+Wo50LaBj7llY+CMBAkEA8bfsbySseTbI<br>D7tR/bytEz/DhQ1knKS3nFo83NYwDm7YcdGC+f0rQIUuS30lKApeoygBUiLOSs7K<br>euxEi6wC0QJBAPGePI59Fc5alAivyTkYdV4sbIL+SL5oXEERRyezogEgRqCGJtyd<br>
MbnVviwREF4MiGTYQIIOx4aFrM/U4q9DL5ECQH+/QImMzEpTlXAbA74iFSZzMJYE<br>+gN/WjqbxkbAPC2kj2e33ozYLB+xQ0JKJXT/5fw8jFYoZvZKS+CjNabLhcECQQDp<br>bgrrToXGu1PRoKMzeiHKPfkIBUuaSZD3fA3WmYGmvNv/MhxRf70O4SW9xS6e7lTH<br>uPV5sXWqzXLLx8zJrotBAkEAgAoiR+5uOW9CgfWkblJ/YIgGbLiLQoFNZbwxXDfr<br>
jcosTQvBjrc//rCnb2Pgm8QRGeN/CXKc9kKoWNqUQSYchQ==
<div><br>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkI45GM6mYLlbxrKozE6bXWMox<br>vtVuIWOIF1KcGLED+4GipriwNt0hkosuil513/CMjn9XBSZtaSsiIOLkXLZtbKYh<br>ATtvODR1nD/dl0JpFH7BLcD9NGGRKOow0jg8fcPtXhLTy6Dsl7rfmVPJYuc4IlzZ<br>ImTdErllmhzrTKT3YQIDAQAB'.<br>
<br><br></div>Why
I cant read public key separetelly?<br><br>Best regards,<br>Denis<br><br>
<div class="gmail_quote">2010/9/23 Denis Kudriashov <span dir="ltr"><<a href="mailto:dionisiydk@gmail.com" target="_blank">dionisiydk@gmail.com</a>></span>
<div>
<div></div>
<div><br>
<blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">Hello, Rob<br><br>I attatch public key in pem format (it
corresponds private key in my test).<br><br>I try read it by:<br><br>key64
:=
'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkI45GM6mYLlbxrKozE6bXWMox<br>vtVuIWOIF1KcGLED+4GipriwNt0hkosuil513/CMjn9XBSZtaSsiIOLkXLZtbKYh<br>ATtvODR1nD/dl0JpFH7BLcD9NGGRKOow0jg8fcPtXhLTy6Dsl7rfmVPJYuc4IlzZ<br>ImTdErllmhzrTKT3YQIDAQAB'.<br>
<br>derKey
:= (Base64MimeConverter mimeDecodeToBytes: key64 readStream )
contents.<br><br>r := RSAPrivateKeyFileReader new.<br>r decryptedBytes:
derKey .<br>publicKey := r asPublicKey .<br><br>and last line raise
error.<br><br>What you think about this?<br><br>
<div class="gmail_quote">2010/9/22 Denis Kudriashov <span dir="ltr"><<a href="mailto:dionisiydk@gmail.com" target="_blank">dionisiydk@gmail.com</a>></span>
<div>
<div></div>
<div><br>
<blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">Yes, I have public key and start test verification but I
faced in some problem and stopped for today.<br>I can't read public key
instance from der bytes (I have pem formated public key file) by same way
as I read private key instance (by "aRSAPrivateKeyFileReader
asPublicKey").<br><br>I think tomorrow I send you my results.<br><br>
<div class="gmail_quote">2010/9/22 Rob Withers <span dir="ltr"><<a href="mailto:reefedjib@gmail.com" target="_blank">reefedjib@gmail.com</a>></span>
<div>
<div></div>
<div><br>
<blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">
<div style="padding-left: 10px; padding-right: 10px; padding-top: 15px;" name="Compose message area">
<div><font face="Calibri">Denis,</font></div>
<div><font face="Calibri"></font> </div>
<div><font face="Calibri">One other thing. Do you have the publicKey
for that privateKey you used in the test case? We should really be
checking the verification step as well.</font></div>
<div><font face="Calibri"></font> </div>
<div><font face="Calibri">Thanks,<br>Rob</font></div>
<div style="font: 10pt Tahoma;">
<div><br></div>
<div style="background: none repeat scroll 0% 0% rgb(245, 245, 245);">
<div><b>From:</b> <a title="mailto:dionisiydk@gmail.com
CTRL + Click to follow link" href="mailto:dionisiydk@gmail.com" target="_blank">Denis Kudriashov</a>
</div>
<div><b>Sent:</b> Wednesday, September 22, 2010 9:51 AM</div>
<div>
<div><b>To:</b> <a title="squeak-dev@lists.squeakfoundation.org" href="mailto:squeak-dev@lists.squeakfoundation.org" target="_blank">The
general-purpose Squeak developers list</a> </div></div>
<div>
<div></div>
<div>
<div><b>Subject:</b> Re: [squeak-dev] Crypto RSAWithSHA1
sign</div></div></div></div></div>
<div>
<div></div>
<div>
<div><br></div>Hello, Rob.<br><br>I found solution. VW help me very
much.<br><br>Your changes almost right.<br><br>method SHA1
class>>digestInfoAsn1DerEncodingFromMessage: is good and placed
right. But method RSAPrivateKey>>v15SignMessageHash: is
wrong:<br><br>
<div style="margin-left: 40px;">RSAPrivateKey>>v15SignMessageHash:
encodedMsg<br><br> | padded toBeSigned
|<br> padded := ByteArray new: (256 - encodedMsg size
- 3) withAll: 255.<br> toBeSigned := #(0) asByteArray,
#(1) asByteArray, padded, #(0) asByteArray,
encodedMsg.<br> ^ (self crypt: toBeSigned asInteger)
asByteArray.<br></div><br>I examine what happen in VW code (it is work
good like java). And now I have this version:<br><br>
<div style="margin-left: 40px;">v15SignMessageHash:
encodedMsg<br><br> | int emLen |<br>
<br> emLen := (p * q) digitLength
-1.<br> <br> int
:= LargePositiveInteger basicNew: emLen.<br> " Our
LargeIntegers are little endian, so we have to reverse the
bytes"<br> encodedMsg with: (encodedMsg size to: 1 by:
-1) do: [:each :index |<br> int
basicAt: index put: each].<br> int basicAt: encodedMsg
size + 1 put: 0.<br><br> encodedMsg size + 2 to: emLen
- 1 do: [ :ind | int basicAt: ind put: 255].<br> int
basicAt: emLen put: 1.<br> <br> ^
(self crypt: int) asByteArray.<br></div><br><br>This is give me results
same as java and VW.<br><br>I attach this method and acceptence test for
it.<br><br><br><br>
<div class="gmail_quote">2010/9/21 Rob Withers <span dir="ltr"><<a href="mailto:reefedjib@gmail.com" target="_blank">reefedjib@gmail.com</a>></span><br>
<blockquote style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;" class="gmail_quote">
<div style="padding-left: 10px; padding-right: 10px; padding-top: 15px;" name="Compose message area">
<div><font size="2" face="Arial">Denis,</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">I looks like I missed step 2 on page
38. I am not preappending the AlgorithmIndentifier and producing
the DER encoding of the DigestInfo prior to padding and
encrypting. I implemented it in the attached changeset.
Please load this and test for me. </font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Note that it requires either all of
Cryptography from the Cryptography repository loaded, or all of
CryptoBase and CryptoCerts from the inbox. The digest requires
ASN1 encoding framework which is in the certificate
package.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Rob</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial"></font> </div>
<div style="font: 10pt Tahoma;">
<div><br></div>
<div style="background: none repeat scroll 0% 0% rgb(245, 245, 245);">
<div><b>From:</b> <a title="mailto:reefedjib@gmail.com
CTRL + Click to follow link" href="mailto:reefedjib@gmail.com" target="_blank">Rob Withers</a> </div>
<div><b>Sent:</b> Tuesday, September 21, 2010 12:31 PM</div>
<div>
<div></div>
<div>
<div><b>To:</b> <a title="mailto:squeak-dev@lists.squeakfoundation.org
CTRL + Click to follow link" href="mailto:squeak-dev@lists.squeakfoundation.org" target="_blank">The
general-purpose Squeak developers list</a> </div>
<div><b>Cc:</b> <a title="mailto:cryptography@lists.squeakfoundation.org
CTRL + Click to follow link" href="mailto:cryptography@lists.squeakfoundation.org" target="_blank">Squeak Crypto</a> </div>
<div><b>Subject:</b> Re: [squeak-dev] Crypto RSAWithSHA1
sign</div></div></div></div></div>
<div>
<div></div>
<div>
<div><br></div>
<div><font size="2" face="Arial">Denis,</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">I do not know why I was looking at
PKCS#11. THe RSA spec is PKCS#1. In that document (<a title="ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf
CTRL + Click to follow link" href="ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf" target="_blank">ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf</a>)
on page 25 it says: </font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">"<font face="Times New Roman">Two
signature schemes with appendix are specified in this document:
RSASSA-PSS and RSASSA-PKCS1-v1_5.</font>"</font></div>
<div style="font: 10pt Tahoma;"><font face="Arial"></font> </div>
<div style="font: 10pt Tahoma;"><font face="Arial">I implemented
v1_5. It may be that Java is using PSS. I may have
implemented v1.5 wrong. The signature creation and verification
algorithms start on page 30. The encoding is on 35.</font></div>
<div style="font: 10pt Tahoma;"><font face="Arial"></font> </div>
<div style="font: 10pt Tahoma;"><font face="Arial">Rob</font></div>
<div style="font: 10pt Tahoma;"><br></div>
<div style="font: 10pt Tahoma; background: none repeat scroll 0% 0% rgb(245, 245, 245);">
<div><b>From:</b> <a title="reefedjib@gmail.com" href="mailto:reefedjib@gmail.com" target="_blank">Rob Withers</a> </div>
<div><b>Sent:</b> Tuesday, September 21, 2010 12:06 PM</div>
<div><b>To:</b> <a title="mailto:squeak-dev@lists.squeakfoundation.org
CTRL + Click to follow link" href="mailto:squeak-dev@lists.squeakfoundation.org" target="_blank">The
general-purpose Squeak developers list</a> </div>
<div><b>Cc:</b> <a title="cryptography@lists.squeakfoundation.org" href="mailto:cryptography@lists.squeakfoundation.org" target="_blank">Squeak Crypto</a> </div>
<div><b>Subject:</b> Re: [squeak-dev] Crypto RSAWithSHA1
sign</div></div>
<div><br></div>
<div><font size="2" face="Arial">Hi Denis,</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">I originally wrote the v15 signature
methods in April of 2007. I am currently trying to download the
PKCS#11 V2.30 doc to verify, but IIRC there are more than one
signature algorithm defined for RSA. I don't recall why I chose
v15. Perhaps Java is using another RSA signature
function.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">There are no explicit tests for this
signature. There is a test inside of the CryptoX509Test
(#verifySHA1WithRSAEncryptionFromParentCertificate: ), but it isn't
used as the certificate that exposed it has expired and so is
failing. I removed that certificate test.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Let's talk bytes...the way this works in
Squeak is that the RSA pads the SHA1 hashed message and encrypts
it.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">v15SignMessage: aMessage</font></div>
<div> </div>
<div><font size="2" face="Arial"> ^ self v15SignMessageHash: (SHA1
hashMessage: aMessage).<br></font></div>
<div><font size="2" face="Arial">and</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">v15SignMessageHash:
encodedMsg</font></div>
<div> </div>
<div><font size="2" face="Arial"> | padded toBeSigned
|<br> padded := ByteArray new: (256 - encodedMsg size - 3)
withAll: 255.<br> toBeSigned := #(0) asByteArray, #(1)
asByteArray, padded, #(0) asByteArray, encodedMsg.<br> ^ (self
crypt: toBeSigned asInteger) asByteArray.<br></font></div>
<div><font size="2" face="Arial">Presumably the #crypt: function will be
the same in Java and Squeak given the same key. So if there are
2 different signature functions in RSA, I would suspect that the
padding would be different.</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Still trying to download the
spec....</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">What do you think?</font></div>
<div><font size="2" face="Arial"></font> </div>
<div><font size="2" face="Arial">Cheers,</font></div>
<div><font size="2" face="Arial">Rob</font></div>
<div style="font: 10pt Tahoma;">
<div><br></div>
<div style="background: none repeat scroll 0% 0% rgb(245, 245, 245);">
<div><b>From:</b> <a title="mailto:dionisiydk@gmail.com
CTRL + Click to follow link" href="mailto:dionisiydk@gmail.com" target="_blank">Denis Kudriashov</a>
</div>
<div><b>Sent:</b> Tuesday, September 21, 2010 11:21 AM</div>
<div><b>To:</b> <a title="mailto:squeak-dev@lists.squeakfoundation.org
CTRL + Click to follow link" href="mailto:squeak-dev@lists.squeakfoundation.org" target="_blank">The
general-purpose Squeak developers list</a> </div>
<div><b>Subject:</b> [squeak-dev] Crypto RSAWithSHA1
sign</div></div></div>
<div><font size="2" face="Arial"></font><br></div>Hello <br><br>Is
somebody use Cryptography for RSA with SHA1 digital
signature?<br><br>I try do same result as I hava in java programm<br>I
have rsa private key as smalltalk object. It has same values as java
private key object.<br><br>But code<br><br>privateKey v15SignMessage:
message asByteArray .<br><br>returns me wrong result. Its differ
from java working test<br>
<p></p>
<hr>
<p></p><br></div></div></div><br><br><br></blockquote></div><br></div></div>
<p></p>
<hr>
<p></p><br></div><br><br><br></blockquote></div></div></div><br></blockquote></div></div></div><br></blockquote></div></div></div><br></blockquote></div><br>
</div></div><p>
</p><hr>
<p></p><br></div>
<br><br>
<br></blockquote></div><br>