<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=text/html;charset=iso-8859-1 http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.18943"></HEAD>
<BODY style="PADDING-LEFT: 10px; PADDING-RIGHT: 10px; PADDING-TOP: 15px"
id=MailContainerBody leftMargin=0 topMargin=0 CanvasTabStop="true"
name="Compose message area">
<DIV><FONT size=2 face=Arial>Hi Denis,</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Nice find and thanks for fixing it and testing
it. I have integrated it into the various Cryptography packages (*see
below*) and published. All tests green.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>I am maintaining 2 parallel Monticello package
streams for Cryptography until we can figure out what will go into the Trunk and
what will remain separate. The original Cryptography package in the
Cryptography repository has been updated. The new CryptoCore,
CryptoCoreTests, CryptoExtras, CryptoExtrasTests, CryptoCerts nad
CryptoCertsTests have all been updated and published to the Inbox. All
tests green in both streams.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Rob</FONT></DIV>
<DIV style="FONT: 10pt Tahoma">
<DIV><BR></DIV>
<DIV style="BACKGROUND: #f5f5f5">
<DIV style="font-color: black"><B>From:</B> <A title=dionisiydk@gmail.com
href="mailto:dionisiydk@gmail.com">Denis Kudriashov</A> </DIV>
<DIV><B>Sent:</B> Tuesday, September 28, 2010 6:21 AM</DIV>
<DIV><B>To:</B> <A
title="mailto:squeak-dev@lists.squeakfoundation.org CTRL + Click to follow link"
href="mailto:squeak-dev@lists.squeakfoundation.org">The general-purpose Squeak
developers list</A> </DIV>
<DIV><B>Subject:</B> Re: [squeak-dev] Crypto RSAWithSHA1 sign</DIV></DIV></DIV>
<DIV><BR></DIV>Hello Rob.<BR><BR>I found another issue - rsa keys
generation.<BR>Method RSAKeyPairGenerator>>privateKey returns RSAKey
instance instead of RSAPrivateKey instance. I add
test<BR><BR>testSignVerificationByGeneratedKeys<BR><BR> |
signBytes gen |<BR> gen := RSAKeyPairGenerator bits:
1024. <BR> gen
computePrimes.<BR> <BR> signBytes := gen
privateKey v15SignMessage: 'hello'. <BR>
<BR> self assert: (gen publicKey v15Verify: signBytes
isSignatureOf: 'hello')<BR><BR>And this tests broken with existed
functionallity.<BR><BR>Now I fix it with some based on VW classes. I attatch all
with test. (its green)<BR><BR><BR>
<DIV class=gmail_quote>2010/9/23 Rob Withers <SPAN dir=ltr><<A
href="mailto:reefedjib@gmail.com">reefedjib@gmail.com</A>></SPAN><BR>
<BLOCKQUOTE
style="BORDER-LEFT: rgb(204,204,204) 1px solid; MARGIN: 0pt 0pt 0pt 0.8ex; PADDING-LEFT: 1ex"
class=gmail_quote>
<DIV style="PADDING-LEFT: 10px; PADDING-RIGHT: 10px; PADDING-TOP: 15px"
name="Compose message area">
<DIV><FONT size=2 face=Arial>I published our code changes into both the
Cryptography repository's Cryptography package and in the Inbox's Crypto
packages.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>All tests are green.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Thanks, Denis!</FONT></DIV>
<DIV style="FONT: 10pt Tahoma">
<DIV><BR></DIV>
<DIV style="BACKGROUND: rgb(245,245,245)">
<DIV><B>From:</B> <A title=dionisiydk@gmail.com
href="mailto:dionisiydk@gmail.com" target=_blank>Denis Kudriashov</A> </DIV>
<DIV><B>Sent:</B> Thursday, September 23, 2010 5:10 AM</DIV>
<DIV>
<DIV></DIV>
<DIV class=h5>
<DIV><B>To:</B> <A title=squeak-dev@lists.squeakfoundation.org
href="mailto:squeak-dev@lists.squeakfoundation.org" target=_blank>The
general-purpose Squeak developers list</A> </DIV>
<DIV><B>Subject:</B> Re: [squeak-dev] Crypto RSAWithSHA1
sign</DIV></DIV></DIV></DIV></DIV>
<DIV>
<DIV></DIV>
<DIV class=h5>
<DIV><BR></DIV>Thank you very much Rob.<BR><BR>All good ok.<BR><BR>
<DIV class=gmail_quote>2010/9/23 Rob Withers <SPAN dir=ltr><<A
href="mailto:reefedjib@gmail.com"
target=_blank>reefedjib@gmail.com</A>></SPAN><BR>
<BLOCKQUOTE
style="BORDER-LEFT: rgb(204,204,204) 1px solid; MARGIN: 0pt 0pt 0pt 0.8ex; PADDING-LEFT: 1ex"
class=gmail_quote>
<DIV style="PADDING-LEFT: 10px; PADDING-RIGHT: 10px; PADDING-TOP: 15px"
name="Compose message area">
<DIV><FONT size=2 face=Arial>Denis,</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>I found that when you join the "privateKey"
bytes with the publicKey bytes it does nothing. The "privateKey" bytes
alone carry the public key with the private key. The Der bytes result
in a 9 element OrderedCollection and fields 2 and 3 are the exponent and
modulus for the public key.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>So I run the following to get both
keys:</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV><FONT size=2 face=Arial>
<DIV>
<DIV><BR>key64 :=
'MIICXgIBAAKBgQDkI45GM6mYLlbxrKozE6bXWMoxvtVuIWOIF1KcGLED+4Gipriw<BR>Nt0hkosuil513/CMjn9XBSZtaSsiIOLkXLZtbKYhATtvODR1nD/dl0JpFH7BLcD9<BR>NGGRKOow0jg8fcPtXhLTy6Dsl7rfmVPJYuc4IlzZImTdErllmhzrTKT3YQIDAQAB<BR>AoGBALPQjogomii3hZHQ3QmLGLqtYhjZaBH4wSF3+IXONF+GMcRIklNZuuuGPKt/<BR>JjrUOh4fBqFJDuO3u+aXcx45MRMLVHuQIuUbegJXVS+rnxXI3I6I4SLBkoV7Jqn/<BR>J9T9biOXrzq/xN8XVJQm7zq/FXaHR6l+Wo50LaBj7llY+CMBAkEA8bfsbySseTbI<BR>D7tR/bytEz/DhQ1knKS3nFo83NYwDm7YcdGC+f0rQIUuS30lKApeoygBUiLOSs7K<BR>euxEi6wC0QJBAPGePI59Fc5alAivyTkYdV4sbIL+SL5oXEERRyezogEgRqCGJtyd<BR>MbnVviwREF4MiGTYQIIOx4aFrM/U4q9DL5ECQH+/QImMzEpTlXAbA74iFSZzMJYE<BR>+gN/WjqbxkbAPC2kj2e33ozYLB+xQ0JKJXT/5fw8jFYoZvZKS+CjNabLhcECQQDp<BR>bgrrToXGu1PRoKMzeiHKPfkIBUuaSZD3fA3WmYGmvNv/MhxRf70O4SW9xS6e7lTH<BR>uPV5sXWqzXLLx8zJrotBAkEAgAoiR+5uOW9CgfWkblJ/YIgGbLiLQoFNZbwxXDfr<BR></DIV>jcosTQvBjrc//rCnb2Pgm8QRGeN/CXKc9kKoWNqUQSYchQ=='.</DIV>
<DIV>
<DIV> </DIV>
<DIV><BR>derKey := (Base64MimeConverter mimeDecodeToBytes: key64
readStream )<BR>contents.</DIV>
<DIV> </DIV></DIV>
<DIV>
<DIV>r := RSAPrivateKeyFileReader new.<BR>r decryptedBytes:
derKey.<BR>publicKey := r asPublicKey.<BR></DIV>privateKey := r
asPrivateKey.<BR>{publicKey. privateKey}<BR></DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV>Now I look at the publicKey you gave me and the 2 elements of a
OrderedCollection. The second element is a BitString and if you reach
in a grab the bytes, they are also DER encoded. So decode those and
you get the exponent and modulus of the publicKey. I wrote a class
attached to process an RSA Public Key. I used the code below to
process it:</DIV></FONT>
<DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>key64 :=
'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkI45GM6mYLlbxrKozE6bXWMox<BR>vtVuIWOIF1KcGLED+4GipriwNt0hkosuil513/CMjn9XBSZtaSsiIOLkXLZtbKYh<BR>ATtvODR1nD/dl0JpFH7BLcD9NGGRKOow0jg8fcPtXhLTy6Dsl7rfmVPJYuc4IlzZ<BR>ImTdErllmhzrTKT3YQIDAQAB'.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT size=2 face=Arial>derKey := (Base64MimeConverter
mimeDecodeToBytes: key64 readStream )<BR>contents.</FONT></DIV>
<DIV> </DIV></DIV>
<DIV><FONT size=2 face=Arial>r := RSAPublicKeyFileReader new.<BR>r bytes:
derKey .<BR>publicKey := r asPublicKey .<BR></FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Thanks for the test!</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Cheers,<BR>Rob</FONT></DIV>
<DIV style="FONT: 10pt Tahoma">
<DIV><BR></DIV>
<DIV style="BACKGROUND: rgb(245,245,245)">
<DIV><B>From:</B> <A title=dionisiydk@gmail.com
href="mailto:dionisiydk@gmail.com" target=_blank>Denis Kudriashov</A> </DIV>
<DIV><B>Sent:</B> Thursday, September 23, 2010 3:33 AM</DIV>
<DIV>
<DIV></DIV>
<DIV>
<DIV><B>To:</B> <A title=squeak-dev@lists.squeakfoundation.org
href="mailto:squeak-dev@lists.squeakfoundation.org" target=_blank>The
general-purpose Squeak developers list</A> </DIV>
<DIV><B>Subject:</B> Re: [squeak-dev] Crypto RSAWithSHA1
sign</DIV></DIV></DIV></DIV></DIV>
<DIV>
<DIV></DIV>
<DIV>
<DIV><BR></DIV>And verification work good.<BR><BR>I attatch new
tests<BR><BR>
<DIV class=gmail_quote>2010/9/23 Denis Kudriashov <SPAN dir=ltr><<A
href="mailto:dionisiydk@gmail.com"
target=_blank>dionisiydk@gmail.com</A>></SPAN><BR>
<BLOCKQUOTE
style="BORDER-LEFT: rgb(204,204,204) 1px solid; MARGIN: 0pt 0pt 0pt 0.8ex; PADDING-LEFT: 1ex"
class=gmail_quote>I found when I join private and public keys my code work
good and I get RSAKey instance. <BR><BR>I join it by:<BR><BR>key64 :=
'MIICXgIBAAKBgQDkI45GM6mYLlbxrKozE6bXWMoxvtVuIWOIF1KcGLED+4Gipriw<BR>Nt0hkosuil513/CMjn9XBSZtaSsiIOLkXLZtbKYhATtvODR1nD/dl0JpFH7BLcD9<BR>NGGRKOow0jg8fcPtXhLTy6Dsl7rfmVPJYuc4IlzZImTdErllmhzrTKT3YQIDAQAB<BR>AoGBALPQjogomii3hZHQ3QmLGLqtYhjZaBH4wSF3+IXONF+GMcRIklNZuuuGPKt/<BR>JjrUOh4fBqFJDuO3u+aXcx45MRMLVHuQIuUbegJXVS+rnxXI3I6I4SLBkoV7Jqn/<BR>J9T9biOXrzq/xN8XVJQm7zq/FXaHR6l+Wo50LaBj7llY+CMBAkEA8bfsbySseTbI<BR>D7tR/bytEz/DhQ1knKS3nFo83NYwDm7YcdGC+f0rQIUuS30lKApeoygBUiLOSs7K<BR>euxEi6wC0QJBAPGePI59Fc5alAivyTkYdV4sbIL+SL5oXEERRyezogEgRqCGJtyd<BR>MbnVviwREF4MiGTYQIIOx4aFrM/U4q9DL5ECQH+/QImMzEpTlXAbA74iFSZzMJYE<BR>+gN/WjqbxkbAPC2kj2e33ozYLB+xQ0JKJXT/5fw8jFYoZvZKS+CjNabLhcECQQDp<BR>bgrrToXGu1PRoKMzeiHKPfkIBUuaSZD3fA3WmYGmvNv/MhxRf70O4SW9xS6e7lTH<BR>uPV5sXWqzXLLx8zJrotBAkEAgAoiR+5uOW9CgfWkblJ/YIgGbLiLQoFNZbwxXDfr<BR>jcosTQvBjrc//rCnb2Pgm8QRGeN/CXKc9kKoWNqUQSYchQ==
<DIV><BR>MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkI45GM6mYLlbxrKozE6bXWMox<BR>vtVuIWOIF1KcGLED+4GipriwNt0hkosuil513/CMjn9XBSZtaSsiIOLkXLZtbKYh<BR>ATtvODR1nD/dl0JpFH7BLcD9NGGRKOow0jg8fcPtXhLTy6Dsl7rfmVPJYuc4IlzZ<BR>ImTdErllmhzrTKT3YQIDAQAB'.<BR><BR><BR></DIV>Why
I cant read public key separetelly?<BR><BR>Best regards,<BR>Denis<BR><BR>
<DIV class=gmail_quote>2010/9/23 Denis Kudriashov <SPAN dir=ltr><<A
href="mailto:dionisiydk@gmail.com"
target=_blank>dionisiydk@gmail.com</A>></SPAN>
<DIV>
<DIV></DIV>
<DIV><BR>
<BLOCKQUOTE
style="BORDER-LEFT: rgb(204,204,204) 1px solid; MARGIN: 0pt 0pt 0pt 0.8ex; PADDING-LEFT: 1ex"
class=gmail_quote>Hello, Rob<BR><BR>I attatch public key in pem format
(it corresponds private key in my test).<BR><BR>I try read it
by:<BR><BR>key64 :=
'MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkI45GM6mYLlbxrKozE6bXWMox<BR>vtVuIWOIF1KcGLED+4GipriwNt0hkosuil513/CMjn9XBSZtaSsiIOLkXLZtbKYh<BR>ATtvODR1nD/dl0JpFH7BLcD9NGGRKOow0jg8fcPtXhLTy6Dsl7rfmVPJYuc4IlzZ<BR>ImTdErllmhzrTKT3YQIDAQAB'.<BR><BR>derKey
:= (Base64MimeConverter mimeDecodeToBytes: key64 readStream )
contents.<BR><BR>r := RSAPrivateKeyFileReader new.<BR>r decryptedBytes:
derKey .<BR>publicKey := r asPublicKey .<BR><BR>and last line raise
error.<BR><BR>What you think about this?<BR><BR>
<DIV class=gmail_quote>2010/9/22 Denis Kudriashov <SPAN dir=ltr><<A
href="mailto:dionisiydk@gmail.com"
target=_blank>dionisiydk@gmail.com</A>></SPAN>
<DIV>
<DIV></DIV>
<DIV><BR>
<BLOCKQUOTE
style="BORDER-LEFT: rgb(204,204,204) 1px solid; MARGIN: 0pt 0pt 0pt 0.8ex; PADDING-LEFT: 1ex"
class=gmail_quote>Yes, I have public key and start test verification
but I faced in some problem and stopped for today.<BR>I can't read
public key instance from der bytes (I have pem formated public key
file) by same way as I read private key instance (by
"aRSAPrivateKeyFileReader asPublicKey").<BR><BR>I think tomorrow I
send you my results.<BR><BR>
<DIV class=gmail_quote>2010/9/22 Rob Withers <SPAN dir=ltr><<A
href="mailto:reefedjib@gmail.com"
target=_blank>reefedjib@gmail.com</A>></SPAN>
<DIV>
<DIV></DIV>
<DIV><BR>
<BLOCKQUOTE
style="BORDER-LEFT: rgb(204,204,204) 1px solid; MARGIN: 0pt 0pt 0pt 0.8ex; PADDING-LEFT: 1ex"
class=gmail_quote>
<DIV
style="PADDING-LEFT: 10px; PADDING-RIGHT: 10px; PADDING-TOP: 15px"
name="Compose message area">
<DIV><FONT face=Calibri>Denis,</FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT face=Calibri>One other thing. Do you have the
publicKey for that privateKey you used in the test case? We
should really be checking the verification step as
well.</FONT></DIV>
<DIV><FONT face=Calibri></FONT> </DIV>
<DIV><FONT face=Calibri>Thanks,<BR>Rob</FONT></DIV>
<DIV style="FONT: 10pt Tahoma">
<DIV><BR></DIV>
<DIV style="BACKGROUND: rgb(245,245,245)">
<DIV><B>From:</B> <A
title="mailto:dionisiydk@gmail.com CTRL + Click to follow link"
href="mailto:dionisiydk@gmail.com" target=_blank>Denis
Kudriashov</A> </DIV>
<DIV><B>Sent:</B> Wednesday, September 22, 2010 9:51 AM</DIV>
<DIV>
<DIV><B>To:</B> <A title=squeak-dev@lists.squeakfoundation.org
href="mailto:squeak-dev@lists.squeakfoundation.org"
target=_blank>The general-purpose Squeak developers list</A>
</DIV></DIV>
<DIV>
<DIV></DIV>
<DIV>
<DIV><B>Subject:</B> Re: [squeak-dev] Crypto RSAWithSHA1
sign</DIV></DIV></DIV></DIV></DIV>
<DIV>
<DIV></DIV>
<DIV>
<DIV><BR></DIV>Hello, Rob.<BR><BR>I found solution. VW help me very
much.<BR><BR>Your changes almost right.<BR><BR>method SHA1
class>>digestInfoAsn1DerEncodingFromMessage: is good and
placed right. But method RSAPrivateKey>>v15SignMessageHash: is
wrong:<BR><BR>
<DIV
style="MARGIN-LEFT: 40px">RSAPrivateKey>>v15SignMessageHash:
encodedMsg<BR><BR> | padded toBeSigned
|<BR> padded := ByteArray new: (256 - encodedMsg
size - 3) withAll: 255.<BR> toBeSigned := #(0)
asByteArray, #(1) asByteArray, padded, #(0) asByteArray,
encodedMsg.<BR> ^ (self crypt: toBeSigned
asInteger) asByteArray.<BR></DIV><BR>I examine what happen in VW
code (it is work good like java). And now I have this
version:<BR><BR>
<DIV style="MARGIN-LEFT: 40px">v15SignMessageHash:
encodedMsg<BR><BR> | int emLen
|<BR> <BR> emLen := (p * q)
digitLength -1.<BR>
<BR> int := LargePositiveInteger basicNew:
emLen.<BR> " Our LargeIntegers are little endian,
so we have to reverse the bytes"<BR> encodedMsg
with: (encodedMsg size to: 1 by: -1) do: [:each :index
|<BR> int basicAt: index put:
each].<BR> int basicAt: encodedMsg size + 1 put:
0.<BR><BR> encodedMsg size + 2 to: emLen - 1 do: [
:ind | int basicAt: ind put: 255].<BR> int
basicAt: emLen put: 1.<BR> <BR>
^ (self crypt: int) asByteArray.<BR></DIV><BR><BR>This is give me
results same as java and VW.<BR><BR>I attach this method and
acceptence test for it.<BR><BR><BR><BR>
<DIV class=gmail_quote>2010/9/21 Rob Withers <SPAN dir=ltr><<A
href="mailto:reefedjib@gmail.com"
target=_blank>reefedjib@gmail.com</A>></SPAN><BR>
<BLOCKQUOTE
style="BORDER-LEFT: rgb(204,204,204) 1px solid; MARGIN: 0pt 0pt 0pt 0.8ex; PADDING-LEFT: 1ex"
class=gmail_quote>
<DIV
style="PADDING-LEFT: 10px; PADDING-RIGHT: 10px; PADDING-TOP: 15px"
name="Compose message area">
<DIV><FONT size=2 face=Arial>Denis,</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>I looks like I missed step 2 on page
38. I am not preappending the AlgorithmIndentifier and
producing the DER encoding of the DigestInfo prior to padding and
encrypting. I implemented it in the attached
changeset. Please load this and test for me.
</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Note that it requires either all of
Cryptography from the Cryptography repository loaded, or all of
CryptoBase and CryptoCerts from the inbox. The digest
requires ASN1 encoding framework which is in the certificate
package.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Rob</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV style="FONT: 10pt Tahoma">
<DIV><BR></DIV>
<DIV style="BACKGROUND: rgb(245,245,245)">
<DIV><B>From:</B> <A
title="mailto:reefedjib@gmail.com CTRL + Click to follow link"
href="mailto:reefedjib@gmail.com" target=_blank>Rob Withers</A>
</DIV>
<DIV><B>Sent:</B> Tuesday, September 21, 2010 12:31 PM</DIV>
<DIV>
<DIV></DIV>
<DIV>
<DIV><B>To:</B> <A
title="mailto:squeak-dev@lists.squeakfoundation.org CTRL + Click to follow link"
href="mailto:squeak-dev@lists.squeakfoundation.org"
target=_blank>The general-purpose Squeak developers list</A>
</DIV>
<DIV><B>Cc:</B> <A
title="mailto:cryptography@lists.squeakfoundation.org CTRL + Click to follow link"
href="mailto:cryptography@lists.squeakfoundation.org"
target=_blank>Squeak Crypto</A> </DIV>
<DIV><B>Subject:</B> Re: [squeak-dev] Crypto RSAWithSHA1
sign</DIV></DIV></DIV></DIV></DIV>
<DIV>
<DIV></DIV>
<DIV>
<DIV><BR></DIV>
<DIV><FONT size=2 face=Arial>Denis,</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>I do not know why I was looking at
PKCS#11. THe RSA spec is PKCS#1. In that document (<A
title="ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf CTRL + Click to follow link"
href="ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf"
target=_blank>ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/pkcs-1v2-1.pdf</A>)
on page 25 it says: </FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>"<FONT face="Times New Roman">Two
signature schemes with appendix are specified in this document:
RSASSA-PSS and RSASSA-PKCS1-v1_5.</FONT>"</FONT></DIV>
<DIV style="FONT: 10pt Tahoma"><FONT
face=Arial></FONT> </DIV>
<DIV style="FONT: 10pt Tahoma"><FONT face=Arial>I implemented
v1_5. It may be that Java is using PSS. I may have
implemented v1.5 wrong. The signature creation and
verification algorithms start on page 30. The encoding is on
35.</FONT></DIV>
<DIV style="FONT: 10pt Tahoma"><FONT
face=Arial></FONT> </DIV>
<DIV style="FONT: 10pt Tahoma"><FONT face=Arial>Rob</FONT></DIV>
<DIV style="FONT: 10pt Tahoma"><BR></DIV>
<DIV style="FONT: 10pt Tahoma; BACKGROUND: rgb(245,245,245)">
<DIV><B>From:</B> <A title=reefedjib@gmail.com
href="mailto:reefedjib@gmail.com" target=_blank>Rob Withers</A>
</DIV>
<DIV><B>Sent:</B> Tuesday, September 21, 2010 12:06 PM</DIV>
<DIV><B>To:</B> <A
title="mailto:squeak-dev@lists.squeakfoundation.org CTRL + Click to follow link"
href="mailto:squeak-dev@lists.squeakfoundation.org"
target=_blank>The general-purpose Squeak developers list</A>
</DIV>
<DIV><B>Cc:</B> <A title=cryptography@lists.squeakfoundation.org
href="mailto:cryptography@lists.squeakfoundation.org"
target=_blank>Squeak Crypto</A> </DIV>
<DIV><B>Subject:</B> Re: [squeak-dev] Crypto RSAWithSHA1
sign</DIV></DIV>
<DIV><BR></DIV>
<DIV><FONT size=2 face=Arial>Hi Denis,</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>I originally wrote the v15 signature
methods in April of 2007. I am currently trying to download
the PKCS#11 V2.30 doc to verify, but IIRC there are more than
one signature algorithm defined for RSA. I don't recall why
I chose v15. Perhaps Java is using another RSA signature
function.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>There are no explicit tests for this
signature. There is a test inside of the
CryptoX509Test
(#verifySHA1WithRSAEncryptionFromParentCertificate: ), but it
isn't used as the certificate that exposed it has expired and so
is failing. I removed that certificate test.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Let's talk bytes...the way this works
in Squeak is that the RSA pads the SHA1 hashed message and
encrypts it.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>v15SignMessage: aMessage</FONT></DIV>
<DIV> </DIV>
<DIV><FONT size=2 face=Arial> ^ self v15SignMessageHash:
(SHA1 hashMessage: aMessage).<BR></FONT></DIV>
<DIV><FONT size=2 face=Arial>and</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>v15SignMessageHash:
encodedMsg</FONT></DIV>
<DIV> </DIV>
<DIV><FONT size=2 face=Arial> | padded toBeSigned
|<BR> padded := ByteArray new: (256 - encodedMsg size - 3)
withAll: 255.<BR> toBeSigned := #(0) asByteArray, #(1)
asByteArray, padded, #(0) asByteArray, encodedMsg.<BR> ^
(self crypt: toBeSigned asInteger) asByteArray.<BR></FONT></DIV>
<DIV><FONT size=2 face=Arial>Presumably the #crypt: function will
be the same in Java and Squeak given the same key. So if
there are 2 different signature functions in RSA, I would suspect
that the padding would be different.</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Still trying to download the
spec....</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>What do you think?</FONT></DIV>
<DIV><FONT size=2 face=Arial></FONT> </DIV>
<DIV><FONT size=2 face=Arial>Cheers,</FONT></DIV>
<DIV><FONT size=2 face=Arial>Rob</FONT></DIV>
<DIV style="FONT: 10pt Tahoma">
<DIV><BR></DIV>
<DIV style="BACKGROUND: rgb(245,245,245)">
<DIV><B>From:</B> <A
title="mailto:dionisiydk@gmail.com CTRL + Click to follow link"
href="mailto:dionisiydk@gmail.com" target=_blank>Denis
Kudriashov</A> </DIV>
<DIV><B>Sent:</B> Tuesday, September 21, 2010 11:21 AM</DIV>
<DIV><B>To:</B> <A
title="mailto:squeak-dev@lists.squeakfoundation.org CTRL + Click to follow link"
href="mailto:squeak-dev@lists.squeakfoundation.org"
target=_blank>The general-purpose Squeak developers list</A>
</DIV>
<DIV><B>Subject:</B> [squeak-dev] Crypto RSAWithSHA1
sign</DIV></DIV></DIV>
<DIV><FONT size=2 face=Arial></FONT><BR></DIV>Hello <BR><BR>Is
somebody use Cryptography for RSA with SHA1 digital
signature?<BR><BR>I try do same result as I hava in java
programm<BR>I have rsa private key as smalltalk object. It has
same values as java private key object.<BR><BR>But
code<BR><BR>privateKey v15SignMessage: message asByteArray
.<BR><BR>returns me wrong result. Its differ from java working
test<BR>
<P></P>
<HR>
<P></P><BR></DIV></DIV></DIV><BR><BR><BR></BLOCKQUOTE></DIV><BR></DIV></DIV>
<P></P>
<HR>
<P></P><BR></DIV><BR><BR><BR></BLOCKQUOTE></DIV></DIV></DIV><BR></BLOCKQUOTE></DIV></DIV></DIV><BR></BLOCKQUOTE></DIV></DIV></DIV><BR></BLOCKQUOTE></DIV><BR></DIV></DIV>
<P></P>
<HR>
<P></P><BR></DIV><BR><BR><BR></BLOCKQUOTE></DIV><BR></DIV></DIV>
<P></P>
<HR>
<P></P><BR></DIV><BR><BR><BR></BLOCKQUOTE></DIV><BR>
<P>
<HR>
<P></P><BR></BODY></HTML>