DigitalSignatureAlgorithm Errors

Laurence Rozier laurence.rozier at gmail.com
Fri Aug 11 13:13:48 UTC 2006


Works as expected - thanks!

On 8/10/06, Ron Teitelbaum <Ron at usmedrec.com> wrote:
>
>  Laurence,
>
>
>
> I found the error on 3.8, thanks for reporting the issue.  The fix is
> attached and I also entered a bug with the fix on mantis:
> http://bugs.impara.de/view.php?id=4476
>
>
>
> The issue was the way 3.8 was writing out the signature which had already
> been fixed (as you know) on 3.9.
>
>
>
> Ron Teitelbaum
>
> Squeak Cryptography Team Leader
>
>
>   ------------------------------
>
> *From:* Laurence Rozier [mailto:laurence.rozier at gmail.com]
> *Sent:* Thursday, August 10, 2006 11:20 AM
> *To:* Ron at usmedrec.com; The general-purpose Squeak developers list
> *Subject:* Re: DigitalSignatureAlgorithm Errors
>
>
>
> Ron,
>
> Everything works fine in 3.9 although under OS/X there is still the
> problem with randomBitsFromSoundInput: but I can live with that for the
> momement. Any suggestions as to how to resolve the 3.8 problem?
>
> TIA,
> Laurence
>
>  On 8/9/06, *Ron Teitelbaum* <Ron at usmedrec.com> wrote:
>
> Hi Laurence,
>
>
>
> I'm not sure I understand what it is you are doing.  Can you tell me what
> version you are using?  I checked the error you reported on my windows XP
> system but as you said it works on windows.  There is little I can do about
> OS/X.  But the examples you sighted also use random typed in characters
> instead.  There are others solutions such as SecureRandom available at:
> www.squeaksource.com/Cryptography  we can talk about that if we get past
> this first part.
>
>
>
> I tried an example (I'm in Squeak 3.9b-7051) and it appears to be working
> fine.  Here's what I did.
>
>
>
> First I generated a key set.
>
>
>
> keys := DigitalSignatureAlgorithm generateKeySet.
>
>
>
> Here is the set I got.
>
>
>
> #(#(11634065363621815767637298292695842594730176052067637773680192524455869230234173758150452925415401529778606418101117414536443374158088844168026367876825953
> 1375050214541076916535442310710144083780809418779
> 920725864083239042384763588357726013524708007928670717057302077747624160900068797037078329489496608106957529640438460571120920055161304057825269023490861
> 1115914113083931179608861092566623278044302408799)
> #(11634065363621815767637298292695842594730176052067637773680192524455869230234173758150452925415401529778606418101117414536443374158088844168026367876825953
> 1375050214541076916535442310710144083780809418779
> 920725864083239042384763588357726013524708007928670717057302077747624160900068797037078329489496608106957529640438460571120920055161304057825269023490861
> 3955661015744856694707104263792232810044012932353264459926493154700610520372070161850876172559264752858509825362513967683454046220684740679273580024936255))
>
>
>
> Don't use this key set since it is now public.
>
>
>
> Then I signed a message: 'hello' with the first key
>
>
>
> DigitalSignatureAlgorithm sign: 'hello' privateKey: keys first.  And got a
> signature:
>
> '[DSA digital signature 54804CFBDB9D12EA008D7C56D46FED9EB118CA0E
> 834CCB8563F5B863B8041D20F2C6D9C89E120DF3]'
>
>
>
> So if you send the message along with the public key (keys last) then they
> can verify the signature with:
>
>
>
> DigitalSignatureAlgorithm verify:
>
> '[DSA digital signature 54804CFBDB9D12EA008D7C56D46FED9EB118CA0E
> 834CCB8563F5B863B8041D20F2C6D9C89E120DF3]' isSignatureOf: 'hello' publicKey:
> keys last
>
>
>
> For me this came out as true.
>
>
>
> Now I'm not sure what the 40 characters from Amazon are.  The number of
> characters does not make someone think of key.  It could be a message that
> you are supposed to sign and send back, a secret message if you will.  That
> way they can verify your signature since supposedly only you and they know
> the 40 byte message.  You would send back the signature and not the message,
> since they know what it is already.  Still that's just a guess.  Maybe
> someone else that works with Amazon can tell us.
>
>
>
> I hope that helps.
>
>
>
> Happy coding!
>
>
>
> Ron Teitelbaum
>
> Squeak Cryptography Team Leader
>
>
>
>
>   ------------------------------
>
> *From:* squeak-dev-bounces at lists.squeakfoundation.org [mailto:
> squeak-dev-bounces at lists.squeakfoundation.org] *On Behalf Of *Laurence
> Rozier
> *Sent:* Wednesday, August 09, 2006 12:54 PM
> *To:* The general-purpose Squeak developers list
> *Subject:* DigitalSignatureAlgorithm Errors
>
>
>
> Hi,
>
> My goal is to be able sign messages for Amazon Web Services and initially
> I ran into the issue of how the secret key is represented. DSA expects the
> key to be part of a 4 element array, but what I have from Amazon is a single
> 40 character string. This is a new domain for me so I decided to first make
> sure I could use/understand the implementation as it. However, class methods
> such as example and timeDecode: fail with:
>
> ERROR! Signature verification failed
>
> I reimplemented the examples using generateKeySet instead of testKeySet
> but still get the same failures. Also when I tried to use
> initRandomNonInteractively to prevent having to constantly type in long
> strings, Squeak crashed under OS/X(works fine under windows). Apparently
> SoundService>>randomBitsFromSoundInput: is the culprit(I've reported this on
> Mantis). Can anyone point me to working examples?
>
> TIA,
>
> Laurence
>
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/squeak-dev/attachments/20060811/2d68c3c6/attachment.htm


More information about the Squeak-dev mailing list