• Registered: 2016-08-14
  • Posts: 47

Topic: [SOLVED]Why wolfSSL can't support those RSA signature which pad...OID?

Hi,
      I met problem when I used wc_SignatureVerify() to verify some RSA signature files. Because those signatures are all include hash OID value, but this API can't support it.
      I know if I use wc_SignatureGenerate() to generate RSA signature, this signature not include hash OID value and will be verified OK by wc_SignatureGenerated() function.

      In this situation, I can't use wolfSSL API to verify signatures which generated by other crypto tools(like openSSL).
      Is it possible to support it?

      Actually, I already submit a similar discussion several month ago. Below is the link address:
      https://www.wolfssl.com/forums/topic849 … erify.html

Share

  • Registered: 2015-10-07
  • Posts: 430

Re: [SOLVED]Why wolfSSL can't support those RSA signature which pad...OID?

Hi Cxdinter,

Openssl adds a DER encoding on their RSA signature by default. Try using sig_type= "WC_SIGNATURE_TYPE_RSA_W_ENC".

Let me know if that helps.

Thanks,
David Garske, wolfSSL

Share

  • Registered: 2016-08-14
  • Posts: 47

Re: [SOLVED]Why wolfSSL can't support those RSA signature which pad...OID?

dgarske wrote:

Hi Cxdinter,

Openssl adds a DER encoding on their RSA signature by default. Try using sig_type= "WC_SIGNATURE_TYPE_RSA_W_ENC".

Let me know if that helps.

Thanks,
David Garske, wolfSSL

Hi Dgarske,

Your suggestion can't reach my expectation.

Two situation:
1)if we use sig_type= "WC_SIGNATURE_TYPE_RSA_W_ENC" when calling wc_SignatureVerify() function, it is no significance. Because in wc_SignatureVerify() function, when go to case  "WC_SIGNATURE_TYPE_RSA_W_ENC", call wc_SignatureDerEncode() function, but this function is not used for signature verify. It is used for encode signature raw data to DER format. It can't be used ere!
   Please review the source code of wc_SignatureVerify() function, it should be add patch for avoid this mistake.

2)if we use  sig_type= "WC_SIGNATURE_TYPE_RSA_W_ENC" when calling wc_SignatureGenerate() function, it will generate the same signature data which openSSL API generated. So this signature data can be verified by openSSL API, but it can't be verified by wolfSSL API wc_SignatureVerify() !!

for point 1, I think we should be fix it.
for point 2, if wolfSSL still insist that wolfSSL only support verify those signatures which without hash OID, I can comprehend this situation. But, is it possible to add any parameter for this wc_SignatureVerify() function, let user know this function only support signatures which without hash OID.

What's your opinion?

Share

  • Registered: 2015-10-07
  • Posts: 430

Re: [SOLVED]Why wolfSSL can't support those RSA signature which pad...OID?

Hi Cxdinter,

I performed tests for both wc_SignatureGenerate and wc_SignatureVerify against openssl and all passed using WC_SIGNATURE_TYPE_RSA_W_ENC with WC_HASH_TYPE_SHA256.

When using the WC_SIGNATURE_TYPE_RSA_W_ENC  with wc_SignatureVerify it takes in original data being validated, hashes it, adds the DER encoding (which includes the hash OID) and compares the provided signature. This behavior is correct.


These tests were done using the code here:
https://github.com/wolfSSL/wolfssl-examples/pull/27

This was run from inside the wolfssl-examples/signature directory.

Generate a signature and compare hex output (wolfSSL vs. openssl):
./signature README.md 3 5
openssl dgst -sha256 -sign ../certs/client-key.der -keyform der -hex README.md
Result of both RSA Sign with SHA256 hex output = Matches

Sign and verify using openssl. Save sign as sign.txt.
openssl dgst -sha256 -sign ../certs/client-key.der -keyform der -out sign.txt README.md
openssl dgst -sha256 -verify ../certs/client-keyPub.der -keyform der -signature sign.txt README.md
Verified OK

Use sign.txt to verify signature using wolfSSL.
./signature README.md 3 5 sign.txt
RSA Signature Verification: Pass (0)

If you are still having the issue can you provide some examples for your openssl commands and your specific wc_SignatureVerify arguments?

Thanks,
David Garske, wolfSSL

Share

  • Registered: 2016-08-14
  • Posts: 47

Re: [SOLVED]Why wolfSSL can't support those RSA signature which pad...OID?

Hi dgarske,
   Finally, I understood the design logic for wc_SignatureVerify() function, when the parameter is "WC_SIGNATURE_TYPE_RSA_W_ENC", case "WC_SIGNATURE_TYPE_RSA" also will be executed.
  Because I modified the source code under "WC_SIGNATURE_TYPE_RSA" case for verify signatures which include hash OID. After I recover to the original codes, everything is ok.

  Sorry for any inconvenience. This topic can be closed.

Share