Hi, I'm trying to generate signatures in a way openssl can verify using pycrypto, but when I decode it with openssl, it doesn't produce usable results. This has been my workflow so far:<br><br>------------------------------------<br>
<br>openssl genrsa -out privkey.pem 2048<br>openssl rsa -pubout -in privkey.pem -out pubkey.pem<br><br>echo "message text" > data<br><br>python <<!<br>#!/usr/bin/env python<br><br>from Crypto.PublicKey import RSA<br>
import Crypto.Random<br>from Crypto.Util import number<br>import sys,ctypes<br><br>def make_OPENSSL_PKCS1_padding(k,msglen):<br> if msglen > k - 11:<br> return None<br> PS = '\xff'* (k-msglen-3)<br>
E = ''.join((chr(0x00), chr(0x01), PS, chr(0x00)))<br><br> return E<br><br>prk = RSA.importKey(file('privkey.pem').read())<br><br>data = file('data').read()<br>E = make_OPENSSL_PKCS1_padding((prk.size()+1)/8,len(data))<br>
EM = ''.join((E,data))<br><br>sigout = prk.sign(EM,'')<br><br>f = open('signature','wb')<br>f.write(number.long_to_bytes(sigout[0]))<br>f.close()<br>!<br><br>openssl rsautl -verify -raw -pubin -inkey pubkey.pem -in signature -out de_signature<br>
<br>cat de_signature<br><br>------------------<br><br>I expect to see a whole bunch of 0xFFs followed by "message text" when I cat de_signature, but that's not what I get at all. Any idea what I might be doing wrong here?<br>