[pycrypto] Got different PKCS1_v1_5 signature result on the same message & same rsa key pair
Philip Horger
campadrenalin at gmail.com
Tue Mar 11 22:55:16 PDT 2014
I'm not the king of crypto, but if I recall correctly, some signature
standards (and I think PKCS1 is one of them) include a random salt in the
signature. This happens automatically, behind the scenes, on your behalf.
So two signatures can be of the same content, with the same key, and not be
equal - in fact, it's dramatically more likely than not! So you can't rely
on bit-for-bit equality of signatures.
On Tue, Mar 11, 2014 at 8:22 PM, wanggang
<wanggang at goldenapptechnology.com>wrote:
> Hi pycrypto,
>
> This may be a simple problem since I am a newbiee to crypto.
> I am not sure why I got different result from
> PKCS1_v1_5.new(RSA.construct(lst)).sign(SHA.new(a2b(m))) ,
> I have mentioned the 'stateful' comment in API doc, but still can't fix
> the code below.
> besides I have used DES for a lot, & never got stuck in such situation.
>
> if __name__ == "__main__":
> t = (modulus, publicExponent, privateExponent, prime1, prime2,
> coefficient)
> lst = [long(x,16) for x in t]
>
> k = '1234'
> e1 = RSA.construct(lst).encrypt(m, k)
> e2 = RSA.construct(lst).encrypt(m, k)
> assert e1 == e2 # passed
>
> signature1 = PKCS1_v1_5.new(RSA.construct(lst)).sign(SHA.new(a2b(m)))
> print binascii.b2a_hex(signature1)
> signature2 = PKCS1_v1_5.new(RSA.construct(lst)).sign(SHA.new(a2b(m)))
> print binascii.b2a_hex(signature2)
> assert signature1==signature2 # why this assertion failed ?
>
> Thank you in advance!
> --------------
> Wang Gang
> _______________________________________________
> pycrypto mailing list
> pycrypto at lists.dlitz.net
> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dlitz.net/pipermail/pycrypto/attachments/20140311/b842a24a/attachment.html>
More information about the pycrypto
mailing list