Re: licence key validation method
Re: licence key validation method
- Subject: Re: licence key validation method
- From: Jerry Krinock <email@hidden>
- Date: Mon, 26 Jan 2015 12:19:00 -0800
At 06:41 PST on 2015-01-12, Dave Fernande wrote:
> If you use AquaticPrime, unfortunately, it does not generate standard signatures. It manually hashes and then encrypts using the private key. This sounds like a normal signature, but it is missing some information stored in standard PKCS #1 v2.0 signatures. This means that Security.framework WILL NOT be able to verify an AquaticPrime signature.
I don’t use Aquatic Prime, but I may have had the same problem with signatures (keys) created by the Crypt::OpenSSL::RSA Perl module. Specifically, I was told that it was missing the ASN.1 header which is required by Section 9.2 of RFC 3447. In boneheaded desperation, in my Perl script, I simply prepended the appropriate 15-byte ASN.1 header onto the message digest before encrypting, and, amazingly, the Security Transform API verified the resulting signature.
I've pushed to github.com my C function for validating RSA signatures with Security Transform, based on Apple’s CryptoCompatibility sample. Now features complete error checking and returns NSError.
http://github.com/jerrykrinock/Functions/blob/master/SSY-RSA.h
http://github.com/jerrykrinock/Functions/blob/master/SSY-RSA.m
Just another way to do it :)
_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden