I have a server running under python, signing a sha256 digest message using m2crypto I am using the RSA public and private key generated by the openssl CLI command. On the server side everythgin is ok
Python code:
privateKey = M2Crypto.RSA.load_key (sys.argv [2])
signedDigest = privateKey.sign (digest, 'sha256')
I verify that the signature is good:
pubKey = M2Crypto.RSA.load_pub_key ("key.pub.pem")
if pubKey.verify (digest, signedDigest, 'sha256') (etc.)
I store the signed sha256 file in a file and send it with the original message to the client.
On the client side, running C ++ vc6, I download the signed sha256 digest file (as binary) and the message that was signed. Now the goal is to check the message along with the signed sha256. I have cryptopp as a static link, and I know that it works fine, because I can calculate sha256 and compare with sha256 with python with the same result. Here is the code:
RSA:: PublicKey pubKey;
pubKey.Load(FileSource (LicenseControl:: pubKeyPath, true)),
RSASS < PKCS1v15, SHA > :: Verifier verifier (pubKey);
//shaDigest - sha256, signatureByte - ,
result = verifier.VerifyMessage(shaDigest, CryptoPP:: SHA256:: DIGESTSIZE, Byte, 512);
, false. , , , opensl CLI ( mcrypto python):
openssl dgst -sha256 -verify key.pub.pem-signignign original_file
OK
, sha256 digest , . DER PEM ( PEM openssl, DER ). , .
, cryptopp ???
, - . -
RSASS < PSSR, SHA > :: Verifier verifier (pubKey);
PSSR python, ...
sha256 digest sha256, . , ...
, ?
? , .