[prev in list] [next in list] [prev in thread] [next in thread]
List: ms-cryptoapi
Subject: Re: CryptSignHash() reversed bytes
From: Daniel Teng <daniel_teng_2000 () YAHOO ! COM>
Date: 2000-11-21 5:14:14
[Download RAW message or body]
Patrick,
I took a quick look at some previous postings and saw
that you had mentioned the bytes were in the wrong
order, although, at the time, I thought you meant
Big/little endian ordering and not actually the entire
byte stream.
Thanks again.
Daniel
--- Patrick Dolan <Patrick_Dolan@EFUNDS.COM> wrote:
> Daniel,
>
> The CryptoAPI's PKCS#1 bytes are in the wrong order,
> so you need to reverse
> them. This probably occured due to Intel being a
> little endian machine.
> So I am not sure what the order would be on an Alpha
> chip! Note, the
> CryptoAPI PKCS#7 signed messages are in the correct
> order, including the
> PKCS#1 blob contained within.
>
> Regards,
> Patrick.
>
>
>
>
>
> Daniel Teng
> <daniel_teng_2000@YAHOO.COM>@DISCUSS.MICROSOFT.COM>
> on
> 17/11/2000 05:33:03
>
> Please respond to Microsoft Cryptographic API
> <CryptoAPI@DISCUSS.MICROSOFT.COM>
>
> Sent by: Microsoft Cryptographic API
> <CryptoAPI@DISCUSS.MICROSOFT.COM>
>
>
> To: CryptoAPI@DISCUSS.MICROSOFT.COM
> cc:
> Subject: CryptSignHash() reversed bytes
>
>
> Hi,
>
> I encountered something a bit interesting with
> cryptsignhash and was wondering if it was
> intentional?
>
> I created a SHA-RSA signature with a Java Toolkit
> (IAIK from Austria). This blob is a PKCS#1
> conformant
> blob.
>
> Then, I did the same thing under the CryptoApis:
> 1. put the same message ("Hello World") into a
> crypthash object,
> 2. computed the SHA hash
> 3. called cryptsignhash()
>
> At first, the results looked completely different.
> Then I realized that the bytes of the signature
> generated by cryptsignhash() were completely
> reversed
> from what I had generated from the Java side. It
> was
> not just a byte ordering issue (big endian/little
> endian), the entire byte stream was reversed.
>
> I guess my question is...who is correct? Is the
> Java
> output correctly structured as a PKCS#1 signature,
> or
> is the cryptoAPI output the correct format?
>
> I'm a bit concerned since I am currently generating
> signatures on a mixed set of client platforms, but
> verifying them all on the server side in Java.
>
> Thanks in advance.
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Calendar - Get organized for the holidays!
> http://calendar.yahoo.com/
>
>
----------------------------------------------------------------
> Users Guide
>
http://msdn.microsoft.com/workshop/essentials/mail.asp
> contains important info including how to
> unsubscribe. Save time, search
> the archives at
> http://discuss.microsoft.com/archives/index.html
>
>
----------------------------------------------------------------
> Users Guide
>
http://msdn.microsoft.com/workshop/essentials/mail.asp
> contains important info including how to
> unsubscribe. Save time, search
> the archives at
http://discuss.microsoft.com/archives/index.html
__________________________________________________
Do You Yahoo!?
Yahoo! Shopping - Thousands of Stores. Millions of Products.
http://shopping.yahoo.com/
----------------------------------------------------------------
Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe. Save time, search
the archives at http://discuss.microsoft.com/archives/index.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic