I am trying to produce an RSA signature in Haskell that will match the same signature from Python's M2Crypto. I think my issue is the fact that Codec.Crypto.RSA
is using the PKCS1 v1.5 algorithm and M2Crypto is using something different. In fact, when using PKCS1 v1.5 in Python, I get the same results as Haskell.
How can I sign using the same algorithm as M2Crypto? This seems like it may be helpful, but I'm not able to figure out how to apply it - M2crypto signature "algorithm"
Below are my rough implementations in Haskell and Python (with and without PKCS1 v1.5).
$ ghci
λ> import qualified Codec.Crypto.RSA as RSA
λ> import qualified Data.ByteString.Lazy.Char8 as LC
λ> import Data.Char (ord)
λ> privateKey <- loadKey "path/to/key"
λ> let sign = RSA.rsassa_pkcs1_v1_5_sign RSA.ha_SHA1 privateKey
λ> map ord . LC.unpack . sign . LC.pack $ "foo"
[64,205,42,184,31,245,70,17,189,5,248,46, ...]
$ python
>>> import M2Crypto
>>> result = M2Crypto.RSA.load_key('path/to/key').sign('foo', 'sha1')
>>> map(ord, result)
[125, 114, 236, 230, 182, 19, 237, 220, ...]
>>> from Crypto.PublicKey import RSA
>>> from Crypto.Signature import PKCS1_v1_5
>>> from Crypto.Hash import SHA
>>> key = RSA.importKey(open('path/to/key').read())
>>> result = PKCS1_v1_5.new(key).sign(SHA.new('foo'))
>>> map(ord, result)
[64, 205, 42, 184, 31, 245, 70, 17, 189, 5, 248, 46, ...]