Simulating Python's M2Crypto sign algorithm in Haskell
Asked Answered
S

0

3

I am trying to produce an RSA signature in Haskell that will match the same signature from Python's M2Crypto. I think my issue is the fact that Codec.Crypto.RSA is using the PKCS1 v1.5 algorithm and M2Crypto is using something different. In fact, when using PKCS1 v1.5 in Python, I get the same results as Haskell.

How can I sign using the same algorithm as M2Crypto? This seems like it may be helpful, but I'm not able to figure out how to apply it - M2crypto signature "algorithm"

Below are my rough implementations in Haskell and Python (with and without PKCS1 v1.5).

$ ghci
λ> import qualified Codec.Crypto.RSA as RSA
λ> import qualified Data.ByteString.Lazy.Char8 as LC
λ> import Data.Char (ord)
λ> privateKey <- loadKey "path/to/key"
λ> let sign = RSA.rsassa_pkcs1_v1_5_sign RSA.ha_SHA1 privateKey
λ> map ord . LC.unpack . sign . LC.pack $ "foo"
[64,205,42,184,31,245,70,17,189,5,248,46, ...]

$ python
>>> import M2Crypto
>>> result = M2Crypto.RSA.load_key('path/to/key').sign('foo', 'sha1')
>>> map(ord, result)
[125, 114, 236, 230, 182, 19, 237, 220, ...]

>>> from Crypto.PublicKey import RSA
>>> from Crypto.Signature import PKCS1_v1_5
>>> from Crypto.Hash import SHA
>>> key = RSA.importKey(open('path/to/key').read())
>>> result = PKCS1_v1_5.new(key).sign(SHA.new('foo'))
>>> map(ord, result)
[64, 205, 42, 184, 31, 245, 70, 17, 189, 5, 248, 46, ...]
Shopper answered 5/12, 2013 at 7:26 Comment(2)
Looks like the first argument of 'M2Crypto.RSA.load_key(..).sign' is a digest, not the message you want to sign according to M2Crypto.RSA.RSA#signPieeyed
Ugh....so it's just a stupid human error on my part. My Haskell code was hashing things wrong...thanks Tab!Shopper

© 2022 - 2024 — McMap. All rights reserved.