I'm unable to verify a PSS-signed signature in Perl using Crypt::RSA and Crypt::RSA::SS::PSS.
Here's the situation:

I have a device that has a 1024-bit RSA key, and signs data using PSS, SHA1 and AES-128.

I extract the device's public key successfully, save it in a file with PEM_write_RSA_PUBKEY()

I am able to verify this in C/C++ using RSA_verify_PKCS1_PSS(), and also using openssl on the command line, like this: 

echo -n hello | 
openssl dgst -verify pubkey.pem -signature hello.sig -sha1 \
             -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:20

[download]

Where:

I'm trying to do the above in Perl, using Crypt::RSA and Crypt::RSA::SS::PSS, and can't get it to work.

I've tested those two modules and I *am* able to generate and verify a PSS signature in Perl when generating my own key, like this:

####
use Crypt::RSA;
use Crypt::RSA::SS::PSS;

my ($message, $rsa, $pss, $signature, $verify);
my ($public, $private);


# The message to be encrypted
#
$message = "hello";


# Generate RSA key
#
$rsa = new Crypt::RSA;
($public, $private) = $rsa->keygen( Size => 1024,
                                    Filename => "key" );


# Generate PSS signature
#
$pss = new Crypt::RSA::SS::PSS;

$signature = $pss->sign ( Message => $message,
                          Key => $private ) || die $pss->errstr;

$verify = $pss->verify ( Message => $message,
                         Key => $public,
                         Signature => $signature) || die $pss->errstr;


# $verify returns true, it worked.
####

[download]
So, instead of creating my own RSA key I read in a public key using something like this: 
####

$publicKey = new Crypt::RSA::Key::Public (Filename => "key.public");
       ….
# I pack the 256 character (128 byte) hex string of the signature
# that's generated by the device.

$signature = pack ("H*", '03808458…..73E92');   

####

[download]
Where "key.public" contains the device's public key, converted to a decimal string, inserted into the "n" field of the structure that is read/written by Crypt::RSA::Key::Public.

But I can't get it to verify :-(

Methinks I should be able to indicate that it should be using SHA1 and AES-128 (as opposed to, say, Blowfish). Am I barking up the wrong tree?

Thanks….

In reply to Help verifying RSA PSS signature in Perl with Crypt::RSA and Crypt::RSA::SS::PSS by cryptques

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.