On Sat, 05 Oct 2013 18:05:37 +0200 nisse@lysator.liu.se (Niels Möller) wrote:
NM> Ted Zlatanov tzz@lifelogs.com writes:
It keeps failing. From the docs and example it seems like that should work. Can you see what I'm doing wrong?
NM> The data corresponds to (according to dumpasn1):
NM> 0 290: SEQUENCE { NM> 4 13: SEQUENCE { NM> 6 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) NM> 17 0: NULL NM> : } NM> 19 271: BIT STRING NM> : 30 82 01 0A 02 82 01 01 00 AD E1 80 FD 09 32 F5 NM> : 6D E2 CD 05 74 93 36 DA EF 02 A5 FF 0C F0 C6 46 NM> : DB 43 1B DC 52 A5 13 D6 4A E0 01 B3 BF 9F 5B 58 NM> : 16 35 DD 25 9A 16 C1 B3 0E FE AB FB 35 1A 0C 0D NM> : 8E 32 3D 61 A9 B1 07 D8 F8 F4 88 92 70 21 4D 95 NM> : 5B 83 05 EB 9B FC 1B DF BF A1 29 12 9A C7 65 19 NM> : F4 0F D1 C7 8B C9 65 16 25 92 9B D9 F4 B6 C1 CE NM> : 2B 1E 14 D3 7B 48 C5 96 AA 48 C1 3B F3 5E 4F CF NM> : [ Another 142 bytes skipped ] NM> : }
NM> Which looks ok to me. But Nettle's rsa_keypair_from_der wants the NM> contents of that BIT STRING only, not the complete object. Hava a look NM> at tools/pkcs1-conv.c, which I think is the only example code using NM> these functions.
Aha, thank you for the tip. For the tests I don't need the generic ASN1 parser, just to extract the data, so I hard-coded the bitstring offsets in nettle.el:
#+begin_src lisp ;; key generated with: ;; openssl genrsa -out privkey.pem 2048 ;; openssl rsa -in privkey.pem -pubout > pubkey.pem (let* ((key (substring " -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreGA/Qky9W3izQV0kzba 7wKl/wzwxkbbQxvcUqUT1krgAbO/n1tYFjXdJZoWwbMO/qv7NRoMDY4yPWGpsQfY +PSIknAhTZVbgwXrm/wb37+hKRKax2UZ9A/Rx4vJZRYlkpvZ9LbBziseFNN7SMWW qkjBO/NeT8/I9mURDa+4RoYfT6ZwjTvt808PH7uIghk+MHAx9EMBAfafF1Jn9TqW y+Hgdqik9sZteMvCumvGK4grSwzdfPO5I05tt/0I7QVPxlXbHIk/bBsE7mpgOxur P0DAkFKtYDM7oZPBwB6X778ba2EEFKPpVIyzw/jlDPd9PB6gE6dixmax3Hlg69RI EwIDAQAB -----END PUBLIC KEY----- " 28 426)) ;; 24 skipped bytes are the header (key-bitstring (substring (base64-decode-string key) 24))) ;; invalid signature, valid key (should-not (nettle-rsa-verify "Test the Nettle RSA signature" "Test the Nettle RSA signature" key-bitstring "sha1")) ;; valid signature, valid key ; doesn't work; generated with "openssl rsautl -sign -in /tmp/test -inkey /tmp/privkey.pem" but contains other baggage (should (nettle-rsa-verify "Test the Nettle RSA signature" (decode-hex-string "abf710d920de0a210167e62995d5cb06fb0ff6a3f81e2f1965dd3f4716883ab61b7dec40d1ebde89b0657473a434d0333177f183f71a9f4b84a49781b1e4bc440e042f2eb4441000ba07168cdb190c5aebba8c433420f6fc28b6997cbfee061170210bfa65294199e6d6c8c5e1a16421942371f6115d77263b859a75645b6b70d56f14ad378c8499318ff05eda9d24a61d854a3d7f6b67b037abb8d25e4b11ca3e42bdb823cfac34c70057ecd55cbb8449346c0824b46f6c668d14f1744bad7d05470953981df32fde24d2a1f27e58bf9e7d99b20b39b25844c53945dcbbd8b406e78bc0b8aee48c0ec8a26e70301eeeb12ba733e0baf7b82c8e25ac3ee89291") key-bitstring "sha1"))) #+end_src
Take a look at the second test above; this is the signed text but it contains baggage (including the original data). This last test fails currently (all the others in nettle.el pass). Can you give me a similar hint of how to extract just the signature, for testing purposes only? The OpenSSL docs were not helpful in figuring out the structure of the signed content. In the comments I note how I generated the signature and I can post the privkey.pem file if that would help.
I have cross-posted version 1 of the patch here and to the emacs-devel mailing list for comments. I hope the Emacs C syntax is not a big impediment to your review. Later I will add the PBKDF2 rewrite you suggested, so please ignore that bit.
Most of the work has actually been in writing the tests, not the C-level integration!
(I have to note that arcfour (RC4) generates a FPE sometimes in my testing so I removed it from `test-nettle-002-ciphers'. I will file a bug separately on that if I can replicate it.)
NM> BTW, you might want to have a look at the unfinished openpgp code in NM> Nettle (pgp.h, pgp-encode.c and rsa2openpgp.c). But it's not very useful NM> in the current state.
After I finish the first-level TODO items to complete the Emacs-Nettle integration, I will certainly take a look at these files. Thanks for the pointer.
Ted