Hello,
Does anybody know if the undocumented, optional RSASignModes parameter to the RSAVerifySignature works? I cannot get it to verify a valid SHA512 signature when passing Crypto.RSASignModes.SHA2_512 for that parameter.
Thank you.
You should provide example code here and file a bug report with Xojo.
Well, I don’t know if it’s a bug exactly, since the parameter isn’t in the official docs. It’s only in the code completion, so that’s why I’m asking if anybody knows if it’s supported officially.
Here’s a simple code snippet:
Var PublicKey As String = "-----BEGIN PUBLIC KEY-----" + EndOfLine + _
"..." + EndOfLine + _
"-----END PUBLIC KEY-----"
Var Key As String = PublicKey.Trim
Key = Key.ReplaceAll(Encodings.UTF8.Chr(13) + Encodings.UTF8.Chr(10), Encodings.UTF8.Chr(10))
Key = Key.ReplaceAll(Encodings.UTF8.Chr(13), Encodings.UTF8.Chr(10))
Var Lines() As String = Key.Split(Encodings.UTF8.Chr(10))
Lines.RemoveAt(0)
Lines.RemoveAt(Lines.LastIndex)
Key = String.FromArray(Lines, Encodings.UTF8.Chr(10))
Var DecodedKey As String = DecodeBase64(Key)
// Message is a DesktopTextField
Var data As String = Message.Text.Trim
// Signature is a DesktopTextArea
Var decodedSig As String = Signature.Text
decodedSig = decodedSig.Trim
decodedSig = decodedSig.ReplaceLineEndings("")
decodedSig = decodedSig.ReplaceAll(" ", "")
decodedSig = DecodeBase64(decodedSig)
if Crypto.RSAVerifyKey(EncodeHex(DecodedKey)) then
// NOTE: The 'Crypto.RSASignModes.SHA2_512' parameter below is the one in question
If Crypto.RSAVerifySignature(EncodeHex(data), EncodeHex(decodedSig), EncodeHex(DecodedKey), Crypto.RSASignModes.SHA2_512) Then
Status.Text = "Verified!"
else
Status.Text = "BAD signature"
end
else
Status.Text = "BAD key"
end
Note that the message and signature are valid according to openssl command line tools.
Don’t pass the hex encoded strings. Those are for human eyes. Decode the hex and pass the binary strings to the function
2 Likes