ohmbra91
commented
5 years ago Just figured out what was happening..
In my case the command: echo hexdump sha1.sign | cut -c 9- | tr -cd [:alnum:] was echoing the signature in 'Small Endian' and therefore the value being used in the following calculations was obviously incorrect.
If you're experiencing a similar issue with the code try replacing command:
echo hexdump sha1.sign | cut -c 9- | tr -cd [:alnum:]
with
signature=od --endian big -x sha1.sign | cut -c 9- | tr -cd [:alnum:]
and it should solve the problem.
Environment used: Ubuntu on Windows Subsystem for Linux (WSL)
I want to thank Rajesh Bondugula for the excellent article he wrote on Medium: https://medium.com/@bn121rajesh/rsa-sign-and-verify-using-openssl-behind-the-scene-bf3cac0aade2 It really helped me grasp the concept and theory behind RSA in a low level manner and appreciate the mathematical theories & discoveries which gave life to this Public Key encryption algorithm.
Here is the whole script which could be executed in one go: rsa_sign_verify_script.txt
script.txt
I have 'modified the code slightly just so one could run it over and over again with just a single paste. The logical flow of the original code is still the same however I exported the variables from the bash environment to python so one could try the whole code in one go during troubleshooting.
An issue I am encountering is that the hashes are not matching and the hash resulting from the manual python calculation is not constant..
After several troubleshooting I found an anomaly which might be causing the issue. When comparing the signature file contents (sha1.sign) with the calculated signature, each 2 bytes are being flipped as shown below:
Can you think of any valid reason why this might be happening?
I really appreciate your time and patience for writing such a valid and important article.
Keep up the good work!