Open morkyy opened 6 years ago
I think I found a solution or at least I found a way to make the signature verifiable for my case. On client side I changed the encoding from utf-8
to latin-1
and now I don't get an InvalidSignature
error. I'm not sure though that what I did was correct and will work repeatedly. If anyone more knowledgeable cares to takes a look and verify that this is in fact a good solution I would really appreciate it.
Never mind the solution. It still won't verify. I'm not sure why it worked for a moment there.
@morkyy it appears to me that you should be using code from the prehashed
example on the server side (the second code snippet): https://cryptography.io/en/latest/hazmat/primitives/asymmetric/rsa/#verification
That does look more in line with the Javascript code. But that's for when the data is too large and the use shown has the data split in two parts. I don't think my data is that large and I'm suspecting that the issue I have has to do with encoding.
Additionally, it suddenly started working and verifying the signatures again, not sure if it's temporary though.
I signed a message on the client and when going over to server side where I'm using Django and the cryptography library I'm failing to verify that message.
I have set all hashing algorithms to SHA256 and I'm using the same length salt. The signature verification function takes byte inputs.