Closed duyleekun closed 7 years ago
Seems like there is signature.resize(size); missing. The CryptoAPI uses little-endian byte order as every other crypto API uses big-endian byte order (.NET, CNG, Windows UWP, OpenSSL, Java...)
Well, that explains the reverse thing. Thanks @metsma.
The resize thing just might not work for my project. Yours seems fine :) Fyi, I'm trying to use the AT_KEYEXCHANGE
for my project, Vietnamese tokens needs this.
Hi,
IMHO, the reversal of the signature before the resize would cause
0
array in final signature iffinal size < initial size
.Code for reference:
https://github.com/open-eid/chrome-token-signing/blob/master/host-windows/CngCapiSigner.cpp#L130
For example, what if
CryptSignHashW
produce 128-bit signature? Is it not intended to handle this case?Anyway, what's the reasoning behind the signature reversal to begin with?
Thanks,