Re: CryptVerifySignature fail with message NTE_BAD_SIGNATURE

On Jun 6, 4:00 pm, Mounir IDRASSI <mooni...@xxxxxxxxxxxxxxxxx> wrote:
Hi,

I'm a little bite confused by your description. When doing digital
signature, the public key is for verification and private key for signature.
So I guess you are goind to do both encryption and signature. In this case,
using an AT_KEYEXCHANGE key is the right choice since it can do both
operations.
The usual process is to create a new container using CryptAcquireContext,
generate an AT_KEYEXCHANGE key using CryptGenKey, export the public key using
CryptExportKey with PUBLICKEYBLOB as blob type and optionally sign a
certificate request to be sent to a certificate authority.  Usually, all
these steps are done automatically for you if you use PKI systems like the MS
CA integrated with Windows Server 2003/2008.
One everything is set up, you can start doing classical PKI operations like
the sample you used. I think you can find many simples on the internet on how
specific Crypto API calls for each operation context.
I hope I gave you some clues on how to advance as your question was a little
bit vague.

Cheers,
--
Mounir IDRASSI
IDRIXhttp://www.idrix.fr

to reach : mounir_idrix_fr (replace the underscores with the at and dot
characters respectively)



"visalav...@xxxxxxxxxxxxx" wrote:
Hi Mounir,
My requirement is to Create a digital signatrue. I Want to use public
key to encrypt and private key to decrypt.
I guess the param AT_EXCHANGE will be used to when we export the key,
but i am not sure how the things works.

Can you please help me in this regard.

Thanks- Hide quoted text -

- Show quoted text -

Thanks for the info Mounir,
I am working on Windows mobile.
I want to create a digital signature for a file from one end(A) and
send the file and signature to the other end(Windows mobile).
The signature should be created using public key
( I am using function CryptGenKey(hProv, AT_KEYEXCHANGE,
0,&hPublicKey);

CryptExportKey(hPublicKey,0,/
*PRIVATEKEYBLOB*/ PUBLICKEYBLOB,0,

baKeyBlob.GetData(),&dwKeyBlobLen) ;

and for signing I am using "CryptSignHash( hHash, AT_KEYEXCHANGE,
NULL, 0, pbSignature, &dwSigLen) ;"
and verifying signing i am using " CryptVerifySignature( hHash,
bSignature, dwSigLen, hPubKey, NULL, 0)"

and functions succeeds.
My question here is: how the private keys used here to verify
signature? because we used hpublic key which is a public key.
Please share your idea i am bit confused how the AT_KEYEXCHANGE
works.

Thanks
Vishal
.

Relevant Pages

  • RE: Encryption question
    ... Digital signature is done by applying the ... sender's private key at the message hash. ... has the sender's public key to check. ... >Alice encrypts her email to Bob using his public key. ...
    (Security-Basics)
  • Re: Soft signatures
    ... now, digital signature, typically just represents that you (in ... For some time there were arguments that if a certificate contained the ... certificate with your public key and the non-repudiation flag in it. ... for a number of different business purposes. ...
    (sci.crypt)
  • Re: Design choice in LTC
    ... The bytes cannot be a valid signature for any public key. ... -- Failure type 1 is obtained when the signature is too small to harbour ...
    (sci.crypt)
  • Re: An old gem - private key encryption
    ... understanding of what a signature really is, ... the block is encrypted with the appropriate private key .." ... > I don't see the reason to ENCRYPT your buffer with the private key because ... > anybody can decrypt it anyway (assuming the public key is public). ...
    (microsoft.public.platformsdk.security)
  • Re: Encrypted key file as a software licensing scheme, advice(s) needed
    ... If anybody ever happens to find a private key which is compatible with your ... public key, the found private key will probably be different from yours. ... that case it produces a different signature from the same data. ... I believe you need to use padding when preparing the key file. ...
    (sci.crypt)