I'm trying to create a signed file using OpenSSL and Python, and I'm not receiving any error mesage, but the proccess is not working properly and I can't find the reason.
Below is my step-by-step to sign the file and check the signature:
First I create the crt in command line
openssl req -nodes -x509 -sha256 -newkey rsa:4096 -keyout "cert.key" -out "cert.crt" -subj "/C=BR/ST=SP/L=SP/O=Company/OU=IT Dept/CN=cert"
At this point, I have two files:
Sign the file use a Python Script like below:
import os.pathfrom Crypto.PublicKey import RSAfrom Crypto.Signature import PKCS1_v1_5from Crypto.Hash import SHA256from base64 import b64encode, b64decodersakey = RSA.importKey(self.key) # I opened the cert.key in __init__signer = PKCS1_v1_5.new(rsakey)digest = SHA256.new()digest.update(my_file) # Also opende in __init__sign = signer.sign(digest)return sign, b64encode(sign)
All works fine and after save the files, I have other three files:
my_file.csv (the original one),
my_file.txt.sha256.base64. At this point, I can decode the base64 file and compare with the signed one and both are fine.
The problem is when I try to verify the signature using the following command:
`openssl dgst -sha256 -verify <(openssl x509 -in "cert.crt" -pubkey -noout) -signature my_file.txt.sha256 my_file.csv`
At this point I always receive the "Verification Failure" and don't understand why.
Maybe the problem is my lack of Python's Knowledge, because when I sign the file using the following command (after step 1 and before use the Python script described in 2), the same verification works fine.
openssl dgst -sha256 -sign "cert.key" -out my_file.txt.sha256 my_file.csv
Am I doing anything wrong?
$signature = hash_hmac('sha256', base64_encode(json_encode($commands)), $api_secret);
var hash = CryptoJS.HmacSHA256(CryptoJS.enc.Base64.stringify(CryptoJS.enc.Utf8.parse(JSON.stringify(data))), api_secret).toString()
Please note that both of these examples were taken from the API documentation themselves, i'm asking here because i tried to look up other examples but there weren't any, and there aren't any issues reported on this on the git of the api.
Suppose you have an existing hash
g84t5tw73y487tb38wo4bq8o34q384o7nfw3q434hqa which was created from the original string
dont downvote my stupid question
Now I timestamp this hash like this (in JS/pseudo-code):
var hash = 'g84t5tw73y487tb38wo4bq8o34q384o7nfw3q434hqa';var today= new Date(); // 2017-10-19var timestamped = hash + today; var new_hash = SHA256(timestamped); // new_hash is 34t346tf3847tr8qrot3r8q248rtbrq4brtqti4t
If I wanted to verify my original string I can do:
var verified = goodHash('dont downvote my stupid question',hash); // true
If I wanted to verify the timestamped version I can do:
var original_hash = 'g84t5tw73y487tb38wo4bq8o34q384o7nfw3q434hqa';var today = '2017-10-19';var verified = goodHash(original_hash+today, timestamped_hash); // true
But if I tried to verify the original string against the timestamp, I CANT do:
var today = '2017-10-19';var verified = goodHash('dont downvote my stupid question'+today, timestamped_hash); // FALSE
Now suppose this original string is hashed and timestamped over and over again for
I would only ever be able to verify the
n-1th timestamp, provided I have the
But what if I have the original string
dont downvote my stupid question and want to verify any
ith timestamp, where
0 < i < n.
Basically, I want to verify whether a string that only I should have knowledge of, has been timestamped with a given date, regardless of how many times it may have been timestamped and without increasing the length of the string (too much - although any increase in length would approach infinity as
Is this even possible? Can a hash even contain all this information?
I've been trying to find the preimage for the following hash:56944c5d3f98413ef45cf54545538103cc9f298e0575820ad3591376e2e0f65d
This is the hash that is output after the initialisation of the CHashWriter function in Bitcoin. Xcode is telling that the data portion on initialisation is 16 unsigned ints of value 0, ie. 512 0 bits. Checking elsewhere, if we were to consider that as a pre-image, the output is not the same: the resulting hash is f5a5fd42d16a20302798ef6ed309979b43003d2320d9f0e8ea9831a92759fb4bCould anyone explain where the initial hash comes from?
I've done some looking around but i've only been able to find examples that use Objective-C to create SHA256 hashes. Is there a way to do this with only Swift4?