CC.RSA.sign output cannot be verified openssl backed libraries #59
Description
Hello, awesome work, thanks a lot!
Have found strange behaviour, I'm not a cryptographer and don't know where to dig to. A signature created with .pss padding and some salt false verified on backend with Python/Ruby but works vice verse.
iOS:
let signature = try CC.RSA.sign(dataSign, derKey: privateKey, padding: .pss, digest: .sha384, saltLen: 16)Backend Python returns false for this signature
public_key.verify(signature, dataSign, padding.PSS(mgf=padding.MGF1(SHA384())), salt_length=16), SHA384())The same verification tried on Ruby
public_key.verify_pss("SHA384", signature, dataSign, salt_length: 16, mgf1_hash: "SHA384")also gives false result.
But when create signature on backend side
Python
signature = private_key.sign(dataSign, PSS(mgf=padding.MGF1(SHA384(), salt_length=16), SHA384())Ruby
signature = private_key.sign_pss("SHA384", dataSign, salt_length: 16, mgf1_hash: "SHA384")Then on iOS side
try CC.RSA.verify(dataSign, derKey: publicKey, padding: .pss, digest: .sha384, saltLen: 16, signedData: signature)It returns true.
Am I missing something ? Or CommonCrypto and OpenSSL work different for signature creation when using pss + salt ? As using padding pkcs15 all works as expected.
Thank you one more time for your great work !