1

I am given a network packet whose last 64 bytes (128 hex characters) are the RSA-512 digital signature of the SHA-256 hash of the packet. I take a truncated version of this packet (everything except the last 64 bytes) and calculate the hash myself, which is working fine, however I need a way to get back the hash that generated the signature in the first place

I have tried to do this in Python and have run into problems because I don't have the RSA private key, only the public key and the Digital Signature. What I need is a way to take the public key and signature and get the SHA-256 hash back from that to compare it to the hash I've generated. Is there a way to do this? Any crypto libraries would be fine. I am using hashlib to generate the hash

Thomas M
  • 47
  • 1
  • 10
  • 4
    i think you should read this: https://crypto.stackexchange.com/questions/9896/how-does-rsa-signature-verification-work – Javier Neyra Jun 19 '19 at 22:50
  • I saw that - what I don't get is that it says you can: You can use public key to "encrypt" (or "decrypt" which is same in "textbook" RSA) the signature and get hashed message. If the hashed message equals hashed message, then you verified the message being correctly signed. Does this mean just RSA encrypt the signature and then hash that, which will give you the same as the hashed 'message'? – Thomas M Jun 19 '19 at 23:01
  • more specifically - the procedure explained in the answer in this thread: https://stackoverflow.com/questions/18257185/how-does-a-public-key-verify-a-signature I am looking for how to do that using python crypto libraries. Thus far I have not been able to figure out how – Thomas M Jun 20 '19 at 00:44
  • when you say " What I need is a way to take the public key and signature and get the SHA-256 hash back from that to compare it to the hash I've generated." you do this by "decrypting" de signature and comparing de result to de original data, wich you already have, if what you decrypted matches the data, then you are certain that the data came from the holder of the private key, thats the whole idea. take for example how a signed jwt works, the header tells you how it was signed, the body is the data and the last part is the signature which you verify using a public key. – Javier Neyra Jun 21 '19 at 10:06
  • here is an example in python. https://gist.github.com/lkdocs/6519372. – Javier Neyra Jun 21 '19 at 10:10
  • Did you ever figure this out? I'm having the same issue - trying to get the original hash from the digital signature – Justin Dec 03 '20 at 19:07

1 Answers1

0

The original hash was signed with the private key. To get the original hash, you need to decrypt the signature with the public key, not with the private key.

Roland Weber
  • 3,395
  • 12
  • 26
  • How do you do this in python is my question - I know you need to decrypt with public key. is it just simply rsa_pub_key.decrypt(digital_signature)? I've tried doing that but I get this error: `File "/usr/local/lib/python2.7/site-packages/Crypto/PublicKey/RSA.py", line 239, in _decrypt mp = self.key._decrypt(cp) TypeError: Private key not available in this object` – Thomas M Jun 20 '19 at 15:36
  • @ThomasM The please edit your question to make clear what you're asking. Right now, it still says "have run into problems because I don't have the RSA private key". Don't decrypt at all if you're verifying a signature, the libraries have extra code for the latter, see https://stackoverflow.com/questions/39402792/need-help-verifying-a-signature-with-the-python-cryptography-library And switch to Python 3 before the year is out... https://pythonclock.org/ – Roland Weber Jun 21 '19 at 08:35