[CryptoAPI] Digital Signatures?

[CryptoAPI] Digital Signatures?

Forge Component
Published on 2015-11-29 by Ricardo Silva
11 votes
Published on 2015-11-29 by Ricardo Silva
I have a need to both encrypt and digitally sign a document.  Can this library be used for digital signatures?  I understand that you would want to hash a document and then encrypt the digest with the signer's private key.  When I tried using the library, I was successful in encrypting with the public key and decrypting with the private key, but encrypting with the private key gives an error when trying to decrypt with the public key.  

I am new to this subject so I'm sure I'm doing something wrong, but could you help me.  I'm using the RSA encryption algorithm, with keys created using your methods (GenerateRSAKey & GetRSAPublicKey).

Thanks for any help you can provide.
Hello Joe,

I have not implemented signatures with RSA keys in CryptoAPI.

Can you provide a more concrete example of what you are trying to achieve? What are the security properties you want to have?

In particular, when you say you want to "encrypt and digitally sign a document", are we talking about a binary file, or a piece of text?
I am building an app that brokers the exchange of confidential documents.  To date, they are all JSON documents (therefore all text).  The process I want to enable is:
Alice makes a request and provides her public key.  I forward the request to Bob.  Bob creates a JSON object, which he would has using SHA-256 to create a digest.  Bob would encrypt the digest with his private key to digitally sign the document.  Bob would then create a JSON document that had original JSON + Signature + Bob's public key + hash method + encryption method.  Bob would then encrypt the composite JSON document with Alice's public key and return it to me.  I then forward the ciphertext to Alice which would decrypt using her private key.  Extract Bob's public key to validate the digital signature.  This is where I'm failing  Bob's public key needs to be able to decrypt the digest so Alice can compare that against her hashing the first JSON document to verify nothing has been modified and provide non-repudiation.   Hope that gives you what you're looking for.

I really appreciate the help!
Hi Joe,

While the concept with RSA is that you encrypt with your private key to sign something, in practice there are other things you need to take into consideration. So the signing "algorithm" is slightly different from the encryption algorithm. Basically what changes is the way you pad the value you encrypt.

In your case, that probably wouldn't work. Encrypting with RSA is roughly limited to the size of the RSA key, and the output of an encryption is the same size as the key. This means that most like you won't be able to encrypt the JSON + Signature + hash method + encryption method with the same key.

What's usually done is you encrypt a symmetric key with the public key and encrypt the data with the symmetric key. In CryptoAPI terms that would be:

Encrypt_RSA(Alice's key, GenerateAESKey()) + Encrypt(AESKey, json document)

In any case, back to the signing part: Currently CryptoAPI does not have this. I'm not sure when I would be able to pick this up to ensure it works in both .NET and Java. In any case I believe you can look at the CryptoAPI code and make your own signing functions based on the .NET APIs .
Thanks for your help.  As you can tell I am new to encryption details.  There is always so much to learn moving from the theory to the practice!  :-)  I appreciate the advice and the great work that you have done for the community.  I'm also using ardoJSON.

Best regards,