Does this library support interop with pycrypto? #41
-
|
Just getting started in this field but for my job i have to provide interop (both ways) with a python library. https://pycryptodome.readthedocs.io/en/latest/src/signature/dsa.html so basically im trying to replicate these two functions in kotlin and but i dont see any mention of fips-186-3 in this library/sample code so im not sure if that fips-186-3 is just a standard and i dont need to actually declare that in my kotlin code anywhere? |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 5 replies
-
|
Hey! Yeah, there is no need to provide So to mimic your code here, it will be something like this: val ecdsa = CryptographyProvider.Default.get(ECDSA)
val signature =
ecdsa
.privateKeyDecoder(EC.Curve.P521)
.decodeFrom(EC.PrivateKey.Format.DER, TODO("read bytes from 'privkey.der'"))
.signatureGenerator(SHA256, ECDSA.SignatureFormat.RAW) // python lib used RAW format by default
.generateSignature("I give my permission to order #4355".encodeToByteArray())
val isValid =
ecdsa
.publicKeyDecoder(EC.Curve.P521)
.decodeFrom(EC.PublicKey.Format.DER, TODO("read bytes from 'pubkey.der'"))
.signatureVerifier(SHA256, ECDSA.SignatureFormat.RAW)
.verifySignature("I give my permission to order #4355".encodeToByteArray(), signature)
check(isValid) { "Signature is invalid" }The only thing that is not supported is automatic decoding of curves - you need to provide it explicitly. Hope this helps! |
Beta Was this translation helpful? Give feedback.
-
|
Oh heck yeah! This is insanely helpful as I've been going insane trying to match that same logic. I noticed in the docs that this might not be supported on iOS. Is that right? I was able to get it working with CryptoKit/Security so it's not the biggest deal. but would be nice to have a single interface for it. FWIW, this was my code that worked (to decode at least. haven't done encoding/signing) let publicKey = try! P256.Signing.PublicKey(pemRepresentation: pemString) let signature = try! P256.Signing.ECDSASignature(rawRepresentation: Data(hex: "hex representation here")!) let isValid = publicKey.isValidSignature(signature, for: "put the bytes here".data(using: .utf8)!) |
Beta Was this translation helpful? Give feedback.
-
|
It's supported only with |
Beta Was this translation helpful? Give feedback.
-
|
Interesting! This is all still new to me. so it seems like I can use this with iOS! Awesome. I just need to use the openssl provider on apple as well? Hm. I'm new to kmp, let me see if I can get my dependencies looking right maybe something like this should work |
Beta Was this translation helpful? Give feedback.
-
|
Yes, you got it right! here is an example: #27 (comment) kotlin {
sourceSets {
commonMain.dependencies {
implementation(project.dependencies.platform("dev.whyoleg.cryptography:cryptography-bom:0.3.1"))
implementation("dev.whyoleg.cryptography:cryptography-core")
}
androidMain.dependencies {
implementation("dev.whyoleg.cryptography:cryptography-provider-jdk")
}
iosMain.dependencies {
implementation("dev.whyoleg.cryptography:cryptography-provider-openssl3-prebuilt")
// or `apple` provider
// implementation("dev.whyoleg.cryptography:cryptography-provider-apple")
}
}
}P.S. I will definitely add this to the docs/readme in upcoming release... |
Beta Was this translation helpful? Give feedback.
-
|
Ah nice. That is exactly what i was looking for! updating the readme will be excellent. cheers |
Beta Was this translation helpful? Give feedback.
Hey! Yeah, there is no need to provide
fips-186-3, this is the default behaviour now. So everything should work fine.The main difference with this
pythonlibrary is that you don't need to hash data yourself, but it will be done under the hood.So to mimic your code here, it will be something like this: