Paying to add RSA/SHA512 padding to a Javascript lib

[Nefario]

I will be needing to sign some requests using RSA and SHA512 for padding in Javascript.

Here is the Javascript RSA lib http://www9.atwiki.jp/kurushima/pub/jsrsa/

However it doesn't do SHA512(doing only sha1 & sha256) for padding.

Here is what the page says about adding another hashing method.

How to add supported signature algorithms
The script "rsa-sign.js" currently supports SHA1withRSA and SHA256withRSA signature algorithms. However you can extend other signature algorithms such like MD5withRSA or SHA512withRSA by just specifying two variables in it.

_RSASIGN_DIHEAD['md5'] = "30..."; // Hexadecimal DigestInfo prefix for MD5 _RSASIGN_HASHHEXFUNC['md5'] = md5hex; // function which returns value in hex.

You can use any sha512 javascript function that works for this.

Please post your solution below and how much work was involved for you and I'll give you a payment you'll be happy with (not giving exact numbers, but I'm not known as someone who's mean or stingy).

Regards Nefario

[1714148606]

1714148606

[1714148606]

1714148606

[1714148606]

1714148606

[lulzplzkthx]

I'm not quite sure what you need, but this library says it supports SHA512: http://jssha.sourceforge.net/

EDIT: Err, I was working on the same code graingert gave, so I'll just leave that to him then.

[graingert]

    _RSASIGN_DIHEAD['sha512'] = "30..."; // Hexadecimal DigestInfo prefix for sha512
_RSASIGN_HASHHEXFUNC['sha512'] = sha512func; // function which returns sha512 value in hex.

[graingert]

and you'll need

function sha512func() {
try {
return hashObj.getHash("SHA-512", "HEX");
} catch(e) {
}
}

build yourself a hash obj using http://jssha.sourceforge.net/

throw me a few coins if you think it's worth it / it works : 163aFkTefqW3Ab8dJ3XvzkURigd7uTAP2d

[graingert]

sorry that should be:

Code:

function sha512func(valueToBeHashed) {
    try {
        hashObj = new jsSHA(valueToBeHashed, "HEX");
        return hashObj.getHash("SHA-512", "HEX");
    } catch(e) {
    }
}
_RSASIGN_DIHEAD['sha512'] = "30..."; // Hexadecimal DigestInfo prefix for sha512
_RSASIGN_HASHHEXFUNC['sha512'] = sha512func; // function which returns sha512 value in hex. 

and you'll need to import <script type="text/javascript" src="sha.js"></script> from http://jssha.sourceforge.net/

[lulzplzkthx]

sorry that should be:

function sha512func(valueToBeHashed) {
try {
hashObj = new jsSHA(valueToBeHashed, "HEX");
return hashObj.getHash("SHA-512", "HEX");
} catch(e) {
}
}

and you'll need to import <script type="text/javascript" src="sha.js"></script> from http://jssha.sourceforge.net/

Actually, I think you'll want:

Code:

hashObj = new jsSHA(valueToBeHashed, "ASCII");

But I'm not sure.

[graingert]

ah I thought you'd want HEX to HEX hashing, but yes if you are using ASCII then use "ASCII"

[graingert]

did it work?

[Nefario]

Can't tell, it's seems to be signing, that is it's kind of working, but the signature isn't verifying with openssl.

I'll send a bit of btc yourway graingert for getting the hash function to work.

Now however I have a related task, and 50BTC to the person who sorts this out for me.

That is, the signature can be verified using the public key and openssl on a server somewhere.

For bonus point get it working with openssl and ruby.

Code:

require 'openssl'
pubkey="fsdfsdf..."
#signature is the javascript signature
#data is whats signed
public_key=OpenSSL::PKey::RSA.new(pubkey) 
public_key.verify( OpenSSL::Digest::SHA512.new, signature, data ) 

My experience is that openssl expects binary for the signature (at least that's what it outputs)

[Nefario]

Above offer withdrawn, looks like I've got it figured out.

[Nefario]

10btc heading graingert's way for his initial answer (which worked) and for helping me out later on IRC which helped to get me the rest of the way.

[graingert]

yep I am happy if you are