Utilizing the forge library on the client side for creating signatures looks like this:
//Client Side
var md = forge.md.sha256.create();
md.update(encryptedVote, 'utf8');
var pss = forge.pss.create({
md: forge.md.sha256.create(),
mgf: forge.mgf.mgf1.create(forge.md.sha256.create()),
saltLength: 20
});
var signature = privateKey.sign(md, pss);
However, when attempting to verify the signature using the cryptography library on the server side, an Invalid signature error is consistently encountered:
#server side
user_public_key_loaded.verify(
signature,
enc_encrypted_vote,
padding.PSS(
mgf=padding.MGF1(hashes.SHA256()),
salt_length=20
),
hashes.SHA256()
)
Attempts to resolve the issue by changing the encoding to
md.update(encryptedVote, 'latin1');
on the client side have been inconsistent, with occasional success and failure. Any insights on what could be causing the issue?