Richard Levitte - VMS Whacker wrote: > > I just gor a CSR (included below) that fails verification on Linux but > where verification succeeds on VMS. In both cases, OpenSSL 0.9.6b is > used: > > openssl req -in DaveJones.csr -noout -verify > > gives "verify failure" on my Linux laptop, and "verify OK" on my VAX. > So I'm confused, is that CSR correct or not? Could it be some BIGNUM > problem lurking around? I'll check out a little, but would appreciate > some help here...
The proximate cause is that fails the padding check (in fact, appears to not be padded at all). Tricky to say more than that - but it'd be interesting to compare the numbers in RSA_eay_public_decrypt() for the two runs. Note that I just updated req.c to print the error when verify fils. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
