I don't know about reversing the modulus. Are you using PKCS#11 functions
to retrieve the key components? If so, you shouldn't need to reverse the
bytes as the values already come back in the right endianness. Perhaps
there is something else that is wrong? Also, if you really do need to
reverse the bytes of the modulus then you will also need to reverse the
bytes of the exponent.
If it is the PKCS#11 interface that you're using then the sign operation
will be being performed with PKCS#1 padding, and so you will need to use the
same padding mode during verification.
Steven
--
Steven Reddie <[EMAIL PROTECTED]>
Senior Software Engineer
Computer Associates Pty Ltd (Australia)
> -----Original Message-----
> From: bruce cartland [SMTP:[EMAIL PROTECTED]]
> Sent: Friday, March 09, 2001 6:19 PM
> To: [EMAIL PROTECTED]
> Subject: Re: How do I construct an instance of RSA using n & e
>
> thank you (and SHenson)
>
> it works. To test I use the command line tools to generate a key pair,
> dump
> the modulus and then initialise an RSA struct directly using the modulus
> and
> exponent. This correctly decrypts data signed with the command line tools.
>
> The reason I do this is because the Smartcard (GPK8000) gives back the raw
> modulus and exponent which I then use to verify data signed by the card.
> The
> card modulus has to be reversed otherwise I get (BN) parse error. I also
> set
> padding off otherwise I get a (PKCS1_PAD) error. Now the decryption runs
> without error except instead of recovering the 16 byte original data from
> the 128 byte signiture block I get a 128 byte block of rubbish.
>
> Any clues as to what I can try?
>
> thanks
> bruce
>
> ----- Original Message -----
> From: "Reddie, Steven" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Sent: Friday, March 09, 2001 11:03 AM
> Subject: RE: How do I construct an instance of RSA using n & e
>
>
> > You got it. Call RSA_new() to allocate and initialize the RSA struct,
> the
> > BN_bin2bn to generate the BIGNUM's. Something along the following lines
> > should do it:
> > RSA* rsa = RSA_new();
> > rsa->n = BN_bin2bn(modulus, modulus_size, NULL);
> > rsa->e = BN_bin2bn(exponent, exponent_size, NULL);
> >
> > Regards,
> >
> > Steven
> > --
> > Steven Reddie <[EMAIL PROTECTED]>
> > Senior Software Engineer
> > Computer Associates Pty Ltd (Australia)
> >
> >
> > > -----Original Message-----
> > > From: bruce cartland [SMTP:[EMAIL PROTECTED]]
> > > Sent: Friday, March 09, 2001 9:16 AM
> > > To: [EMAIL PROTECTED]
> > > Subject: How do I construct an instance of RSA using n & e
> > >
> > > I have n (the public modulus) and e (the public exponent). No nicely
> > > encoded data. Given those two values is there an API set to construct
> the
> > > RSA (public key) structure? I'm guessing I'd have to create a BIGNUM
> first
> > > then ..? Nothing obvious in rsa.h. Would it be reasonable to create a
> new
> > > RSA struct then set the pointers directly?
> > > thanks
> > >
> > > bruce
> > >
> > >
> > > ______________________________________________________________________
> > > OpenSSL Project http://www.openssl.org
> > > User Support Mailing List [EMAIL PROTECTED]
> > > Automated List Manager [EMAIL PROTECTED]
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
> >
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
