Hi! I am trying to use 'RSA_verify' to verify a signature, but I am getting the error "67567722", which is translated to: "error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01".
When I use 'openssl pkcs7 -in TEST_KEY.RSA -print_certs -text -noout -inform DER', I get: " Certificate: Data: Version: 3 (0x2) Serial Number: a7:01:33:46:d1:d9:e3:d0 Signature Algorithm: sha1WithRSAEncryption Issuer: C=BR, ST=RJ, O=TQTVD, OU=Development, CN=Astro Root CA Certificate/emailaddress=rcanel...@tqtvd.com Validity Not Before: Feb 3 13:50:52 2009 GMT Not After : Feb 3 13:50:52 2010 GMT Subject: C=BR, ST=RJ, O=TQTVD, OU=Test, CN=Astro Test Certificate Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:8b:2d:a8:e6:e8:8f:7c:29:4e:ff:b3:28:b2:3e: 61:aa:ee:50:6e:2c:9a:5e:11:5d:2a:48:e9:dc:93: 7f:e5:74:d1:6f:6b:65:fb:0a:43:3a:69:fe:b4:64: 9a:bf:c3:17:2f:ca:f3:4d:92:be:9c:24:4c:0a:cd: 13:08:8c:a3:32:9b:b1:b1:a2:06:bb:41:b9:ce:22: 37:5f:0b:de:a2:0d:f7:49:cb:cd:b1:77:72:e8:ab: 04:2f:e7:a7:73:2d:95:d4:ae:7e:8a:7c:7c:9b:92: 86:83:6e:5b:46:b7:a1:bc:0f:d4:22:bf:a3:74:df: 75:26:6b:21:72:ec:ae:6e:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: AF:2D:B9:4E:87:03:CD:53:90:BF:C5:BE:1C:BC:6A:4B:F2:86:67:D8 X509v3 Authority Key Identifier: keyid:96:E6:89:95:4C:72:BB:46:17:4F:90:B6:2C:C3:AC:61:1D:37:82:10 Signature Algorithm: sha1WithRSAEncryption 06:90:74:58:c1:fb:5a:50:fd:fe:97:26:2f:f0:4c:f1:4c:93: 2e:6a:86:63:ad:57:b7:8c:9c:c5:43:e9:c1:70:c9:11:68:4a: 18:a4:08:a7:6b:3f:2b:99:31:96:cb:53:21:7a:a3:dc:7d:02: 0e:c3:da:30:8e:93:3a:5a:19:af:b7:ca:8f:30:2b:e8:17:f6: 59:ac:3e:47:a7:8b:45:35:f5:8f:1f:ac:b6:ec:db:f2:57:21: ce:79:67:a5:f4:3d:03:05:cd:65:b6:c0:7e:70:77:a2:7e:be: 8f:00:40:2a:51:65:a7:c5:11:82:ec:6e:b1:2b:6b:d3:2d:47: 6e:99 Certificate: Data: Version: 3 (0x2) Serial Number: a7:01:33:46:d1:d9:e3:cf Signature Algorithm: sha1WithRSAEncryption Issuer: C=BR, ST=RJ, O=TQTVD, OU=Development, CN=Astro Root CA Certificate/emailaddress=rcanel...@tqtvd.com Validity Not Before: Feb 3 13:15:26 2009 GMT Not After : Feb 3 13:15:26 2012 GMT Subject: C=BR, ST=RJ, O=TQTVD, OU=Development, CN=Astro Root CA Certificate/emailaddress=rcanel...@tqtvd.com Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:a9:f9:f8:70:d7:aa:a2:16:83:59:69:11:af:f8: dc:6d:f2:0b:e1:b1:39:12:90:4c:28:e2:24:da:8b: 49:78:3c:97:2f:4e:ca:2e:1f:29:a4:f9:94:40:17: b2:6b:30:5b:51:20:f9:50:f3:be:1f:f4:ce:35:fb: 05:93:98:04:37:aa:d8:1f:90:a5:f7:04:43:ed:b3: 8a:fd:00:fa:f1:36:a8:ef:29:bb:cf:92:95:5f:e0: 04:f2:2b:64:52:63:ac:f2:77:b7:b1:60:cf:5e:13: e9:ec:8e:37:ef:c3:de:ca:55:51:1d:f5:61:c2:c8: b0:e7:c2:3e:4b:1f:c3:16:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:E6:89:95:4C:72:BB:46:17:4F:90:B6:2C:C3:AC:61:1D:37:82:10 X509v3 Authority Key Identifier: keyid:96:E6:89:95:4C:72:BB:46:17:4F:90:B6:2C:C3:AC:61:1D:37:82:10 DirName:/C=BR/ST=RJ/O=TQTVD/OU=Development/CN=Astro Root CA Certificate/emailaddress=rcanel...@tqtvd.com serial:A7:01:33:46:D1:D9:E3:CF X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha1WithRSAEncryption 60:95:2e:f7:21:f0:16:bc:67:35:6c:c1:0d:ea:0d:25:38:2a: c8:70:4e:8b:99:08:27:65:88:3e:ff:9c:eb:4d:26:e2:30:15: 34:2b:82:58:65:ff:29:d3:ec:9f:12:50:f9:65:c0:79:1c:63: 72:52:13:c3:b2:68:41:3a:b2:3c:8e:47:11:28:f2:c4:61:98: 1e:de:97:08:3d:b0:c6:06:db:44:f8:b2:92:6e:68:42:8c:5c: b3:66:dd:f0:72:32:12:c9:ae:d2:a2:0b:7a:f5:ca:ea:30:cb: 11:f6:2b:31:d8:ac:eb:49:37:c2:79:07:e2:e9:78:51:6b:23: a7:33 " The hash of the file that was signed by the first certificate in the chain, i.e., serial "a7:01:33:46:d1:d9:e3:d0" is "11 18 41 32 20 0B 73 D9 B4 6B 35 B3 CF FA B4 73 96 66 3C 8F". I get this result from my program as well as from 'sha1sum'. 'RSA_verify' is called with: 'type' as "NID_sha1", 'm' as "11 18 41 32 20 0B 73 D9 B4 6B 35 B3 CF FA B4 73 96 66 3C 8F", 'm_len' is "20", 'sigbuf' is '06:90:74:58:c1:fb:5a:50:fd:fe:97:26:2f:f0:4c:f1:4c:93: 2e:6a:86:63:ad:57:b7:8c:9c:c5:43:e9:c1:70:c9:11:68:4a: 18:a4:08:a7:6b:3f:2b:99:31:96:cb:53:21:7a:a3:dc:7d:02: 0e:c3:da:30:8e:93:3a:5a:19:af:b7:ca:8f:30:2b:e8:17:f6: 59:ac:3e:47:a7:8b:45:35:f5:8f:1f:ac:b6:ec:db:f2:57:21: ce:79:67:a5:f4:3d:03:05:cd:65:b6:c0:7e:70:77:a2:7e:be: 8f:00:40:2a:51:65:a7:c5:11:82:ec:6e:b1:2b:6b:d3:2d:47: 6e:99' 'siglen' is "128", and 'rsa' is created like this (error checking and handling ommited): " rsa = RSA_new (); rsa->n = BN_bin2bn(bufPubKeyMod, pubKeyMod.size (), 0); rsa->e = BN_bin2bn(bufPubKeyExp, 3, 0); " where 'bufPubKeyMod' is " 00:8b:2d:a8:e6:e8:8f:7c:29:4e:ff:b3:28:b2:3e: 61:aa:ee:50:6e:2c:9a:5e:11:5d:2a:48:e9:dc:93: 7f:e5:74:d1:6f:6b:65:fb:0a:43:3a:69:fe:b4:64: 9a:bf:c3:17:2f:ca:f3:4d:92:be:9c:24:4c:0a:cd: 13:08:8c:a3:32:9b:b1:b1:a2:06:bb:41:b9:ce:22: 37:5f:0b:de:a2:0d:f7:49:cb:cd:b1:77:72:e8:ab: 04:2f:e7:a7:73:2d:95:d4:ae:7e:8a:7c:7c:9b:92: 86:83:6e:5b:46:b7:a1:bc:0f:d4:22:bf:a3:74:df: 75:26:6b:21:72:ec:ae:6e:9b" and 'bufPubKeyExp' is "01:00:01" What I do not understand (and I think this is the cause of the error) is why the modulus of the certificate "a7:01:33:46:d1:d9:e3:d0" has 129 bytes, instead of 128? But, as I am extremely newbie to cryptography, and even more to 'openssl', I am sure I am making a, well, newbie mistake. Could anyone give me a help? Thanks a lot! -- Rodrigo Canellas Software Developer Digital TV Products +55 21 3147-3000/8675 rodrigo.canel...@tqtvd.com www.tqtvd.com TQTVD Software