Hi!
I am trying to use 'RSA_verify' to verify a signature, but I am getting the
error "67567722", which is translated to: "error:0407006A:rsa
routines:RSA_padding_check_PKCS1_type_1:block type is not 01".
When I use 'openssl pkcs7 -in TEST_KEY.RSA -print_certs -text -noout -inform
DER', I get:
"
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a7:01:33:46:d1:d9:e3:d0
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=BR, ST=RJ, O=TQTVD, OU=Development, CN=Astro Root CA
Certificate/emailaddress=rcanel...@tqtvd.com
Validity
Not Before: Feb 3 13:50:52 2009 GMT
Not After : Feb 3 13:50:52 2010 GMT
Subject: C=BR, ST=RJ, O=TQTVD, OU=Test, CN=Astro Test Certificate
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:8b:2d:a8:e6:e8:8f:7c:29:4e:ff:b3:28:b2:3e:
61:aa:ee:50:6e:2c:9a:5e:11:5d:2a:48:e9:dc:93:
7f:e5:74:d1:6f:6b:65:fb:0a:43:3a:69:fe:b4:64:
9a:bf:c3:17:2f:ca:f3:4d:92:be:9c:24:4c:0a:cd:
13:08:8c:a3:32:9b:b1:b1:a2:06:bb:41:b9:ce:22:
37:5f:0b:de:a2:0d:f7:49:cb:cd:b1:77:72:e8:ab:
04:2f:e7:a7:73:2d:95:d4:ae:7e:8a:7c:7c:9b:92:
86:83:6e:5b:46:b7:a1:bc:0f:d4:22:bf:a3:74:df:
75:26:6b:21:72:ec:ae:6e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
AF:2D:B9:4E:87:03:CD:53:90:BF:C5:BE:1C:BC:6A:4B:F2:86:67:D8
X509v3 Authority Key Identifier:
keyid:96:E6:89:95:4C:72:BB:46:17:4F:90:B6:2C:C3:AC:61:1D:37:82:10
Signature Algorithm: sha1WithRSAEncryption
06:90:74:58:c1:fb:5a:50:fd:fe:97:26:2f:f0:4c:f1:4c:93:
2e:6a:86:63:ad:57:b7:8c:9c:c5:43:e9:c1:70:c9:11:68:4a:
18:a4:08:a7:6b:3f:2b:99:31:96:cb:53:21:7a:a3:dc:7d:02:
0e:c3:da:30:8e:93:3a:5a:19:af:b7:ca:8f:30:2b:e8:17:f6:
59:ac:3e:47:a7:8b:45:35:f5:8f:1f:ac:b6:ec:db:f2:57:21:
ce:79:67:a5:f4:3d:03:05:cd:65:b6:c0:7e:70:77:a2:7e:be:
8f:00:40:2a:51:65:a7:c5:11:82:ec:6e:b1:2b:6b:d3:2d:47:
6e:99
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a7:01:33:46:d1:d9:e3:cf
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=BR, ST=RJ, O=TQTVD, OU=Development, CN=Astro Root CA
Certificate/emailaddress=rcanel...@tqtvd.com
Validity
Not Before: Feb 3 13:15:26 2009 GMT
Not After : Feb 3 13:15:26 2012 GMT
Subject: C=BR, ST=RJ, O=TQTVD, OU=Development, CN=Astro Root CA
Certificate/emailaddress=rcanel...@tqtvd.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:a9:f9:f8:70:d7:aa:a2:16:83:59:69:11:af:f8:
dc:6d:f2:0b:e1:b1:39:12:90:4c:28:e2:24:da:8b:
49:78:3c:97:2f:4e:ca:2e:1f:29:a4:f9:94:40:17:
b2:6b:30:5b:51:20:f9:50:f3:be:1f:f4:ce:35:fb:
05:93:98:04:37:aa:d8:1f:90:a5:f7:04:43:ed:b3:
8a:fd:00:fa:f1:36:a8:ef:29:bb:cf:92:95:5f:e0:
04:f2:2b:64:52:63:ac:f2:77:b7:b1:60:cf:5e:13:
e9:ec:8e:37:ef:c3:de:ca:55:51:1d:f5:61:c2:c8:
b0:e7:c2:3e:4b:1f:c3:16:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E6:89:95:4C:72:BB:46:17:4F:90:B6:2C:C3:AC:61:1D:37:82:10
X509v3 Authority Key Identifier:
keyid:96:E6:89:95:4C:72:BB:46:17:4F:90:B6:2C:C3:AC:61:1D:37:82:10
DirName:/C=BR/ST=RJ/O=TQTVD/OU=Development/CN=Astro Root CA
Certificate/emailaddress=rcanel...@tqtvd.com
serial:A7:01:33:46:D1:D9:E3:CF
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha1WithRSAEncryption
60:95:2e:f7:21:f0:16:bc:67:35:6c:c1:0d:ea:0d:25:38:2a:
c8:70:4e:8b:99:08:27:65:88:3e:ff:9c:eb:4d:26:e2:30:15:
34:2b:82:58:65:ff:29:d3:ec:9f:12:50:f9:65:c0:79:1c:63:
72:52:13:c3:b2:68:41:3a:b2:3c:8e:47:11:28:f2:c4:61:98:
1e:de:97:08:3d:b0:c6:06:db:44:f8:b2:92:6e:68:42:8c:5c:
b3:66:dd:f0:72:32:12:c9:ae:d2:a2:0b:7a:f5:ca:ea:30:cb:
11:f6:2b:31:d8:ac:eb:49:37:c2:79:07:e2:e9:78:51:6b:23:
a7:33
"
The hash of the file that was signed by the first certificate in the chain,
i.e., serial "a7:01:33:46:d1:d9:e3:d0" is "11 18 41 32 20 0B 73 D9 B4 6B 35 B3
CF FA B4 73 96 66 3C 8F". I get this result from my program as well as from
'sha1sum'.
'RSA_verify' is called with:
'type' as "NID_sha1",
'm' as "11 18 41 32 20 0B 73 D9 B4 6B 35 B3 CF FA B4 73 96 66 3C 8F",
'm_len' is "20",
'sigbuf' is
'06:90:74:58:c1:fb:5a:50:fd:fe:97:26:2f:f0:4c:f1:4c:93:
2e:6a:86:63:ad:57:b7:8c:9c:c5:43:e9:c1:70:c9:11:68:4a:
18:a4:08:a7:6b:3f:2b:99:31:96:cb:53:21:7a:a3:dc:7d:02:
0e:c3:da:30:8e:93:3a:5a:19:af:b7:ca:8f:30:2b:e8:17:f6:
59:ac:3e:47:a7:8b:45:35:f5:8f:1f:ac:b6:ec:db:f2:57:21:
ce:79:67:a5:f4:3d:03:05:cd:65:b6:c0:7e:70:77:a2:7e:be:
8f:00:40:2a:51:65:a7:c5:11:82:ec:6e:b1:2b:6b:d3:2d:47:
6e:99'
'siglen' is "128",
and 'rsa' is created like this (error checking and handling ommited):
"
rsa = RSA_new ();
rsa->n = BN_bin2bn(bufPubKeyMod, pubKeyMod.size (), 0);
rsa->e = BN_bin2bn(bufPubKeyExp, 3, 0);
"
where 'bufPubKeyMod' is
" 00:8b:2d:a8:e6:e8:8f:7c:29:4e:ff:b3:28:b2:3e:
61:aa:ee:50:6e:2c:9a:5e:11:5d:2a:48:e9:dc:93:
7f:e5:74:d1:6f:6b:65:fb:0a:43:3a:69:fe:b4:64:
9a:bf:c3:17:2f:ca:f3:4d:92:be:9c:24:4c:0a:cd:
13:08:8c:a3:32:9b:b1:b1:a2:06:bb:41:b9:ce:22:
37:5f:0b:de:a2:0d:f7:49:cb:cd:b1:77:72:e8:ab:
04:2f:e7:a7:73:2d:95:d4:ae:7e:8a:7c:7c:9b:92:
86:83:6e:5b:46:b7:a1:bc:0f:d4:22:bf:a3:74:df:
75:26:6b:21:72:ec:ae:6e:9b"
and 'bufPubKeyExp' is "01:00:01"
What I do not understand (and I think this is the cause of the error) is why
the modulus of the certificate "a7:01:33:46:d1:d9:e3:d0" has 129 bytes, instead
of 128? What does the first '0x00' byte mean?
But, as I am extremely newbie to cryptography, and even more to 'openssl', I am
sure I am making a, well, newbie mistake.
Could anyone give me a help?
Thanks a lot!
--
Rodrigo Canellas
Software Developer
Digital TV Products
+55 21 3147-3000/8675
rodrigo.canel...@tqtvd.com
www.tqtvd.com
TQTVD Software
