Hi, everyone.
In Openssl 0.9.8i, I'm trying to take an RSA public exponent and public
modulus, assemble them into an RSA key, and use that to verify a
signature for a message. However, EVP_VerifyFinal() always fails,
apparently because of the wrong use of padding.
My code:
RSA * RsaKeyPtr = RSA_new();
EVP_PKEY * EvpKeyPtr = EVP_PKEY_new();
RsaKeyPtr->n = BN_bin2bn(ModulusPtr, ModulusLength, NULL); // Public
modulus n
RsaKeyPtr->e = BN_bin2bn(Exponent, sizeof(Exponent), NULL); // Public
key exponent e
EvpKeyPtr->type = EVP_PKEY_RSA;
if(EVP_PKEY_assign_RSA(EvpKeyPtr, RsaKeyPtr))
{
EVP_MD_CTX_init(&MDContext);
if(EVP_VerifyInit_ex(&MDContext, EvpMdPtr, NULL))
{
if(EVP_VerifyUpdate(&MDContext, MessagePtr, MessageLength))
{
if(EVP_VerifyFinal(&MDContext, SignaturePtr,
SignatureLength, EvpKeyPtr))
{
...
The call stack looks like:
RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
...
RSA_eay_public_decrypt()
RSA_padding_check_PKCS1_type_1()
and that last function fails.
Am I assembling the RSA key incorrectly?
The modulus and exponent are each 1024 bits long and the message and
signature are each 128 bytes long
Thanks very much,
Paul
___________________________________
Paul A. Suhler | Firmware Engineer | Quantum Corporation | Office:
949.856.7748 | [email protected]
----------------------------------------------------------------------
The information contained in this transmission may be confidential. Any
disclosure, copying, or further distribution of confidential information is not
permitted unless such privilege is explicitly granted in writing by Quantum.
Quantum reserves the right to have electronic communications, including email
and attachments, sent across its networks filtered through anti virus and spam
software programs and retain such messages in order to comply with applicable
data security and retention requirements. Quantum is not responsible for the
proper and complete transmission of the substance of this communication or for
any delay in its receipt.
