Hi, everyone. In Openssl 0.9.8i, I'm trying to take an RSA public exponent and public modulus, assemble them into an RSA key, and use that to verify a signature for a message. However, EVP_VerifyFinal() always fails, apparently because of the wrong use of padding.
My code: RSA * RsaKeyPtr = RSA_new(); EVP_PKEY * EvpKeyPtr = EVP_PKEY_new(); RsaKeyPtr->n = BN_bin2bn(ModulusPtr, ModulusLength, NULL); // Public modulus n RsaKeyPtr->e = BN_bin2bn(Exponent, sizeof(Exponent), NULL); // Public key exponent e EvpKeyPtr->type = EVP_PKEY_RSA; if(EVP_PKEY_assign_RSA(EvpKeyPtr, RsaKeyPtr)) { EVP_MD_CTX_init(&MDContext); if(EVP_VerifyInit_ex(&MDContext, EvpMdPtr, NULL)) { if(EVP_VerifyUpdate(&MDContext, MessagePtr, MessageLength)) { if(EVP_VerifyFinal(&MDContext, SignaturePtr, SignatureLength, EvpKeyPtr)) { ... The call stack looks like: RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING); ... RSA_eay_public_decrypt() RSA_padding_check_PKCS1_type_1() and that last function fails. Am I assembling the RSA key incorrectly? The modulus and exponent are each 1024 bits long and the message and signature are each 128 bytes long Thanks very much, Paul ___________________________________ Paul A. Suhler | Firmware Engineer | Quantum Corporation | Office: 949.856.7748 | paul.suh...@quantum.com ---------------------------------------------------------------------- The information contained in this transmission may be confidential. Any disclosure, copying, or further distribution of confidential information is not permitted unless such privilege is explicitly granted in writing by Quantum. Quantum reserves the right to have electronic communications, including email and attachments, sent across its networks filtered through anti virus and spam software programs and retain such messages in order to comply with applicable data security and retention requirements. Quantum is not responsible for the proper and complete transmission of the substance of this communication or for any delay in its receipt.