On Sun, 4 Jan 2009, Thomas Bader wrote: > Jan 3 23:09:26 valmar dkim-filter[952]: 3C9D8342EEEF SSL > error:04067069:rsa routines:RSA_EAY_PUBLIC_DECRYPT:pkcs1 padding too > short
Can you use the logs (i.e. grep for "3C9D8342EEEF") to figure out which public key was used to sign the message, or go look at the message if it's still there and give me the values of "d=" and "s="? I wonder if I can reproduce the problem just by knowing which key it is. The error would seem to indicate that there's a padding problem with the public key, not the signature or the header hash (which are the three inputs to the RSA verify function). Based on some reading just now after searching online for that error string, OpenSSL v0.9.8c and later include a test to thwart what they labeled a "PKCS #1 v1.5 signature attack", and this is the error returned when that attack is detected. http://marc.info/?l=openssl-cvs&m=115744474426944&w=2 That the message still succeeds verification would appear to contradict the code added by that patch. Right now I suspect the key being retrieved from the signing domain's DNS was either improperly encoded or improperly generated. However, just to be sure, I'd like to run a few examples through a debugger here to see if I have a problem with the DNS or base64 code in the filter. I need some sample data to be able to do so. I checked my own domain's logs and I've had no instances of that error for the last week, so I don't have any data to work with yet. Hopefully someone on this list can help me out. ------------------------------------------------------------------------------ _______________________________________________ dkim-milter-discuss mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/dkim-milter-discuss
