|
The problem you are running into (probably) is that an RSA key cannot
encrypt data that is larger than the key size. In your case, a 64 bit RSA key
would not be able to encrypt the signature hash since the hash is 128 bits
long.
As a security point, RSA keys less than 512 bits are generally considered
to be insufficiently secure (64 bits would be incredibly
weak).
-lee
Can anybody tell me how to create a certificate which key size is less
than 1024?
C:\test\openssl\out32dll>openssl genrsa -out lsg1.key
64
Loading 'screen' into random state - done
warning, not much extra
random data, consider using the -rand option
Generating RSA private key, 64
bit long
modulus
..+++++++++++++++++++++++++++
.+++++++++++++++++++++++++++
e
is 65537 (0x10001)
C:\test\openssl\out32dll>openssl req -new -x509 -days 365 -key
lsg1.key -out lsg
1.crt
Using configuration from openssl.cnf
You are
about to be asked to enter information that will be incorporated
into your
certificate request.
What you are about to enter is what is called a
Distinguished Name or a DN.
There are quite a few fields but you can leave
some blank
For some fields there will be a default value,
If you enter
'.', the field will be left blank.
-----
Country Name (2 letter code)
[AU]:ca
State or Province Name (full name) [Some-State]:dkdk
Locality
Name (eg, city) []:dldld
Organization Name (eg, company) [Internet Widgits
Pty Ltd]:dkkd
Organizational Unit Name (eg, section) []:kdkd
Common Name
(eg, YOUR name) []:dkkdkd
Email Address
[]:kdkdkdkd
4293375799:error:04075070:rsa routines:RSA_sign:digest too big
for rsa key:.\cry
pto\rsa\rsa_sign.c:114:
4293375799:error:0D072006:asn1
encoding routines:ASN1_sign:bad get asn1 object
c
all:.\crypto\asn1\a_sign.c:129:
|
