is the certificate at
(with the malformed key) *syntactically* correct modulo the bad self signature?

with 1.0.0a
~/local/bin/openssl verify -check_ss_sig -CAfile /tmp/CA-P.cert /tmp/CA-P.cert 

/tmp/CA-P.cert: CN = CA
error 7 at 0 depth lookup:certificate signature failure
routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:100:
139828504536744:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding 
check failed:rsa_eay.c:699:
139828504536744:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP 

echo $?

i would expect an error about bad self signature, not format stuff.

the private key was generated by a python wrapper, the cert was generated with 
ubuntu's 0.9.8k 25 Mar 2009

On Sun, Aug 08, 2010 at 03:21:34PM +0200, Mounir IDRASSI wrote:
OpenSSL Project                       
Development Mailing List             
Automated List Manager                 

Reply via email to