hi,
On Mon, Aug 09, 2010 at 10:36:03AM +0200, Mounir IDRASSI wrote: > Hi, > > Signature verification is done through a modular exponentiation > (using public exponent and modulus) that always leads to a result > even fur a bogus RSA modulus. > This result is checked against the PKCS#1 padding format. Since the > RSA private key is invalid, the output of this exponentiation is > different from DataToBeSigned used during certificate creation and > thus the code doesn't find the PKCS#1 padding block header. > So, the signature is bad because the decrypted signature has a bad format! > I hope this clarifies things to you. > ok. i expected a message "bad number" instead of "bad signature format" > You say at the end of your message that the private key was > generated by a python wrapper, certainly a wrapper of OpenSSL, but > in a previous message you are saying that you generated the key > yourself (pen and paper). Which statement is correct? Maybe your > wrapper wraps something else... > lol. the "pen/paper generation" was just humour. this key was generated with pycrypto + some other pure python code for export to your format. (the small prime was included on purpose). i don't know if pycrypto depends on openssl (though it is not a direct wrapper). the cert was generated entirely by openssl. the imports: from Crypto.PublicKey import RSA from Crypto.Util.number import inverse import random import sys from Crypto.PublicKey import pubkey from Crypto.Util import number import crypto # utils import Crypto from fractions import gcd from Crypto.Hash import MD5 ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org