On Mon, Aug 09, 2010 at 10:36:03AM +0200, Mounir IDRASSI wrote:
>  Hi,
> Signature verification is done through a modular exponentiation
> (using public exponent and modulus) that always leads to a result
> even fur a bogus RSA modulus.
> This result is checked against the PKCS#1 padding format. Since the
> RSA private key is invalid, the output of this exponentiation is
> different from DataToBeSigned used during certificate creation and
> thus the code doesn't find the PKCS#1 padding block header.
> So, the signature is bad because the decrypted signature has a bad format!
> I hope this clarifies things to you.

ok. i expected a message "bad number" instead of "bad signature format"

> You say at the end of your message that the private key was
> generated by a python wrapper, certainly a wrapper of OpenSSL, but
> in a previous message you are saying that you generated the key
> yourself (pen and paper). Which statement is correct? Maybe your
> wrapper wraps something else...

lol. the "pen/paper generation" was just humour.

this key was generated with pycrypto + some other pure python code for export to
your format. (the small prime was included on purpose).

i don't know if pycrypto depends on openssl (though it is not a
 direct wrapper).

the cert was generated entirely by openssl.

the imports:

from Crypto.PublicKey import RSA
from Crypto.Util.number import inverse
import random
import sys
from Crypto.PublicKey import pubkey
from Crypto.Util import number
import crypto # utils
import Crypto
from fractions import gcd
from Crypto.Hash import MD5

OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to