Hi,

A number can't be "bad" by itself. It is just a carrier of protocol information during the mathematical computations. What really matters is the sequence of bytes used by that protocol. This is why a "bad format" error is returned.

Concerning PyCrypto, it doesn't use OpenSSL at all : for public key algorithms like RSA and DSA, it uses LibTomCrypt internally in order to implement the algorithms by hand. So, there must be a bug in their code.

Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr

On 8/9/2010 11:26 AM, Georgi Guninski wrote:
hi,


On Mon, Aug 09, 2010 at 10:36:03AM +0200, Mounir IDRASSI wrote:
  Hi,

Signature verification is done through a modular exponentiation
(using public exponent and modulus) that always leads to a result
even fur a bogus RSA modulus.
This result is checked against the PKCS#1 padding format. Since the
RSA private key is invalid, the output of this exponentiation is
different from DataToBeSigned used during certificate creation and
thus the code doesn't find the PKCS#1 padding block header.
So, the signature is bad because the decrypted signature has a bad format!
I hope this clarifies things to you.

ok. i expected a message "bad number" instead of "bad signature format"


You say at the end of your message that the private key was
generated by a python wrapper, certainly a wrapper of OpenSSL, but
in a previous message you are saying that you generated the key
yourself (pen and paper). Which statement is correct? Maybe your
wrapper wraps something else...

lol. the "pen/paper generation" was just humour.

this key was generated with pycrypto + some other pure python code for export to
your format. (the small prime was included on purpose).

i don't know if pycrypto depends on openssl (though it is not a
  direct wrapper).

the cert was generated entirely by openssl.


the imports:

from Crypto.PublicKey import RSA
from Crypto.Util.number import inverse
import random
import sys
from Crypto.PublicKey import pubkey
from Crypto.Util import number
import crypto # utils
import Crypto
from fractions import gcd
from Crypto.Hash import MD5


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to