Hi,
A number can't be "bad" by itself. It is just a carrier of protocol
information during the mathematical computations. What really matters is
the sequence of bytes used by that protocol. This is why a "bad format"
error is returned.
Concerning PyCrypto, it doesn't use OpenSSL at all : for public key
algorithms like RSA and DSA, it uses LibTomCrypt internally in order to
implement the algorithms by hand. So, there must be a bug in their code.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 8/9/2010 11:26 AM, Georgi Guninski wrote:
hi,
On Mon, Aug 09, 2010 at 10:36:03AM +0200, Mounir IDRASSI wrote:
Hi,
Signature verification is done through a modular exponentiation
(using public exponent and modulus) that always leads to a result
even fur a bogus RSA modulus.
This result is checked against the PKCS#1 padding format. Since the
RSA private key is invalid, the output of this exponentiation is
different from DataToBeSigned used during certificate creation and
thus the code doesn't find the PKCS#1 padding block header.
So, the signature is bad because the decrypted signature has a bad format!
I hope this clarifies things to you.
ok. i expected a message "bad number" instead of "bad signature format"
You say at the end of your message that the private key was
generated by a python wrapper, certainly a wrapper of OpenSSL, but
in a previous message you are saying that you generated the key
yourself (pen and paper). Which statement is correct? Maybe your
wrapper wraps something else...
lol. the "pen/paper generation" was just humour.
this key was generated with pycrypto + some other pure python code for export to
your format. (the small prime was included on purpose).
i don't know if pycrypto depends on openssl (though it is not a
direct wrapper).
the cert was generated entirely by openssl.
the imports:
from Crypto.PublicKey import RSA
from Crypto.Util.number import inverse
import random
import sys
from Crypto.PublicKey import pubkey
from Crypto.Util import number
import crypto # utils
import Crypto
from fractions import gcd
from Crypto.Hash import MD5
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org