> [[email protected] - Mon Aug 09 14:57:05 2010]: > > Hi Hanno, all, > > Thus wrote Hanno Boeck via RT ([email protected]): > > > openssl genrsa 2001 > test.key > > > openssl req -batch -new -x509 -sigopt rsa_padding_mode:pss -nodes > -days 99999 > > -key test.key> test.crt > > > openssl verify -check_ss_sig -CAfile test.crt test.crt > > I've had a quick look, the problem is that the saltlen encoded in the > certificate (==229) and the saltlen used for the calculations (==228) > are different. In RSA_padding_add_PKCS1_PSS_mgf1(), RSA_size(rsa) is > 250. In rsa_item_sign(), EVP_PKEY_size(pk) is 251. > > I can't take the ticket in the RT but I'm happy to progress this and > propose a patch. >
Thanks for the report and investigating this. I've checked the code and seen the pss salt length calculation isn't consistent in all cases. I've committed a fix. Let me know of any problems. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
