Hi, Thank you for your reply.
I know that DigestInfo structure is required to be compliant. But this is that problem! Your openssl method "RSA_eay_public_decrypt" return raw hash value during decryption rsa signature, not required DigestInfo structure!!!! Openssl is not correct! Question: Why your method "RSA_eay_public_decrypt" do not return DigestInfo structure, that is expecting? For input of this method are only 256 byte length valid signature for decryption and valid 2048bit public key with RSA algorithm. Martin Ficnar ASD Software -----Original Message----- From: Stephen Henson via RT [mailto:[email protected]] Sent: Wednesday, September 08, 2010 7:35 PM To: Ficnar Martin Cc: [email protected] Subject: [openssl.org #2334] BUG in verification RSA signature > [[email protected] - Wed Sep 08 17:52:34 2010]: > But in my problem case, method > return only decrypted raw hash value, for example: > - in success case return 35 bytes - ASN1 element, last 20 bytes is SHA1 > hash value: > 30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 87 7f 1b 4a b9 5d 30 07 > d5 05 8f 5c 3e c0 e9 b2 6d 44 73 29 > - in unsuccessful case return 20 bytes - raw SHA1 hash value > 49 ed e1 26 7f 1f d8 e6 1d fc 7f bb 1a 32 e0 f3 11 b4 c5 c6 > If I understand this correctly you're saying the raw hash is included in some cases. That is a standard violation, a DigestInfo structure is required to be compliant. OpenSSL is correct in rejecting that case. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
