Yes, I have same output. If I understand well, signature is only RSA encrypted block with ASN1 encoded element with sha1 hash.
This invalid signature contained only raw sha1 hash value without ASN1 encoding. Method "RSA_eay_public_decrypt" only decrypt signature and do not any next formatting/encoding. Is that true? Signature was created with Java 1.6.0. But the most other signatures created by Java are correct. Do you know where problem is? Why only this certicate generate "invalid" signature in Java? Martin Ficnar ASD Software -----Original Message----- From: Stephen Henson via RT [mailto:[email protected]] This indicates there is a problem with the signature. If you do: openssl rsautl -verify -in test_signature.bin -pubin -inkey test_pubkey.pem -hexdump you see the 20 byte "signature": 0000 - 49 ed e1 26 7f 1f d8 e6-1d fc 7f bb 1a 32 e0 f3 I..&.........2.. 0010 - 11 b4 c5 c6 .... If you also do: openssl rsautl -verify -in test_signature.bin -pubin -inkey test_pubkey.pem -hexdump -raw You get the raw decrypted block with the original padding: 0000 - 00 01 ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0010 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0020 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0030 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0040 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0050 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0060 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0070 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0080 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 0090 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 00a0 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 00b0 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 00c0 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 00d0 - ff ff ff ff ff ff ff ff-ff ff ff ff ff ff ff ff ................ 00e0 - ff ff ff ff ff ff ff ff-ff ff ff 00 49 ed e1 26 ............I..& 00f0 - 7f 1f d8 e6 1d fc 7f bb-1a 32 e0 f3 11 b4 c5 c6 .........2...... As you can see there is no DigestInfo there at all and OpenSSL is returning the correct signed data. If this works with other software they may have a workaround to tolerate this broken format which OpenSSL doesn't. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
