> From: [email protected] On Behalf Of Som M via RT
> Sent: Sunday, January 12, 2014 02:05
(reordered)
> On Sat, Jan 11, 2014 at 10:46 PM, [email protected] via RT <
> [email protected]> wrote:
>
> > I suspect there may be a discrepancy of the meaning of RSA_Size() on the
> > two implementations, possibly arising from ASN.1 encoding considerations.
> >
Nope. low-level RSA_* signatures and cryptograms are just numbers as bytes.
They are used sometimes in ASN.1 formats (like X.509 and PKCS#7) which get
padding and sometimes non-ASN.1 formats (like TLS/SSL and SSH) which don't.
> Yes, I suspected the same. But even though it returns 129, I prepended "00"
> to the hex string and sent it as argument to to RSA_verify.
>
But if they were, this wouldn't be any kind of fix. You shouldn't normally
be passing a hex string of anything to RSA_ primitives; they take binary
data as array of unsigned char.
> authMsgLen = RSA_size(rsa_pb);
> authMsgHexStr = "00" + authMsgHexStr;
>
> RSA_verify(NID_md5, digest, MD5_DIGEST_LENGTH,
> (unsigned char *)authMsgHexStr.c_str(), authMsgLen, rsa_pb)
>
> Here authMsgLen = 129 and authMsgHexStr has been prepended with "00"
> But still verification fails.
>
"00" is a C or C++ string of two chars or bytes, each containing the code
for the digit 0 which is 0x30 in ASCII(-derived) and 0xF0 in EBCDIC (rare).
The data used by RSA_* and similar, and also in ASN.1, is binary.
You would need something more like char zero[]={0}; std::string(zero,1).
RSA_size() of your key should be 128 everywhere, and it is for me in
both 0.9.8x and 1.0.1e on CentOS (using my own builds, not a package).
I suggest creating a test program or modifying yours so it only sets the key
and checks it -- no signature or verification of data at all. I.e.
> > > BN_dec2bn( &(rsa_pb->n), evc40_lg_n);
> > > BN_dec2bn( &(rsa_pb->e), evc40_lg_e);
then
printf ("RSA_size=%d top=%d(bits=%d?) n[0]~=%x n[top-1]~=%x\n",
RSA_size (rsa_pb), rsa_pb->n->top, (int)sizeof(rsa_pb->n->d[0])*CHAR_BIT,
(unsigned)rsa_pb->n->d[0], (unsigned)rsa_pb->n->d[rsa->n->top-1]);
should produce
RSA_size=128 top=32(bits=32?) n[0]~=410aa2a9 n[top-1]~=dd626d4c
on all 32-bit versions/systems and different but still consistent on 64-bit.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
