Hi, > > I have forwarded this message to the OpenSSL group as well, maybe somebody > > else can give me some good advice too. For people reading this, there was a > > conversation going on before. I have troubles verifying a key using the > > OpenSSL library. The RSA_public_decrypt() function returns an error about > > padding, while I think this function (a) should not know anything about > > padding, > > let me repeat it, it should. It expects padded-hash after applying > public key to signature value. It will extract message hash (yes, any > 160-bit value) from padded-hash. Padded-hash structure is defined > by PKCS1 and it cant be of any value.
Ok, I think I understood you wrong there, I am not trying to be stubborn :). So, let me try to understand this. The private_encrypt() function applies padding, because the hash is 160 bits long and RSA will only encrypt packets of 1024 bits (key length is 1024, is this a coincidence? Sorry, newbie question, but I'd like to confirm :)). The result is a 1024 bits long buffer with the encrypted data. The corresponding public_decrypt() function decrypts the 1024 bits long buffer, which again results in the hash with padding. The next thing is then that the public_decrypt() functions removes the padding before returning the data again? In this case it does make sense. Although semantically I would think that encrypting/decrypting and padding/unpadding are different things that should be done in seperate steps. Is this about right? > > 1) In the sign() function, an MD5 hash is created from the data, then the > > hash is padded from 160 bits to 1023 bits (wasn't 1024?), and encrypted with > > a private key. This is all in one go and is done in the Perl library. I made a mistake here, I use RIPEMD160 for the hash, not MD5. Hence the 160 bytes. If this is not a known bug in OpenSSL, then the problem must be in my own software :). So, I am currently checking this, and rewriting part of my software to be more modular (i.e. split functions in smaller grained functionalities, which makes it easier to detect errors). Thanks! PeterV ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
