On 5/22/2013 11:54 AM, Lavanya Sundararajan wrote:
I am Lavanya working for Mistral solution, I am using openssl code in our project, the function in pmeth_lib.c OBJ_bsearch_pmeth returns 0, May I know the possible reasons for it, In FIPS mode our product fails on RSA signature verification throwing out unsupported algorithm, while tracing the code I found the above mention function returns 0. Help me fixing this issue. I am using openssl-1.0.1e version.
That is simply the function that searches the list of registered/available signature methods, and it returns 0 because
the signature type you are trying to verify is not available. However you did not specify which kind of RSA signature you were trying to verify, and this makes all the difference when it comes to FIPS availability: 1. How many bits are your RSA public key (the modulus), this is also the number of bits in the signature. 2. Which hash algorithm (such as MD5 or SHA-256) is used by the signature you are trying to verify? 3. Which RSA padding scheme is used when converting the raw hash value into RSA input? For example are you using PKCS#1 v. 1.x padding, PSS (PKCS#1 v. 2.1), or one of the ISO 9796 schemes. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org