Hi Kiran, > 00[LIB] key integrity tests failed: chect that exp1(150380) is d(150368) mod > (p(150344)-1), t=-1097449556 > 00[LIB] key integrity tests failed: checkt that exp2(150392) is d(150368) mod > (q(150356)-1), t=-1097449556
Seems like this key is definitely invalid. By definition in PKCS#1: exponent1 is d mod (p - 1) exponent2 is d mod (q - 1) But in your key, this is not the case. > is created with the openssl -engine cryptodev (OCF + h/w driver) option. Looks like a bug to me in your hardware or driver. > works fine for our SIP TLS This is absolutely possible, for example if it regenerates the exponents. Nonetheless, the key is not valid according to PKCS#1. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
