I All,
i wrote an ActiveX using CryptoAPI to sign a simple textual
message.
I used the CryptSignMessage() function that returns a PKCS#7 object.
On the server side I got this message:
32327:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block
type is not 01:rsa_pk1.c:100:
32327:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check
failed:rsa_eay.c:404:
32327:error:21071069:PKCS7 routines:PKCS7_signatureVerify:signature
failure:pk7_doit.c:793:
using Peter Gutmann's dumpasn1 it seems a correct PKCS#7 object!
I've modified the rsa_eay.c to print the BigNumber of the signature
after the decryption object:
996F4D5B2A5FC47613301FB58206B8EC5E6DCE24AEBD9B4FC8F6EB163A3E57FDAAFB2BA088DEF850
5B25A3FBFD611A3270E1C3643E2BB90D91CA054F1BF090C7A0D6385D19089E2C495FCB82ACB2EEEB
FC78897C23C38C7B6B2F24DFCD253554755539DD810C3F0BFB491C06E650B45B1E9879CBA4880FBD
AF35B63596C3A763
This is not a PKCS#1 pagging????
static int RSA_eay_public_decrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding)
....
p=buf;
i=BN_bn2bin(&ret,p);
{
FILE *fp;
fp=fopen("/tmp/bn","wt");
BN_print_fp(fp,&ret);
fflush(fp);
fclose(fp);
}
switch (padding)
{
case RSA_PKCS1_PADDING:
r=RSA_padding_check_PKCS1_type_1(to,num,buf,i,num);
break;
.....
Using Netscape's signText() method the BigNumber si correct and the
signature
is verified.
1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFF003021300906052B0E03021A050004140C91053790AB305210485B468B9
E933464D105C9
I'M LOST
thanks.
--
FERDINANDO RICCHIUTI
Research & Development
CSP s.c. a r.l.
____________________________________________
Villa Gualino
Viale Settimo Severo, 63 - 10133 Torino [IT]
e-mail [EMAIL PROTECTED]
mob +39 (0)348 6023959
tel +39 (0)11 3165401
____________________________________________
S/MIME Cryptographic Signature
