Re: signature verif. error : data greater than mod len

Mon, 15 Sep 2003 20:09:41 -0700 

I believe the input signature to be verified should be binary, not
hexadecimal characters.  I would suspect that the 512 bytes of
hexadecimal characters are being treated as 512 * 8 = 4096 bits of
binary data.

                    - Ken

----- Original Message -----
From: "BP" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, September 15, 2003 6:18 AM
Subject: signature verif. error : data greater than mod len


> Hello,
>
> I use the following command to verify a signature :
>
> openssl rsautl -in d:/openssl/data/docs/signval.txt -inkey
> d:/openssl/data/pubk/certclient_pubk.pem -pubin -verify
>
> the signval.txt file contains 512 hexadecimal numbers
(a1dc8fd241df...),
> so the input signature has correct size of 2048 bits like the RSA
> private key.
>
> The public key is extracted from the certificate by the script :
openssl
> x509 -in $openssl_work/data/certs/$cert -inform PEM -pubkey -noout >
> $openssl_work/data/pubk/${name}_pubk.pem
>
> The error message I get when I verify signature with rsautl (either
with
> public key like here or with private key to test) :
>
> RSA operation error
> 2620:error:0406706C:rsa routines:RSA_EAY_PUBLIC_DECRYPT:data greater
> than mod le
> n:crypto/rsa/rsa_eay.c:522:
>
> I really have no clue of what happens.
>
> I use openssl 0.9.7b (OpenSSL 0.9.7b 10 Apr 2003) dlls compiled for
> Windows (I use Windows XP).
> Same error with 09/15 snapshot compiled under cygwin (OpenSSL
0.9.7c-dev
> xx XXX 2003).
>
> Thanks a lot for any idea, my work is due for tonight...
>
>
> Barbara Post
>
>
_____________________________________________________________________
> Envie de discuter en "live" avec vos amis ? Télécharger MSN
Messenger
> http://www.ifrance.com/_reloc/m la 1ère messagerie instantanée de
France
>
>
______________________________________________________________________
> OpenSSL Project
http://www.openssl.org
> User Support Mailing List
[EMAIL PROTECTED]
> Automated List Manager
[EMAIL PROTECTED]
>
>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to