The same result with openssl-0.9.6k. Any idea why this error happens? regards -- Beat
On Wed, Mar 03, 2004 at 11:32:58PM +0100, Beat Jucker wrote: > I received an encrypted SMIME message. Within a script I decode and > verify the message. With one particular message decoding was no problem > but signature check gives an error (hpux-10.20, openssl-0.9.6b): > > 26371:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not > 01:rsa_pk1.c:100: > 26371:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check > failed:rsa_eay.c:430: > 26371:error:21071069:PKCS7 routines:PKCS7_signatureVerify:signature > failure:pk7_doit.c:802: > 26371:error:21075069:PKCS7 routines:PKCS7_verify:signature failure:pk7_smime.c:256: > > When I manually decode and verify the email there is no problem. > I analysed the decoded message: the original version containes <CR> > at the end of each line (which got deleted by the script because of the > EOL handling @ unix <CR><LF> --> <LF>): > > ---------------------------------------------------------------------- > Content-Type: application/x-pkcs7-mime; smime-type=signed-data; name=smime.p7s^M > Content-Transfer-Encoding: base64^M > Content-Disposition: attachment; filename=smime.p7s^M > Content-Description: S/MIME Cryptographic Signature^M > ^M > MIIL0wYJKoZIhvcNAQcCoIILxDCCC8ACAQExDjAMBggqhkiG9w0CBQUAMIIGkgYJKoZIhvcNAQcB^M > oIIGgwSCBn9Db250ZW50LVR5cGU6IHRleHQvcGxhaW4NCkNvbnRlbnQtVHJhbnNmZXItRW5jb2Rp^M > bmc6IHF1b3RlZC1wcmludGFibGUNCg0KVU5BOisuPyAnVU5CK1VOT0E6MStUUkVTSUFOQStFWlYr^M > MDQwMzAzOjE2NDgrMTE1Nzk5KysrKzArU0lTQUhQRUMnVU5IKzA3NjAvPQ0KMjA3NzQwK0NVU0RF^M > QzozJ0JHTSsrMjA3NzQwKysrMTEwLjUxLjk2MjYuMDA6MjozNDU0NydDU1QrKzE6U0MrMDpWQysw^M > ... > lWX9UqvfyB7NmTSPm49W7SWMs3YHrgRJ8XK1pVy6hMF6TX/nTAL5x1Kjk9AmIUaLPHu2c3DCokYU^M > qhxYhR9pdtRwM9CoIfz0z2FGl+9Z3AEZ1fdNR9YVcl1zNyR7x2jPuP3Z1cPEbet3iJ63HNzZLz/U^M > IJo8rOmfJTb+Ow== > ---------------------------------------------------------------------- > > Manually I can delete as many <CR> from this base64 body as I like > except one last <CR>: verification is still successful. When I delete > also the very last <CR> (it doesn't matter which one) I'll get > verification failure. > > In RFC2045 section "Base64 Content-Transfer-Encoding": All line breaks > or other characters not found in Table 1 must be ignored by decoding > software." > > In my opinion openssl should ignore all the <CR>. Is there a bug in > openssl or do I misunderstand the base64 specification? > > Thanks for any help > -- Beat ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
