Why my program cannot sign/verify correctly when the signature is less than 64

[wang haoyu]

        Recently, I began to work on OpenSSL program. When I
try to sign/verify a file with RSA algarism, my
program shows some strange fault.
        The OpenSSl I worked on is version 0.97d.
        I read the file into a buffer and call EVP_SignUpdate
function repeatedly as below: 
                const int SIG_STEP = 5; // means the buffer size
which I read the file content into
…….
        // Do the signature
        EVP_SignInit   (&md_ctx, EVP_sha1());

        while (!endflag){
                read_count = fread( buffer, sizeof(char), SIG_STEP,
appfile );
                if( read_count != SIG_STEP ) { 
                        if(ferror(appfile) == 0) {
                                printf( "fread error\n" );
                                return 1;
                        } else if(feof(appfile) != 0) {
                                printf("reach the end\n");
                                EVP_SignUpdate (&md_ctx, buffer, strlen(buffer));
                                endflag = true;
                        }
                }else
                        EVP_SignUpdate (&md_ctx, buffer, strlen(buffer));

        endflag = true;
        }

        sig_len = sizeof(sig_buf);
        err = EVP_SignFinal (&md_ctx, (unsigned char
*)sig_buf, &sig_len, pkey);
        ……
and then I verify it as below:
        ……
        while (!endflag) {
                if(ftell(sigedfile) < (endpos - 64 - (SIG_STEP -
1)))    //SIG_STEP-1 means that the step length buffer
will read
                        read_count = fread( buffer, sizeof(char), SIG_STEP,
sigedfile );
                else {
                        read_count = fread( buffer, sizeof(char), (endpos -
64 - ftell(sigedfile) + 1), sigedfile);
                        endflag = true;
                }

                if( read_count != SIG_STEP ) {
                        if(ferror(sigedfile) == 0) {
                                printf( "file read error\n" );
                                return 1;
                        } else if(feof(sigedfile) != 0) {
                                printf("reach the end\n");
                                EVP_VerifyUpdate (&md_ctx, buffer,
strlen((char*)buffer));
                                fwrite(buffer, sizeof(char), read_count, appfile);
                                endflag = true;
                        }
                } else {
                        EVP_VerifyUpdate (&md_ctx, buffer,
strlen((char*)buffer));
                        fwrite(buffer, sizeof(char), read_count, appfile);
                }
}

err = EVP_VerifyFinal (&md_ctx, (unsigned char
*)signature, sig_len, pkey);
……..
        
        When I change the SIG_STEP to different value, and
run the program again, I get the signature with
different length. 
        My problem is when the signature length less than 64,
the verification will fail. But it really works well
when the signature is 64 byte long.
        Is there anyone have some idea about this? Please let
me know, thanks for your help

Regards,
sleepy


_________________________________________________________
Do You Yahoo!? 
嫌邮箱太小？雅虎电邮自助扩容！
http://cn.rd.yahoo.com/mail_cn/tag/10m/*http://cn.mail.yahoo.com/event/10m.html
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]