Op donderdag 24 februari 2005 om 12:33 uur schreef Manuel Sánchez Cuenca het
volgende:
> Hello all, I'm writting a C program to sign a char[] with the following
> code:
> ==========================================================
> FILE *pKeyFile = fopen("srv-key.pem", "r");
> RSA *rsa_key = NULL;
> rsa_key = PEM_read_RSAPrivateKey(pKeyFile, NULL, NULL, NULL);
> char firma_aux[256];
> int firma_aux_len;
> int ret = RSA_sign(NID_sha1WithRSA, message, 144, firma_aux,
> &firma_aux_len, rsa_key);
> ==========================================================
> and I get this error error:04075070:lib(4):func(117):reason(112).
>
> Can anybody tell me what it means?
openssl errstr 04075070
error:04075070:rsa routines:RSA_sign:digest too big for rsa key
You should give as second argument to RSA_sign the _digest_ of the
message (and its length as third argument). The sha1 digest will be 20
bytes in length.
Instead you have given a pointer to the message itself and its length
(presumably 144). RSA_sign complains because 144 isn't the digest length
for sha1.
So please first calculate the digest of the message, and feed this to
RSA_sign. And you might be better off using more higher level routines
in OpenSSL that can do this.
--
Marco Roeland
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
