On Tue, Nov 29, 2005, john guerrero wrote: > hi steve, > > ok, i tried: > openssl rsautl -verify -in sigfile -pubin -inkey public.pem -asn1parse > > and got: > RSA operation error > 15946:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block > type is not 01:rsa_pk1.c:100: > 15946:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check > failed:rsa_eay.c:580: > > i'm interpreting this to be the "invalid block type" that you mentioned > earlier...so it's either a corrupted signature or else it was signed > with a different key. i got this same error when trying both keys that > i have. > > is my understanding correct? >
Those are by far the most likely possibilities. There is an outside chance that its a bug in OpenSSL which produces an invalid signature or causes the verify to fail. If you are pretty sure it was signed with one of those keys then you can check that out by attempting to sign the data again using each key and comparing the signature to the original. If you get a match then its an OpenSSL bug. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
