Hello, > I have attempted to ensure that both the modulus and signature are 128 bytes > long but I still cannot get this to work correctly. Below is a sample of xml > showing my KeyInfo. The Modulus is 172 characters long which I believe is > correct: > > <KeyInfo> > <KeyValue> > <RSAKeyValue> > > <Modulus>1RjaCKAG09orRlqo9U4SCt1ozqKhYNjzQR5Jn622GelJOmSpIYPN5sXQ1urfYvuIBkF > wm/H0gBDY94TxagtZwIpm/57dGq3 > k6OJADZpnaRFwuPE8+82Q/qMK8ZxrFhGJhWPBnq/Y3LlTKeon9yurOKle3J0FsOx1ePE3ojkv+WU > = > </Modulus> > <Exponent>AQAB > </Exponent> > </RSAKeyValue> > </KeyValue> > </KeyInfo> > > The SignatureValue itself is also 172 characters long. > > I am still confused about the exact sequence of steps I need to take once I > have Base64 decoded the response into the raw xml such as that above. I am > not certain I am extracting and preparing my modulus correctly before > passing it to RSA_verify or indeed extracting the SignatureValue properly. > For example should I be Base64 decoding any of these values first? You should decode base64 modulus and exponent, then convert this values to big numbers (BN) and properly set RSA structure. Then RSA structure may be passed to RSA_verify. First of all, you should build proper RSA structure from modulus and exponent. You may also use some other tools to convert this two values to public asn1 encoded key (like perl) end check your signature with openssl binary.
Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
