On Mon, Jun 29, 2009, Chris Bare wrote: > I'm trying to verify a CMS signedData that I get from a server. As far as I > know, what the server is sending is correct, but I get this error: > > error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not > 01 > error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed > error:2E09A09E:CMS routines:CMS_SignerInfo_verify_content:verification failure > error:2E09D06D:CMS routines:CMS_verify:content verify error > > If I pass the CMS_NO_CONTENT_VERIFY flag to CMS_verify, of course I don't get > the error. > > Any suggestions on how to track this down?
The cause of that is a failure of the signature verification operation, but it isn't down to the content not matching the signature or digest it is an invalid signature. This suggests the signature is either corrupt or the wrong public key is being used to verify it. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
