EVP_VerifyFinal fail use RSA public key, openssl-1.0.0d, win32, vc2008sp1

Tue, 24 May 2011 08:24:26 -0700 

Hello,

EVP_VerifyFinal fail when use RSA public key, can anyone help?

 

I use openssl cmd line tool generate a key pair of RSA and store them to two
pem files.

And RSA_sign and RSA_verify work fine with the pem files.

To support large buffer , I change the code to work with EVP_Sign and
EVP_Verify, but the flow die on EVP_VerifyFinal invoke.

 

Error info:

4868:error:04091068:rsa routines:INT_RSA_VERIFY:bad
signature:.\crypto\rsa\rsa_sign.c:258:

 

Openssl version is openssl-1.0.0d.

 

code:

////////////////////////////////////////////////////////////////////////////
///////////////////////

BIO *pBio = NULL;

         RSA *rsa = NULL;

         pBio = BIO_new_file("rsa1024-private.pem","r");

         if(!pBio){

                   printf("read pem key file error.\n");

                   exit_1();

         }

         if(!PEM_read_bio_RSAPrivateKey(pBio, &rsa, NULL, NULL)){

                   printf("parse pem private key error. \n");

                   exit_1();

         }

 

         unsigned char out[200] = {0};

         unsigned int outlen = 200;

 

         EVP_PKEY* pkey=EVP_PKEY_new();

         EVP_PKEY_assign_RSA(pkey,rsa);

 

         int ret;

         EVP_MD_CTX md_ctx;

         EVP_MD_CTX_init(&md_ctx);

         ret=EVP_SignInit_ex(&md_ctx,EVP_sha1(), NULL);

         if(ret!=1){

                   printf("EVP_SignInit_ex error. \n");

                   exit_1();

         }

 

         ret=EVP_SignUpdate(&md_ctx,buf,inlen);

         if(ret!=1){

                   printf("EVP_SignUpdate error. \n");

                   exit_1();

         }

         

         ret=EVP_SignFinal(&md_ctx,out,&outlen,pkey);

         if(ret!=1){

                   printf("EVP_SignFinal error. \n");

                   exit_1();

         }

         

         BIO * pBio2 = BIO_new_file("rsa1024-public.pem","r");

         if(!pBio2) {

                   printf("read pem public key file error.\n");

                   exit_1();

         }

 

         RSA* rsa2 = NULL;

         if(!PEM_read_bio_RSA_PUBKEY(pBio2, &rsa2, NULL, NULL)) {

                   printf ("parse pem public key error. \n");

                   exit_1();

         }

 

         EVP_PKEY* pkey2=EVP_PKEY_new();

         ret = EVP_PKEY_assign_RSA(pkey2, rsa2);

         

         EVP_MD_CTX v_ctx;

         EVP_VerifyInit(&v_ctx, EVP_sha1());

         if(!EVP_VerifyUpdate(&v_ctx, out, outlen)){

                   printf("EVP_VerifyUpdate error. \n");

                   exit_1();

         }

         if(EVP_VerifyFinal(&v_ctx, out, outlen, pkey2)!=1){
====================================>here die

                   printf("verify by public key error. \n");

                   exit_1();

         }

Reply via email to