On Tue, Feb 26, 2013 at 11:30:18PM +0530, Nayna Jain wrote:
> Both server and client authenticate each other. And so client also sends
> the certificate.
>
> Here client certificate has RSA 512 bits and md5. Server certificates has
> RSA 1024 bits and md5.
Bottom-line: DO NOT use 512-bit RSA moduli, they are trivially
factored on commodity hardware.
> Both server and client are using the API SSLv23_server_method() and
> SSLv23_client_method() respectively
>
> Opensssl version used is 1.0.1c.
>
> So, when I initiate the connection from client, I get this error "SSL
> negotiation failed: error:04075070:rsa routines:RSA_sign:digest too big for
> rsa key" on client side.
>
> Can someone please explain the reason for this error ?
http://archives.neohapsis.com/archives/postfix/2013-02/0235.html
The negotiated TLSv1.2 digest produces output that is too wide to be
signed with an RSA 512-bit private key. The client key should be
at least 1024-bits, and in many cases stronger.
It is arguably the case that OpenSSL should not present a client
certificate that cannot sign using the agreed digest. One approach
is for the client to not offer ciphersuites that are too wide for
its private key.
This said, DO NOT use 512-bit RSA keys. I'm puzzled by their apparent
popularity, why does your client have such a key?
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
