The usual cause of a padding error is that the private key used to sign
does not correspond to the public key used to verify.
That is, unless you're a newbie to crypto. In that case the error is
that you're passing the length of an encrypted blob using strlen().
The way I typically debug is to do a raw public key operation and trace
the result.
On 8/16/2013 4:09 PM, Thomas J Pinkl wrote:
I'm using OpenSSL 1.0.1e and attempting to use the EVP_DigestSign*() and
EVP_DigestVerify*() functions from within my C code. I am able to
produce a digital signature using EVP_DigestSignInit(),
EVP_DigestSignUpdate(), and EVP_DigestSignFinal(). However, when I use
the corresponding EVP_DigestVerify*() functions, EVP_DigestVerifyFinal()
fails with:
139731000714920:error:0407006A:rsa routines:
RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:100:
139731000714920:error:04067072:rsa routines:
RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:721:
I've tried the EVP_Digest{Sign,Verify}Init() functions both with and
without a EVP_PKEY_CTX pointer. When the EVP_PKEY_CTX pointer was
provided, a variety of padding options have been tried, including
RSA_PKCS1_PADDING.
If anyone can provide some guidance on this, I would appreciate it.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
