On Wed, Nov 09, 2005, Antonio Ruiz Martnez wrote:
>
> The question is that I have received a PKCS#1 that claims to be
> compliant with PKCS#1 v2.1. With the openssl, with rsautl, I'm getting
> an error telling me that the object is too long....
> Then I have decrypted the information received and I have seen that its
> length it is 20 bytes, that is, a sha-1 digest. In PKCS#1 v1.5, it is
> not possible because we have to used the DigestInfo structure and that
> it is the reason because I'm getting the error with rsautl.
> Then, I have been reading the PKCS#1 v2.1 standard and the funtions
> RSASSA-PSS and RSASSA-PKCS1-V1_5 have and encoding function but RSASP1,
> RSAVP1 not. After reading it I'm not sure it is possible to put directly
> the hash and openssl is not fully compliant or I don't understand very
> well the standard.
>
Well there is support for PSS and OAEP from PKCS#1 v2.1 but it isn't fully
integrated into the API.
I'm assuming you've used the -verify option to rsautl and no other options to
change padding mode.
If it uses PSS and/or OAEP then you wouln't get that error instead you'd get a
padding check failure.
What I suspect you have is a non-standard PKCS#1 v1.5 which doesn't use the
expected DigestInfo but uses the raw digest instead.
If you want to confirm this you can use the -raw option and -hexdump.
If it has loads of 0XFF characters that will show its PKCS#1 v1.5.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage:
http://www.drh-consultancy.demon.co.uk______________________________________________________________________
OpenSSL Project
http://www.openssl.orgUser Support Mailing List
[hidden email]
Automated List Manager
[hidden email]
Locked
