signature verification with EVP_VerifyFinal fails

Previous Topic Next Topic
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

signature verification with EVP_VerifyFinal fails

Antonio Araujo
hi friends of openssl,
i am working with smart card to authenticate users to
get access my application. the steps to authenticate a
user are these:

i) creating a random piece of information inside smart
card (through PKCS#11)

ii) signing the previous piece of information with
private key stored inside the card (previously created
through PKCS#11)

iii) sending the piece of information to the app

iv) getting the public key (stored in app's database)
associate to private key (stored in smart card)

v) calling the functions:
EVP_VerifyInit_ex(&mdctx, EVP_sha1(), 0)
EVP_VerifyUpdate(&mdctx, data, dataLen)
EVP_VerifyFinal(&mdctx,sig, sLen,pkey)

vi) if (EVP_VerifyFinal ==1)
signature of random data was verified, so the user is

vii) else: authentication process fails

everything looks fine, but in some cases i get the
following error:


lib(4) is associate to rsa functions
func(103) is function RSA_F_RSA_EAY_PUBLIC_DECRYPT
reason(114) is associate to RSA_R_PADDING_CHECK_FAILED

could anyone help me to find out what is wrong please?

this error does not appear all time; it appears with
some cards.

thanks for your help,

antonio araujo

Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¬°gratis!
Reg√≠strate ya - 
OpenSSL Project                       
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]