signature verification with EVP_VerifyFinal fails

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

signature verification with EVP_VerifyFinal fails

Antonio Araujo
hi friends of openssl,
i am working with smart card to authenticate users to
get access my application. the steps to authenticate a
user are these:

i) creating a random piece of information inside smart
card (through PKCS#11)

ii) signing the previous piece of information with
private key stored inside the card (previously created
through PKCS#11)

iii) sending the piece of information to the app

iv) getting the public key (stored in app's database)
associate to private key (stored in smart card)

v) calling the functions:
EVP_VerifyInit_ex(&mdctx, EVP_sha1(), 0)
EVP_VerifyUpdate(&mdctx, data, dataLen)
EVP_VerifyFinal(&mdctx,sig, sLen,pkey)

vi) if (EVP_VerifyFinal ==1)
signature of random data was verified, so the user is
authenticated.

vii) else: authentication process fails


everything looks fine, but in some cases i get the
following error:

error:04067072:lib(4):func(103):reason(114)

lib(4) is associate to rsa functions
func(103) is function RSA_F_RSA_EAY_PUBLIC_DECRYPT
reason(114) is associate to RSA_R_PADDING_CHECK_FAILED


could anyone help me to find out what is wrong please?

this error does not appear all time; it appears with
some cards.

thanks for your help,

antonio araujo








__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¬°gratis!
Reg√≠strate ya - http://correo.espanol.yahoo.com/ 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]