Bug 1478639
Summary: | openssl generating 0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding based on internal data | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Neil Horman <nhorman> |
Component: | openssl | Assignee: | Tomas Mraz <tmraz> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 26 | CC: | tmraz |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2018-02-23 15:58:13 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Neil Horman
2017-08-05 12:00:37 UTC
It is extremely unlikely this would be an openssl bug - no RSA verification would work if the padding check was broken. You are most probably passing some incorrect data to the RSA_verify function. The public key should be OK (if the certificate is the right one). The public key extracts without error, I agree. that said, the error in RSA_padding_check_PKCS1_type_1, seems to stem from the validation of a field (specifically n), inside that key structure. Given that the RSA key is opaque as far as I know to my application (I extract it from the provided X509 cert using openssl functions), I'm not sure what I might be doing wrong. Is an application meant to pad an extracted key? No, the value that is checked is the signature value decrypted by the RSA public decryption operation. Which, in case the original data of the signature is incorrect, can contain basically anything. So the key can be OK and the invalid padding means the signature data is wrong. |