as3-crypto icon indicating copy to clipboard operation
as3-crypto copied to clipboard

Published 20 hours ago verified publisher icon timkurvers

RSAKey verify error

Open bcessa opened this issue 13 years ago • 2 comments

Hi, I'm trying to use this library for basic cryptographic operations but can't manage to run RSA verifications properly, I keep getting the following error message:

PKCS#1 unpad: i=0, expected b[i]==1, got b[i]=9f
Error: Decrypt error - padding function returned null!
    at com.hurlant.crypto.rsa::RSAKey/_decrypt()[/com/hurlant/crypto/rsa/RSAKey.as:137]
    at com.hurlant.crypto.rsa::RSAKey/verify()[/com/hurlant/crypto/rsa/RSAKey.as:99]

I'm trying to run the verification on the following content:

Bvl2cDgjkMqbGtC5GwG7bYdS6Zi07QVvg+7gtBIyar1i38xRbTAFVjwhYbgJ4PQu
mwOIDpyx34lgRXsuYR8Kr8CrRNm1eDeX+f1fqKtLNlaRG5eP3jc38J10hvSOMdSl
r6uHEZWcjPDwi9Fr+3bRwxHq4rP1jO1tqHTp0qNZuGE59VX8C9fm6KKp4aZTg8ZL
uUIzUxuCo3D896d45xZaI+PnKousdbLrN/N5Uycg1kasmrCeNXhL/s/cS/LpAsTg
an9S/bTdA5gRWDRq6A0LlFZ2jeKOQ/A11gLZwdX8LuLRix//rfoOsgpGiLWXj6BQ
PHjXQt4AoItdOqWFPzMi/Cm2ighdc5dkgm1IJ46rDUCKz8sMBXvNWaIWmqK58IId
g9ExSLHcw7sR9/n8m6E6O/exgAoduxRQYDJjoY9fOT3HqLUQCPQPx0nGQVeBKy1G
iSh3O8/kD7CjidoNnqScmGLfmczBsnD1Zxh+oIfbnCJFpG6wib952EU98ABTtc52
sqNuMDYWbpZmsEKKSlq5xorIrj9iVnLedSEBbuFCO9uX26bKmuYuRokrelurPON3
Y8PvpkqWEtqYJYgzmz6SSEDjubRnqoYgxqRFavYHTZ/var6AiiCTYKWO+TkcgkjP
j9lwD5WWXVNnpvkxU7MEicqRmZNE4j4C8IzEsfFJEgA=

Using the following PEM public key:

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEA+K7g3+DAbco6Ho6X3WrY
OGsHbG/SpG5khE9Lmisyepq7yhie5ESByfBLamlXdmcQtgEBW1V+Zri+m25Ls6Db
OTFvu8OeUNNXBf5KMXkKMuOBFuKCYZmNGG8jg5Jh1zKkfA8Mvgd73mEjDgl+Yh6T
WTy35sxt/+n+JEZSLSb072Ea/LtYp3aqC0OyNy/xx0R4CeRRtTxSSc0q6shiCAjs
ukqeonaZwqsnIssXOHwcwRUU78WPlaIq7eU4DxmTZCYER/2Zflf9hRidzFM7x/xy
HE026raRUjIjnSuaitsvj3Tn6tp4k+vQSEeFuOKqvbQvhS51iLKzpErbycD8L1fi
AxxVUaal2/pGPvSdLHxORG9tGkKrDfq/KWOwBcL9bIQGdz6cmSDdzin7sFvSOmjY
zcfqhPS1BOTqAurbUNm7ji+N/aKcN8F2DiNxr7Cv4z6Jlzft0hK/F8fbS4AVE5iv
OLyiYYiipvhp72V7cDJeQG5YdcWeorSwFQV/YAL3U78Nk8w77QfwAsHWOK1pEnV1
WRDXIUL0QaykRBXPp+17s0C3TjFcckPtGSCtXuBl2+cDx1ObvQi/tQvDSSxetm+M
LZchCK1vs71jnBt2CuzjdY1AsoqdB4wr766E9d2ttNNJWHRn3a8u3KtkYUhWvBih
O+3SCe40G3ItVjlpEnirocECAwEAAQ==
-----END PUBLIC KEY-----

I proceed with:

// keycontents is directly the file content of the public key above
var publicKey : RSAKey = PEM.readRSAPublicKey( keycontents );
var src : ByteArray = Base64.decodeToByteArray( contents.text );
var holder : ByteArray = new ByteArray();
var publicKey.verify( src, holder, src.length );

Running the verification process with OpenSSL 1.0.0e works just fine, I also create the key pair with the same openssl installation.

Any help is deeply appreciated. Best regards, Ben

bcessa avatar Sep 03 '12 17:09 bcessa

Hi Ben, thanks for reporting the issue! This looks surprisingly similar to a few reports I've seen on the original repo at Google Code. Will take a look at it shortly, baring in mind that I am no cryptography expert. It may take a couple of days, due to a development environment overhaul.

Quick update: This seems to be related.

timkurvers avatar Sep 04 '12 22:09 timkurvers

i really wish this would have been solved by now :(

kibotu avatar Sep 17 '14 08:09 kibotu