Fails on verifying signature - RSA_padding_check_PKCS1_type_1:invalid padding

Thu Feb 13 18:46:32 UTC 2020

If you generated a keypair in a smartcard, how did you extract the private key out of it??? The whole point of a smartcard is to prevent that from being possible.

So, like Ken suggested, I’ve no idea where the private key you posted was coming from – but reasonably sure it has no relation to what’s in the smartcard.

To use keys on the smartcard, you need libp11 package, something like (my test-script uses RSA-PSS, but that doesn’t matter – adjust the OpenSSL parameters):

$ pkcs11-rsa-pss-sign-demo2

This is not a CAC

Generating ephemeral file /tmp/derive.20560.text to test RSA-PSS signature...

openssl rand -engine rdrand -hex -out /tmp/derive.20560.text 5120

engine "rdrand" set.

Signing file /tmp/derive.20560.text...

openssl dgst -engine pkcs11 -keyform engine -sign "pkcs11:manufacturer=piv_II;object=SIGN%20key;type=private" -sha384 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -out /tmp/derive.20560.text.sig /tmp/derive.20560.text

engine "pkcs11" set.

Enter PKCS#11 token PIN for XXXXXXXXXXXX:

Signature for /tmp/derive.20560.text is stored in /tmp/derive.20560.text.sig

Verifying signature:

openssl dgst -engine pkcs11 -keyform engine -verify "pkcs11:manufacturer=piv_II;object=SIGN%20pubkey;type=public" -sha384 -sigopt rsa_padding_mode:pss -sigopt rsa_pss_saltlen:-1 -signature /tmp/derive.20560.text.sig  /tmp/derive.20560.text

engine "pkcs11" set.

Verified OK

$

IMHO, it is a bad idea to use “rsautl” here – better to follow my example above. But if you must – here it is:

$ openssl rand -hex -out /tmp/t.text 24

$ openssl rsautl -engine pkcs11 -keyform engine -sign -inkey "pkcs11:manufacturer=piv_II;object=SIGN%20key;type=private" -in /tmp/t.text -out /tmp/t.text.sig

engine "pkcs11" set.

Enter PKCS#11 token PIN for Blumenthal, Uri (UR20980):

$ openssl rsautl -engine pkcs11 -keyform engine -pubin -verify -inkey "pkcs11:manufacturer=piv_II;object=SIGN%20pubkey;type=public" -in /tmp/t.text.sig 

engine "pkcs11" set.

c0e78791e0eb900eb36436da9cd4dcf85619c61a486e4b03

$ cat /tmp/t.text

c0e78791e0eb900eb36436da9cd4dcf85619c61a486e4b03

$

From: openssl-users <openssl-users-bounces at openssl.org> on behalf of Pedro Lopes <pedroterrosolopes at gmail.com>
Date: Thursday, February 13, 2020 at 12:40 PM
To: openssl-users <openssl-users at openssl.org>
Subject: Fails on verifying signature - RSA_padding_check_PKCS1_type_1:invalid padding

Hello, 

I'm generating a key pair in a smartcard (as a session object), then I convert both keys to RSA openssl objects.

Then I save both into different files.

I tried use these keys to sign and verify (private encrypts and public decrypts).

When I try to verify the signature, fails with RSA_padding_check_PKCS1_type_1:invalid padding.

I run following commands:
echo "test" > "test.txt"
openssl rsautl -sign -in test.txt -inkey privKey.pem -out sig
openssl rsautl -verify -in sig -inkey pubKeyp8.pem -pubin

Below pub and priv key:

Could you please help me with this?
Thanks in advance.

-- 

Regards, 

Pedro Lopes

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200213/cfda22e6/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5249 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20200213/cfda22e6/attachment.bin>