Hi,
I'd like to report a bug in the TRSAEncSign component.
You can reproduce it with your own CryptoDemo:
The Verify button triggers the "Invalid Operation : -316" error.
Any idea to fix?
Thank you.
The Verify button triggers the "Invalid Operation : -316" error.
Any idea to fix?
Hi, there seem to be a padding or conversion issue with this mode (PKCS 1.5 is fine). I need to investigate and will get back to you.
OK, here is the issue and the fix.
In a recent cleanup, I forgot a couple of things and a value is not copied in RSA PSS verification.
If you open up RSACore.pas, then look for PSSDepadding, you'll find this, circa line 1815:
if messageLength > MAXINTBASE8 - 1 then begin
for I := 0 to messageLength - 1 do
messageInv[I] := PSSmessage[I]; // THIS NEVER HAPPENS, then the computed hash is incorrect
end;
Then you have 2 options:
- change the '>' sign into a '<' sign and you are done
- delete these lines, delete 'messageInv' in the 'var' section and replace it by 'PSSmessage' in the rest of the function (where the compiler complains!)
I forgot do to the latter in the cleanup, my mistake.
You should then be fine with RSA PSS. RSA PKCS looks good.
1 Like
Yes, this fixed the issue. Thank you!
BTW another suggestion: please add HashStream in addition to HashFile to the different SHAx components. I added one myself, but it would be a great addition to the base component.
Perfect. The fix has been uploaded and will be issued in version 5.0.9.9, either today or tomorrow.
Feel free to send some code and/or suggestions for improvements.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.