Date: Fri, 5 May 2000 20:10:27 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Steve Price <sprice@hiwaay.net> Cc: current@freebsd.org Subject: Re: RSA decrypt problems Message-ID: <Pine.BSF.4.21.0005052004240.24050-100000@freefall.freebsd.org> In-Reply-To: <Pine.OSF.4.21.0005052044380.19519-100000@fly.HiWAAY.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 5 May 2000, Steve Price wrote:
> [Fri May 5 20:46:19 2000] [error] OpenSSL: error:1E06D401:RSAref
> routines:func(109) :reason(1025)
You can interpret these error codes by looking up the defines in
<openssl/rsaref.h> - for example, these two are:
#define RSAREF_F_RSA_REF_PRIVATE_DECRYPT 109
#define RSAREF_R_DATA 0x0401
which doesn't tell you much in itself. However:
> Doing 2048 bit private rsa's for 10s: RSA private encrypt failure
> 14674:error:1E065406:RSAref routines:func(101)
> :reason(1030):/usr/src/secure/lib/librsausa/../../../crypto/openssl/crypto/../rsaref/rsaref.c:125:
> 14674:error:1E065406:RSAref routines:func(101)
> :reason(1030):/usr/src/secure/lib/librsausa/../../../crypto/openssl/crypto/../rsaref/rsaref.c:125:
> 1 2048 bit private RSA's in 0.00s
#define RSAREF_F_RSAREF_BN2BIN 101
#define RSAREF_R_LEN 0x0406
RSARef can't handle keys > 1024 bits long. This is a design limitation
which the license forbids us from fixing.
Does your webserver use a long key?
Kris
----
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0005052004240.24050-100000>