2

I am trying to sign a file directly (not computing any hashes) with openssl pkeyutl using a DSA key, and the man page says that the input should be truncated in case it is larger than the expected hash size. However, when I run the command 

$ openssl pkeyutl -sign -inkey myDSAkey.pem -in file -out file.sign

i get the following message after entering my password : 

Public Key operation error

The error does not happen with files smaller than 20 bytes. I am running OpenSSL 1.1.0g

Thanks in advance for your help!

aurorca
  • 31
  • 4
  • I'm surprised you say no error for too-small file. There is a code change in crypto/dsa/dsa_pmeth.c in 1.1.0 which should cause errors for too-big _or_ too-small, and does so for me; this is reverted for the default case in 1.1.0i (and 1.1.1-pre9), see https://github.com/openssl/openssl/commit/665d9d1c0655d6f709c99e1211c1e11fcebfeecd#diff-436d89ea2301fcd5383c0a8a6ca221b4 – dave_thompson_085 Nov 08 '18 at 14:18
  • Thanks a lot! I'll try to update openssl then – aurorca Nov 08 '18 at 14:38

1 Answers1

0

I have the same problem, but only when I use more than 245 characters.

Solution: Do not use more than 245 characters.

ouflak
  • 2,458
  • 10
  • 44
  • 49
Armando Carvajal
  • 1
  • 1