Crypto.PublicKey.RSA.error: Plaintext too large

[Ajay Brar]

hi!

I am getting an error - Crypto.PublicKey.RSA.error: Plaintext too large
- when verifying the signature of a document.
What i am doing is - the document and the signature are downloaded off
the net, my verify script then connects to a server and obtains a public
key. It then uses the public key to verify the signature.
The whole thing works fine when i do the same thing in the interactive
interpreter. Its only when i download the files and obtain the public
key from the server and then verify, that i get the above error.

any suggesstions...ideas???

cheers

--
Ajay Brar
CS Honours 2004
Smart Internet Technology Research Group

http://www.it.usyd.edu.au/~abrar1

 

[Peter Hansen]

I am getting an error - Crypto.PublicKey.RSA.error: Plaintext too large
- when verifying the signature of a document.
What i am doing is - the document and the signature are downloaded off
the net, my verify script then connects to a server and obtains a public
key. It then uses the public key to verify the signature.
The whole thing works fine when i do the same thing in the interactive
interpreter. Its only when i download the files and obtain the public
key from the server and then verify, that i get the above error.

any suggesstions...ideas???

Carriage Return/Line Feed problems? Or trailing newline problems?

-Peter

 

[Ajay Brar]

Carriage Return/Line Feed problems? Or trailing newline problems?

thats what i am going to investigate now. But even if there were
trailing newline or carriage return characters, shouldn't the verify
return false instead of giving the error.
cheers

-Peter

--
Ajay Brar
CS Honours 2004
Smart Internet Technology Research Group

http://www.it.usyd.edu.au/~abrar1

 

[Peter Hansen]

thats what i am going to investigate now. But even if there were
trailing newline or carriage return characters, shouldn't the verify
return false instead of giving the error.

I couldn't say, not having used that particular API. What does
the documentation say it should do? Always return just True or
False? Does it not make reference to this type of error?

-Peter

 

[Ajay Brar]

I couldn't say, not having used that particular API. What does
the documentation say it should do? Always return just True or
False? Does it not make reference to this type of error?

-Peter

the documentation says verify should return true or false. it will
generate an error if plaintext is too large - which is not helping me much
i have pinned the problem down to the signature itself and the way i am
downloading it.
what i do is when a user clicks on a signature link, i calculate the
signature on the fly and then do
print "Content-type: application\n"
print signature
i am using content-type application to force explorer to give the
download dalog box (the application i am building will later be ported
to a pocket pc). Microsoft on their website said to put the header
"Content-disposition: attachment;filename=blah" to force dowload, but
that didn't work - i am yet to find out what i am doing wrong?
so any ideas on how i send the signature across and make the user
download it?

btw, are there other free Python cryptography packages?

thanks

cheers

--
Ajay Brar
CS Honours 2004
Smart Internet Technology Research Group

http://www.it.usyd.edu.au/~abrar1

 

[Peter Hansen]

the documentation says verify should return true or false. it will
generate an error if plaintext is too large - which is not helping me much
i have pinned the problem down to the signature itself and the way i am
downloading it.
what i do is when a user clicks on a signature link, i calculate the
signature on the fly and then do
print "Content-type: application\n"
print signature
i am using content-type application to force explorer to give the
download dalog box (the application i am building will later be ported
to a pocket pc). Microsoft on their website said to put the header
"Content-disposition: attachment;filename=blah" to force dowload, but
that didn't work - i am yet to find out what i am doing wrong?
so any ideas on how i send the signature across and make the user
download it?

Internet Explorer is, of course, broken. The only guaranteed
solution of which I'm aware to the problem that it sounds like
you are describing (IE refusing to download a file in the right
way or to save it as right type) is to set the file extension
to something that it recognizes as requiring a download. For
example, if you use a file extension of .txt on something, it
will generally not try to download it automatically. Same for
other things that it recognizes. Setting the extension to
..exe would presumably force the same behaviour as using content
type "application". Leaving the extension off might also work,
though I haven't tried that.

Or I might be interpreting what you are saying incorrectly.

-Peter