Hi, We are using Crypto++ (5.5.2) for ECDSA (Elliptic Curve DSA) message/ signature verification, using public keys in X.509 certificates created by the Bouncy Castle API. It works fine with prime field curves (ECP), but there is a problem with binary field curves (EC2N). I tracked the issue down to the constructor in ec2n.cpp (line ~21)...
// skip optional seed if (!seq.EndReached()) BERDecodeOctetString(seq, TheBitBucket()); The "optional seed" data in our certificates is a BIT STRING, not an OCTET STRING, so Crypto++ throws an exception. If I edit the certificate file in a hex editor and change the type identifier of the "optional seed" data from 0x03 (bit string) to 0x04 (octet string), everything works and verification is successful. What is the best solution to this problem? We can't guarantee the exact content/format of the certificate files... Is this a bug in Bouncy Castle, or Crypto++? Since the "optional seed" data seems to be ignored by Crypto++ (goes to TheBitBucket), does the type really matter? Thanks, Warwick --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [EMAIL PROTECTED] More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
