the problem there was: the signing text had a \n at the end, but the text used to verify against didn't have \n at the end - so the verify fails... i just removed all \n inside the text for generating the signature - and it just worked...
the certificate could be verifyid as valid
so i guess - the current problems mainly result from missing or added bytes at the text or data to be proofed...
but i havn't localized this part for sure, where this happens... i think it could be part of internationalization code, but i'm not sure since:
the pkcs7, openssl and openca-sv code seemes to be fine in general to test the above - you just go to: .../lib/cmd/test_cert line 13 i removed all \n and the whole thing worked...
if i insert somewhere a \n in the to be signed text - the verification breaks... that means - there is a converting problem with \n most probably it gets translated to \n\r or something, i will check the
hexcode of the data file used for verification
the question is - where does it get converted/changed so verification breaks...
since in other to be signed stuff there is \n used or a byte in the challenge with the same meaning - this is our troublemaker i guess...
if we find this - i think fixing is a question of some minutes ;o)
greetings dalini
--
Ives Steglich Email: [EMAIL PROTECTED]
System Administration Tel.: +49 (0)3677 - 69 4882
Fax: +49 (0)3677 - 69 4399Fraunhofer Institute for Digital Media Technology Langewiesener Strasse 22 98693 Ilmenau Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel
