actually - i'm that far, that the code itself seemes to be fine in most cases, since i got the pub-user-test certificate working
the problem there was: the signing text had a \n at the end, but the text used to verify against didn't have \n at the end - so the verify fails... i just removed all \n inside the text for generating the signature - and it just worked...
i have deaktivated the unlink of the temp files, so i could verfiy at least this problem:
\n is usaly put as: 0x0A
the used data for verification contains: 0x0D0A which is equivalent to \r\n so somewhere happens this conversation step... but i don't know where right now ;o( - at least the data i find at the temporary file, and this is uses for verification
so the question is, when and where this converting happens, since i don't have in mind we would do some unix/dos linefeed conversation, maybe the browser does, but i don't think so...
when i use a hexeditor and remove the additional byte: 0x0D than the message can be verified as correct and the digest matches...
so, if i don't find it, we have to wait, till michael is back, he did the most i18l changes and most probably has an idea where to look for this problem...
i will check some of the functions and see if i find something ;o) which looks like our troublemaker
greetings dalini
--
Ives Steglich Email: [EMAIL PROTECTED]
System Administration Tel.: +49 (0)3677 - 69 4882
Fax: +49 (0)3677 - 69 4399Fraunhofer Institute for Digital Media Technology Langewiesener Strasse 22 98693 Ilmenau Email (private): [EMAIL PROTECTED] Germany http://www.openca.org
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel
