Ives Steglich wrote:
actually - i'm that far, that the code itself seemes to be fine in most cases, since i got the pub-user-test certificate working
the problem there was: the signing text had a \n at the end, but the text used to verify against didn't have \n at the end - so the verify fails... i just removed all \n inside the text for generating the signature - and it just worked...
i have deaktivated the unlink of the temp files, so i could verfiy at least this problem:
\n is usaly put as: 0x0A
the used data for verification contains: 0x0D0A which is equivalent to \r\n so somewhere happens this conversation step... but i don't know where right now ;o( - at least the data i find at the temporary file, and this is uses for verification
so the question is, when and where this converting happens, since i don't have in mind we would do some unix/dos linefeed conversation, maybe the browser does, but i don't think so...
Isn't this conversion needed by the PKCS7-Standard? As I remember the S/MIME-Standard you have to convert a "\n" line-ending into "\r\n", before calculating the digest. This is called the "canonical" format.
Regards Michael -- Dipl.-Inform. Michael Konietzka Schlund + Partner AG
-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - digital self defense, top technical experts, no vendor pitches, unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
OpenCA-Devel mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/openca-devel
