Johnny Gonzalez wrote:
I tryed using openca-digest too, but the output is different from the PIN stored in the db, so my new question is: how is this PIN generated? in the "certificate" table in "data" field thereis a PIN, I thinks that is the only parameter OpenCA uses to check the CRIN, so I'm trying to use it too but that PIN also is different to the output of openca-digest command:openca-digest sha1 TMS8hU+b8oPhoYS55b/NaQ Digest: SHA1 String: TMS8hU+b8oPhoYS55b/NaQ SHA1: 22H4PuGSCLvJdrqWhbT2hu/SIBg and the cert PIN in DB is: PIN=5e86d229d29e4f856f9b798cad5fe007808c6afc
The PIN will be created during the certificate creation. Sometimes the users don't like it and use the PIN of the request but I describe the default model. This PIN will be hashed with SHA1. This hash/digest is stored in the header (PIN=...).
The original command is the following: openssl dgst -sha1 < stdin You can use "openssl dgst -sha1 CLEAR_PIN" too.So are you sure that you have the correct clear text PIN? How do you get the clear text PIN.
Michael -- _______________________________________________________________ Michael Bell Humboldt-Universitaet zu Berlin Tel.: +49 (0)30-2093 2482 ZE Computer- und Medienservice Fax: +49 (0)30-2093 2704 Unter den Linden 6 [EMAIL PROTECTED] D-10099 Berlin _______________________________________________________________
smime.p7s
Description: S/MIME Cryptographic Signature
