Mads Rasmussen schrieb: > > Hi, > > How can I generate a CAcert with DSA? I would like to generate a Cacert > and then a user cert signed with the CA's key. I would like to make some > tests. > > I have a routine to read certs and validate the signature based on the > RFC 2459 standard, but when I came to the DSA keys I got something > strange. Some nice person sent me a DSA CA certificate and a CRL signed > with the CA. However the public key of the CA is structured differently > from the RFC standard. > > In the standard a public key is a bitstring encapsulation some integer > values bit the cert I received is different. > > The one I received consists of a sequence (ASN.1) with 3 integers > followed by a bitstring encapsulating only one integer. > > Is this format known? Wasn't the RFC standard made to include DSA keys?
You should ask these question on openssl-dev or openssl-users. There are people who are really familiar with ASN.1 and the details of the cryptostandards. Michael -- ------------------------------------------------------------------- Michael Bell Email (private): [EMAIL PROTECTED] Rechenzentrum - Datacenter Email: [EMAIL PROTECTED] Humboldt-University of Berlin Tel.: +49 (0)30-2093 2482 Unter den Linden 6 Fax: +49 (0)30-2093 2959 10099 Berlin Germany http://www.openca.org _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
