On Wed, Jan 14, 2004 at 11:50:57AM +0200, Alexei Chetroi wrote: > From: Alexei Chetroi <[EMAIL PROTECTED]> > To: [EMAIL PROTECTED] > Subject: Re: [Openca-Users] form signing with secclab plugin > User-Agent: Mutt/1.3.28i > Reply-To: [EMAIL PROTECTED] > Date: Wed, 14 Jan 2004 11:50:57 +0200 > > On Tue, Jan 13, 2004 at 04:38:21PM +0100, Oliver Welter wrote: > > From: Oliver Welter <[EMAIL PROTECTED]> > > To: [EMAIL PROTECTED] > > Subject: Re: [Openca-Users] form signing with secclab plugin > > Reply-To: [EMAIL PROTECTED] > > Date: Tue, 13 Jan 2004 16:38:21 +0100 > > > > Hi Alexi, > > > > Michael added a fisrt version of secclab support to the cvs for testing. > > > > We know about this error, but dont have an idea what is going wrong. > > > > It seems that the conversion of the binary string to hex format is not > > working properly, if you have the time to have a look at the problem > > please share your efforts with us. > > Do you think function String2Base64 is not implemented corectly? I'm > trying to sign request manually following these steps, so correct me if > I'm wrong: > > 1st. From page source, where "Aprove Request" button is located, I've > extracted field text, everything between " from value="...." and put it > into file 2sign.txt without newline at EOF, I think this is important. > > 2nd. From ra.p12 (it's RA admin) I've extracted certificate and private > key with command "openssl pkcs12 -in ra.p12 -out ra.pem". Private key > was extracted in file ra.key.pem > > 3rd. Tryied to sign 2signt.txt but don't know correct comand. Is it > openssl rsautl? I've tried in this way, but it fails: > > [lex.lexa]$ openssl rsautl -sign -in 2sign.txt -inkey ra.key.pem -out > ra.sig > Enter PEM pass phrase: > RSA operation error > 5565:error:0406C06E:rsa routines:RSA_padding_add_PKCS1_type_1:data too > large for key size:rsa_pk1.c:73: > [lex.lexa]$ > > Where am I wrong?
Looking at signstring.cpp from secclab plugin sources, it seems that I must create SHA1 hash of 2sign.txt file and sign it. Am I correct? -- Alexei Chetroi ------------------------------------------------------- This SF.net email is sponsored by: Perforce Software. Perforce is the Fast Software Configuration Management System offering advanced branching capabilities and atomic changes on 50+ platforms. Free Eval! http://www.perforce.com/perforce/loadprog.html _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
