Hi,
I'm using openssl 0.9.6a.
I have just found bug in code responsible for verification. I was
doing CRL verification. In function ASN1_verify (file: a_verify.c) there is
line
type = EVP_get_digestbyname(OBJ_nid2sn(i));
where i = 104 (md5withRSA). OBJ_nid2sn(i) returns "RSA-NP-MD5", which is OK,
but EVP_get_digestbyname returns NULL. If I change this line with
type = EVP_get_digestbyname("md5");
everything is OK (unless CRL was signed with sha1 ;) )
Or, maybe I missed something ...
Regards,
Pawel Krupinski
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
