Hello, This is not directly related to OpenSSL, but more to OCSP in general. I wrote my own ASN.1 Parser and doing my own crypthography using MS CryptAPI.
I wrote my own OCSP client. Everything works fine. The only part i can not figure out, is the ocsp response signature part. I guess, i do not have a problem with ASN.1 or the MSCAPI, but of the way the Signature is encoded. Here, the sample output of my program: eCrypt: OCSP Response Summary: eCrypt: ---------------------- eCrypt: Response Version: 1 eCrypt: Response Status: Successful (0) eCrypt: Response Type: BasicResponse (1.3.6.1.5.5.7.48.1.1) eCrypt: Responder Id: eCrypt: Response Produced At: Donnerstag, 26. April 2007 21:05:42 eCrypt: # Of Responses: 1 eCrypt: Response #: 1 eCrypt: Hash Algorithm: 1.3.14.3.2.26 eCrypt: Issuer Name Hash 03B4FCFFD21C3177B7291FBB5277900E90C9D72B eCrypt: Issuer Key Hash CEFE469D632F89FDF2381625D8F16CDE47F8CEC1 eCrypt: Serialnumber: 04E8 eCrypt: Cert Status : good (0) eCrypt: This Update: Donnerstag, 26. April 2007 21:00:23 eCrypt: Next Update: Montag, 30. April 2007 01:30:23 eCrypt: eCrypt: Signature Algorithm: 1.2.840.113549.1.1.5 eCrypt: Signature Value: 0023D13F7E0CB0336CA8B459C230591795B8FC88740AEE7F08FE128E8B7D335DF63BDDDE9E01 31D7F577B382E90A805040069E557739AFB6C4BFDD69B102CEBE89A4B863FBA425E9805A9397 4C8F5622E278822C6F4B31F52A67E33C458E6DC96CAB3030B1BE8975BB1299524BF451C30B32 6FBF5AAD2DBACC4413B33BA6590340 eCrypt: Signature Validated: failed eCrypt: # Of Certificates: 1 As you can see, the Signature Value is no longer ASN.1, is it? Does the format of the Signature Value still make sense? Thanks for any helps and hints? Kind of regards, Sascha Kiefer ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
