Hello, I'm currently working on ECDSA, and use OpenSSL for tests. I also use BouncyCastle to verify the validity of PKCS10 request. I have been able to generate a PKCS10 with a HSM that BouncyCastle rejects but OpenSSL verifies. At first I thought it was BouncyCastle that was mistaken, but after talking with David Hook from BouncyCastle, it seems that there might be a problem with the INTEGER Structure from ASN.1 in the ecdsa-sig-value from OpenSSL. In fact the PKCS10 request generated have the s integer first bit to 1, which should mean that it is negative. BouncyCastle interprets it as negative which is why it does not verify the validity of the request, whereas OpenSSL interprets as an unsigned integer and therefore verifies the signature. According to David Hook the ASN.1 Structure INTEGER is signed, therefore the problem is maybe in OpenSSL. I have tested the file with OpenSSL 0.9.8h and OpenSSL 1.0.0, both verify the enclosed file.
Best regards, Julien Caron
error_1.3.132.0.34.p10
Description: application/pkcs10
