Hello all, I'm having troubles verifying a DSA signature created by a java application with an openSSL application. When I use an openSSL application that creates this signature, instead of the java one, everything's working just fine. The scenario: The java based application (the client) creates private/public (DSA) keys and sends the public key to the openSSL application (the server). The server creates a random bytes array and sends it to the client. Now the client signs this array and sends the signature to the server for verification using the public key. The verification always fails! The communication between the java client and the openSSL server are not concerning me right now (jsse is not involved. yet). My question is pure cryptographic - why can't openSSL verify a DSA signature made by java? I've been searching the archives and had the feeling that I'm not the only one who encountered such problem, but never got an eye-opening answer. I'd be more than happy to hear any idea. Thanks, Ronen. BTW. I seem to be able to create in openSSL the (java's) public key with d2i_DSA_PUBKEY but not with d2i_DSAPublicKey. I guess it's because java is using "certificate format". ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
