jharris wrote:
>
> Im trying to write a small utiltiy to allow me to sign files, and check
> the sigs at a later time. Really it should be incorperated in a larger
> application.
>
> OK, Im having alot of trouble using DSA sigs and keys. The man pages seem
> to be very incomplete. After many trips through the source I found to
> gems, i2d_DSAPrivateKey_fp and i2d_DSA_PUBKEY_fp , seem to allow me to
> write keys to disk. The next problem is writing DSA_SIG's to disk.
> I tried i2d_DSA_SIG, and d2i_DSA_SIG , but Im not guessing the paramters
> correctly. Does any know how to write/read a sig to disk?, or have some
> sample code? or even some man pages? The openssl code is oddly completely
> lacking in comments.
>
If you just want to sign files they you shouldn't have to mess with that
stuff at all. You just use EVP_Sign*() and EVP_Verify*() and OpenSSL
will handle the rest: see the relevant manual pages. If you do things
properly then your application should work unmodified with RSA or DSA
keys other than the fact that you currently have to use EVP_dss1() as
the digest for DSA keys.
If you really want to mess with the low level DSA stuff you can. I can't
see why you'd need to save DSA_SIG structures manually to disk. The
DSA_SIG structure is automatically encoded and decoded by the DSA_sign()
and DSA_verify() functions. If you've some special reason for wanting to
do that then the current FAQ gives information about how to use i2d_*()
and d2i_*().
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
