> I generate an RSA-key, assign it to an EVP_PKEY structure, sign the > cert with it, than use X509_get_pubkey() to get the public key, and > verify the signature with the pubkey, X509_verify(cert, pubkey), but > it always results "-1",
ASN.1 (and, therefore, X.509) signatures identify the message digest algorithm used for generating the signature by a unique object identifier (OID). As a result, OpenSSL needs to map OIDs to message digest algorithms. The easiest way to set this up, is by calling OpenSSL_add_all_digests().
Kind regards, Remo
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
