Lee Baydush wrote:
Will somebody tell me how to add an OID and corresponding verification
routine to OpenSSL version 0.9.7c to verify a SHA-256 signature.
Currently I am trapping the X509_V_ERR_CERT_SIGNATURE_FAILURE and
X509_V_ERR_CRL_SIGNATURE_FAILURE errors in my verify callback routine,
comparing the OID in the algorithm->data section to the OID for
SHA256WithRSA (1.2.840.113549.1.1.11), if it matches, computing
the SHA256 hash myself and comparing it to the passed signature
data using RSA_verify(). This works fine, but I know there has
to be more subtle way to add the OID and hash function to OpenSSL,
I just can not find any complete example or write-up anywhere.
I keep finding tidbits about adding OIDs and other parts, but am
not seeing how the parts all go together.
try 0.9.8-dev (it should support the newer sha hash algs etc.)
Cheers,
Nils
PS: Please consider adding some '\n' in your message next time.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
