OK, great, one thing less to worry about! But I still face a problem with the explicit [0] tagged content of EncapContentInfo. In this particular case it has an indefinite length tag. When I i2d it again , the element is DER-encoded using definite length and content. Can I force the use of the existing encoding here?
Thanks, Martin 2010/11/5 Dr. Stephen Henson <st...@openssl.org> > > On Fri, Nov 05, 2010, Martin Bolet wrote: > > > > > A more general problem is that many signatures pretend to be DER-encoded but > > they actually apply the wrong order in DER sets. Thus, computing the message > > digest also fails because the set elements are put out in a different order > > than the original one, although the set elements themselves are > > DER-encoded... > > > > OpenSSL should handle this properly by default. It does this by computing the > signature as though it were a SEQUENCE OF (with SET tag) which retains the > original order. > > When it generates signatures itself it is encoded as a SET OF. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
