> From: owner-openssl-us...@openssl.org On Behalf Of Albers, Thorsten > Sent: Monday, 30 July, 2012 03:43 <snip> > I also debugged the openssl-server when receiving the message > above. The server recognized the correct hash and signature > algorithms, but while following the functions to the point > where the signature shall be verified, I will come to a point > where for some reason a wrong function is called. The code > says it wants to call RSA_verify(), but > CMS_RecipientInfo_type() is called instead and returns a > value that (of course) does not correspond with the function > that should have been called. It would really help me a lot > if I could debug the server correctly so that I could compare > my hash/signature better with the one computed by the openssl > server. Did anyone see that behavior before? > Is it really calling CMS_blah, or is your debugger just displaying the location as CMS_blah + x? Most symbolic debuggers, if you have some code with symbols and some without, and you're 'running' (i.e. your PC is in) code without symbols, will just take some symbol it considers 'handy' and use that plus an offset.
If you are at the direct call to RSA_verify from ssl3_get_cert_verify which is at s3_srvr.c line 3057 in 1.0.1c, and your libssl has symbols but your libcrypto doesn't, I would expect debugger display like that. But, you shouldn't be executing that call. For TLS1.2, you should be taking the branch at line 3023 et seq which instead uses EVP_Verify*, and if you step through EVP_VerifyFinal it should reach a point where it calls through a function pointer to RSA_verify, so you wouldn't see that name in your source. And EVP_* should be in the same libcrypto as RSA_*, unless you did partial rebuild(s) or some kind of linking that mixed pieces from different sources. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
