the ASN.1 dump of this certificate ...
0 470: SEQUENCE {
4 319: SEQUENCE {
8 3: [0] {
10 1: INTEGER 2
: }
13 5: INTEGER 00 D6 2D F4 34
20 13: SEQUENCE {
22 9: OBJECT IDENTIFIER sha1WithRSAEncryption (1 2 840 113549 1 1 5)
33 0: NULL
: }
35 20: SEQUENCE {
37 18: SET {
39 16: SEQUENCE {
41 3: OBJECT IDENTIFIER commonName (2 5 4 3)
46 9: PrintableString 'NL1SPF002'
: }
: }
: }
57 30: SEQUENCE {
59 13: UTCTime 13/11/2013 12:51:00 GMT
74 13: UTCTime 13/11/2014 12:51:00 GMT
: }
89 20: SEQUENCE {
91 18: SET {
93 16: SEQUENCE {
95 3: OBJECT IDENTIFIER commonName (2 5 4 3)
100 9: PrintableString 'NL1SPF002'
: }
: }
: }
111 157: SEQUENCE {
114 13: SEQUENCE {
116 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
127 0: NULL
: }
129 139: BIT STRING, encapsulates {
133 135: SEQUENCE {
136 129: INTEGER
: 00 C7 42 A0 7F FF A8 1F 65 A0 39 DC 63 D9 8B 09
: 7C F2 D3 59 6D 84 A6 4B 1F 05 DE 30 1B 6B FA 42
: B0 86 8C 88 75 9F A9 57 5B B2 6E E6 60 79 D7 12
: 1E 22 1B 91 18 D5 93 41 80 28 2C 4D F7 D5 46 A6
: 3E 9D 55 E1 A2 89 86 ED DC 88 9D 1B DE B8 F2 03
: 5A 56 5B 0E CB 97 3D B1 32 74 6A A8 3B 24 6C 45
: E7 1A 69 EB 2C EF D7 FD C1 4C 60 2A 6D BA 4B A3
: 34 3C D6 56 4A 3E CA 32 CD 6C 5C 47 A1 05 E6 E7
: 8D
268 1: INTEGER 3
: }
: }
: }
271 54: [3] {
273 52: SEQUENCE {
275 15: SEQUENCE {
277 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
282 1: BOOLEAN TRUE
285 5: OCTET STRING, encapsulates {
287 3: SEQUENCE {
289 1: BOOLEAN TRUE
: }
: }
: }
292 11: SEQUENCE {
294 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
299 4: OCTET STRING, encapsulates {
301 2: BIT STRING 2 unused bits
: '100001'B
: }
: }
305 20: SEQUENCE {
307 3: OBJECT IDENTIFIER extKeyUsage (2 5 29 37)
312 13: OCTET STRING, encapsulates {
314 11: SEQUENCE {
316 9: OBJECT IDENTIFIER '1 3 6 1 5 5 7 48 1 11'
: }
: }
: }
: }
: }
: }
327 13: SEQUENCE {
329 9: OBJECT IDENTIFIER sha1WithRSAEncryption (1 2 840 113549 1 1 5)
340 0: NULL
: }
342 129: BIT STRING
: C2 3A 8D 8E 2C A2 B5 46 7F CF 05 E2 01 38 C7 DF
: 6F 6E 5F 4E E1 94 42 65 5A 67 BB 21 48 FE E1 FC
: EB AB BE B2 34 65 AC 99 2E 2F 53 20 87 EC A5 0A
: 14 5D 3A 08 DC 2B F2 1C 9E 46 F0 B3 E9 F9 26 FC
: 6E 12 BD BF 95 4F E7 BC 11 CE 7C 22 05 B3 C7 28
: E8 E9 67 A5 05 1B A0 47 C0 E1 DC B2 D1 96 9D 46
: 90 97 66 C0 26 0F 88 90 A2 D1 6F 88 BB CB FE F4
: BB A1 90 99 AB 82 A4 87 27 95 80 27 A4 59 69 87
: }
On Wed, November 27, 2013 16:02, Dereck Hurtubise wrote:
> The certificate is received in ASN.1 DER format. Not PEM.
> The only thing I want to do is verify the signature of the certificate,
> and
> thus verify the signature itself.
> It is self-signed so the public key in the certificate should be used to
> verify the signature, but it isn't working.
>
> Certificate:
> Data:
> Version: 3 (0x2)
> Serial Number: 3593335860 (0xd62df434)
> Signature Algorithm: sha1WithRSAEncryption
> Issuer: CN=NL1SPF002
> Validity
> Not Before: Nov 13 12:51:00 2013 GMT
> Not After : Nov 13 12:51:00 2014 GMT
> Subject: CN=NL1SPF002
> Subject Public Key Info:
> Public Key Algorithm: rsaEncryption
> Public-Key: (1024 bit)
> Modulus:
> 00:c7:42:a0:7f:ff:a8:1f:65:a0:39:dc:63:d9:8b:
> 09:7c:f2:d3:59:6d:84:a6:4b:1f:05:de:30:1b:6b:
> fa:42:b0:86:8c:88:75:9f:a9:57:5b:b2:6e:e6:60:
> 79:d7:12:1e:22:1b:91:18:d5:93:41:80:28:2c:4d:
> f7:d5:46:a6:3e:9d:55:e1:a2:89:86:ed:dc:88:9d:
> 1b:de:b8:f2:03:5a:56:5b:0e:cb:97:3d:b1:32:74:
> 6a:a8:3b:24:6c:45:e7:1a:69:eb:2c:ef:d7:fd:c1:
> 4c:60:2a:6d:ba:4b:a3:34:3c:d6:56:4a:3e:ca:32:
> cd:6c:5c:47:a1:05:e6:e7:8d
> Exponent: 3 (0x3)
> X509v3 extensions:
> X509v3 Basic Constraints: critical
> CA:TRUE
> X509v3 Key Usage:
> Digital Signature, Certificate Sign
> X509v3 Extended Key Usage:
> Trust Root
> Signature Algorithm: sha1WithRSAEncryption
> c2:3a:8d:8e:2c:a2:b5:46:7f:cf:05:e2:01:38:c7:df:6f:6e:
> 5f:4e:e1:94:42:65:5a:67:bb:21:48:fe:e1:fc:eb:ab:be:b2:
> 34:65:ac:99:2e:2f:53:20:87:ec:a5:0a:14:5d:3a:08:dc:2b:
> f2:1c:9e:46:f0:b3:e9:f9:26:fc:6e:12:bd:bf:95:4f:e7:bc:
> 11:ce:7c:22:05:b3:c7:28:e8:e9:67:a5:05:1b:a0:47:c0:e1:
> dc:b2:d1:96:9d:46:90:97:66:c0:26:0f:88:90:a2:d1:6f:88:
> bb:cb:fe:f4:bb:a1:90:99:ab:82:a4:87:27:95:80:27:a4:59:
> 69:87
>
> DER format:
> 30 82 01 d6 30 82 01 3f a0 03 02 01 02 02 05 00 d6 2d f4 34 30 0d 06 09 2a
> 86 48 86 f7 0d 01 01 05 05 00 30 14 31 12 30 10 06 03 55 04 03 13 09 4e 4c
> 31 53 50 46 30 30 32 30 1e 17 0d 31 33 31 31 31 33 31 32 35 31 30 30 5a 17
> 0d 31 34 31 31 31 33 31 32 35 31 30 30 5a 30 14 31 12 30 10 06 03 55 04 03
> 13 09 4e 4c 31 53 50 46 30 30 32 30 81 9d 30 0d 06 09 2a 86 48 86 f7 0d 01
> 01 01 05 00 03 81 8b 00 30 81 87 02 81 81 00 c7 42 a0 7f ff a8 1f 65 a0 39
> dc 63 d9 8b 09 7c f2 d3 59 6d 84 a6 4b 1f 05 de 30 1b 6b fa 42 b0 86 8c 88
> 75 9f a9 57 5b b2 6e e6 60 79 d7 12 1e 22 1b 91 18 d5 93 41 80 28 2c 4d f7
> d5 46 a6 3e 9d 55 e1 a2 89 86 ed dc 88 9d 1b de b8 f2 03 5a 56 5b 0e cb 97
> 3d b1 32 74 6a a8 3b 24 6c 45 e7 1a 69 eb 2c ef d7 fd c1 4c 60 2a 6d ba 4b
> a3 34 3c d6 56 4a 3e ca 32 cd 6c 5c 47 a1 05 e6 e7 8d 02 01 03 a3 36 30 34
> 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 0b 06 03 55 1d 0f 04
> 04 03 02 02 84 30 14 06 03 55 1d 25 04 0d 30 0b 06 09 2b 06 01 05 05 07 30
> 01 0b 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 c2 3a 8d 8e
> 2c a2 b5 46 7f cf 05 e2 01 38 c7 df 6f 6e 5f 4e e1 94 42 65 5a 67 bb 21 48
> fe e1 fc eb ab be b2 34 65 ac 99 2e 2f 53 20 87 ec a5 0a 14 5d 3a 08 dc 2b
> f2 1c 9e 46 f0 b3 e9 f9 26 fc 6e 12 bd bf 95 4f e7 bc 11 ce 7c 22 05 b3 c7
> 28 e8 e9 67 a5 05 1b a0 47 c0 e1 dc b2 d1 96 9d 46 90 97 66 c0 26 0f 88 90
> a2 d1 6f 88 bb cb fe f4 bb a1 90 99 ab 82 a4 87 27 95 80 27 a4 59 69 87
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
