the ASN.1 dump of this certificate ... 0 470: SEQUENCE { 4 319: SEQUENCE { 8 3: [0] { 10 1: INTEGER 2 : } 13 5: INTEGER 00 D6 2D F4 34 20 13: SEQUENCE { 22 9: OBJECT IDENTIFIER sha1WithRSAEncryption (1 2 840 113549 1 1 5) 33 0: NULL : } 35 20: SEQUENCE { 37 18: SET { 39 16: SEQUENCE { 41 3: OBJECT IDENTIFIER commonName (2 5 4 3) 46 9: PrintableString 'NL1SPF002' : } : } : } 57 30: SEQUENCE { 59 13: UTCTime 13/11/2013 12:51:00 GMT 74 13: UTCTime 13/11/2014 12:51:00 GMT : } 89 20: SEQUENCE { 91 18: SET { 93 16: SEQUENCE { 95 3: OBJECT IDENTIFIER commonName (2 5 4 3) 100 9: PrintableString 'NL1SPF002' : } : } : } 111 157: SEQUENCE { 114 13: SEQUENCE { 116 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) 127 0: NULL : } 129 139: BIT STRING, encapsulates { 133 135: SEQUENCE { 136 129: INTEGER : 00 C7 42 A0 7F FF A8 1F 65 A0 39 DC 63 D9 8B 09 : 7C F2 D3 59 6D 84 A6 4B 1F 05 DE 30 1B 6B FA 42 : B0 86 8C 88 75 9F A9 57 5B B2 6E E6 60 79 D7 12 : 1E 22 1B 91 18 D5 93 41 80 28 2C 4D F7 D5 46 A6 : 3E 9D 55 E1 A2 89 86 ED DC 88 9D 1B DE B8 F2 03 : 5A 56 5B 0E CB 97 3D B1 32 74 6A A8 3B 24 6C 45 : E7 1A 69 EB 2C EF D7 FD C1 4C 60 2A 6D BA 4B A3 : 34 3C D6 56 4A 3E CA 32 CD 6C 5C 47 A1 05 E6 E7 : 8D 268 1: INTEGER 3 : } : } : } 271 54: [3] { 273 52: SEQUENCE { 275 15: SEQUENCE { 277 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19) 282 1: BOOLEAN TRUE 285 5: OCTET STRING, encapsulates { 287 3: SEQUENCE { 289 1: BOOLEAN TRUE : } : } : } 292 11: SEQUENCE { 294 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) 299 4: OCTET STRING, encapsulates { 301 2: BIT STRING 2 unused bits : '100001'B : } : } 305 20: SEQUENCE { 307 3: OBJECT IDENTIFIER extKeyUsage (2 5 29 37) 312 13: OCTET STRING, encapsulates { 314 11: SEQUENCE { 316 9: OBJECT IDENTIFIER '1 3 6 1 5 5 7 48 1 11' : } : } : } : } : } : } 327 13: SEQUENCE { 329 9: OBJECT IDENTIFIER sha1WithRSAEncryption (1 2 840 113549 1 1 5) 340 0: NULL : } 342 129: BIT STRING : C2 3A 8D 8E 2C A2 B5 46 7F CF 05 E2 01 38 C7 DF : 6F 6E 5F 4E E1 94 42 65 5A 67 BB 21 48 FE E1 FC : EB AB BE B2 34 65 AC 99 2E 2F 53 20 87 EC A5 0A : 14 5D 3A 08 DC 2B F2 1C 9E 46 F0 B3 E9 F9 26 FC : 6E 12 BD BF 95 4F E7 BC 11 CE 7C 22 05 B3 C7 28 : E8 E9 67 A5 05 1B A0 47 C0 E1 DC B2 D1 96 9D 46 : 90 97 66 C0 26 0F 88 90 A2 D1 6F 88 BB CB FE F4 : BB A1 90 99 AB 82 A4 87 27 95 80 27 A4 59 69 87 : }
On Wed, November 27, 2013 16:02, Dereck Hurtubise wrote: > The certificate is received in ASN.1 DER format. Not PEM. > The only thing I want to do is verify the signature of the certificate, > and > thus verify the signature itself. > It is self-signed so the public key in the certificate should be used to > verify the signature, but it isn't working. > > Certificate: > Data: > Version: 3 (0x2) > Serial Number: 3593335860 (0xd62df434) > Signature Algorithm: sha1WithRSAEncryption > Issuer: CN=NL1SPF002 > Validity > Not Before: Nov 13 12:51:00 2013 GMT > Not After : Nov 13 12:51:00 2014 GMT > Subject: CN=NL1SPF002 > Subject Public Key Info: > Public Key Algorithm: rsaEncryption > Public-Key: (1024 bit) > Modulus: > 00:c7:42:a0:7f:ff:a8:1f:65:a0:39:dc:63:d9:8b: > 09:7c:f2:d3:59:6d:84:a6:4b:1f:05:de:30:1b:6b: > fa:42:b0:86:8c:88:75:9f:a9:57:5b:b2:6e:e6:60: > 79:d7:12:1e:22:1b:91:18:d5:93:41:80:28:2c:4d: > f7:d5:46:a6:3e:9d:55:e1:a2:89:86:ed:dc:88:9d: > 1b:de:b8:f2:03:5a:56:5b:0e:cb:97:3d:b1:32:74: > 6a:a8:3b:24:6c:45:e7:1a:69:eb:2c:ef:d7:fd:c1: > 4c:60:2a:6d:ba:4b:a3:34:3c:d6:56:4a:3e:ca:32: > cd:6c:5c:47:a1:05:e6:e7:8d > Exponent: 3 (0x3) > X509v3 extensions: > X509v3 Basic Constraints: critical > CA:TRUE > X509v3 Key Usage: > Digital Signature, Certificate Sign > X509v3 Extended Key Usage: > Trust Root > Signature Algorithm: sha1WithRSAEncryption > c2:3a:8d:8e:2c:a2:b5:46:7f:cf:05:e2:01:38:c7:df:6f:6e: > 5f:4e:e1:94:42:65:5a:67:bb:21:48:fe:e1:fc:eb:ab:be:b2: > 34:65:ac:99:2e:2f:53:20:87:ec:a5:0a:14:5d:3a:08:dc:2b: > f2:1c:9e:46:f0:b3:e9:f9:26:fc:6e:12:bd:bf:95:4f:e7:bc: > 11:ce:7c:22:05:b3:c7:28:e8:e9:67:a5:05:1b:a0:47:c0:e1: > dc:b2:d1:96:9d:46:90:97:66:c0:26:0f:88:90:a2:d1:6f:88: > bb:cb:fe:f4:bb:a1:90:99:ab:82:a4:87:27:95:80:27:a4:59: > 69:87 > > DER format: > 30 82 01 d6 30 82 01 3f a0 03 02 01 02 02 05 00 d6 2d f4 34 30 0d 06 09 2a > 86 48 86 f7 0d 01 01 05 05 00 30 14 31 12 30 10 06 03 55 04 03 13 09 4e 4c > 31 53 50 46 30 30 32 30 1e 17 0d 31 33 31 31 31 33 31 32 35 31 30 30 5a 17 > 0d 31 34 31 31 31 33 31 32 35 31 30 30 5a 30 14 31 12 30 10 06 03 55 04 03 > 13 09 4e 4c 31 53 50 46 30 30 32 30 81 9d 30 0d 06 09 2a 86 48 86 f7 0d 01 > 01 01 05 00 03 81 8b 00 30 81 87 02 81 81 00 c7 42 a0 7f ff a8 1f 65 a0 39 > dc 63 d9 8b 09 7c f2 d3 59 6d 84 a6 4b 1f 05 de 30 1b 6b fa 42 b0 86 8c 88 > 75 9f a9 57 5b b2 6e e6 60 79 d7 12 1e 22 1b 91 18 d5 93 41 80 28 2c 4d f7 > d5 46 a6 3e 9d 55 e1 a2 89 86 ed dc 88 9d 1b de b8 f2 03 5a 56 5b 0e cb 97 > 3d b1 32 74 6a a8 3b 24 6c 45 e7 1a 69 eb 2c ef d7 fd c1 4c 60 2a 6d ba 4b > a3 34 3c d6 56 4a 3e ca 32 cd 6c 5c 47 a1 05 e6 e7 8d 02 01 03 a3 36 30 34 > 30 0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff 30 0b 06 03 55 1d 0f 04 > 04 03 02 02 84 30 14 06 03 55 1d 25 04 0d 30 0b 06 09 2b 06 01 05 05 07 30 > 01 0b 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 c2 3a 8d 8e > 2c a2 b5 46 7f cf 05 e2 01 38 c7 df 6f 6e 5f 4e e1 94 42 65 5a 67 bb 21 48 > fe e1 fc eb ab be b2 34 65 ac 99 2e 2f 53 20 87 ec a5 0a 14 5d 3a 08 dc 2b > f2 1c 9e 46 f0 b3 e9 f9 26 fc 6e 12 bd bf 95 4f e7 bc 11 ce 7c 22 05 b3 c7 > 28 e8 e9 67 a5 05 1b a0 47 c0 e1 dc b2 d1 96 9d 46 90 97 66 c0 26 0f 88 90 > a2 d1 6f 88 bb cb fe f4 bb a1 90 99 ab 82 a4 87 27 95 80 27 a4 59 69 87 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org