") ...
% openssl sha1 -verify rsa-pubkey -hex -signature foo.hex foo.txt
Verification Failure
Failed: exit 1
== AND HERE ==
I get the same result with the latest sna
e
value of $? after each command.
> (Is it okay to only check the modulus? The public exponent can be
> ignored? Is it always "Exponent: 65537 (0x10001)"?)
I don't know.
--
Keith Thompson <[EMAIL PROTECTED]> San Diego Supercomputer Center
; do
> /usr/local/apps/openssl-$ver/bin/openssl version
> /usr/local/apps/openssl-$ver/bin/openssl prime 2
> done
OpenSSL 0.9.7m 23 Feb 2007
2 is not prime
OpenSSL 0.9.8 05 Jul 2005
2 is not prime
OpenSSL 0.9.8a 11 Oct 2005
2 is not prime
OpenSSL 0.9.8b 04 May 2006
2 is prime
$
--
Keith Tho
ce you've now publicly called attention to the fact that this
information is out there, I suggest you do so as soon as possible.
--
Keith Thompson <[EMAIL PROTECTED]> San Diego Supercomputer Center
<http://users.sdsc.edu/~kst/> 858-822-0853
"We must do something. This is s
ncludes OpenSSL
0.9.8b.
--
Keith Thompson <[EMAIL PROTECTED]> San Diego Supercomputer Center
<http://users.sdsc.edu/~kst/> 858-822-0853
"We must do something. This is something. Therefore, we must do this."
--
y openssl-0.9.8*.tar.gz source distribution; look for
"Major changes between OpenSSL 0.9.7g and OpenSSL 0.9.8".
--
Keith Thompson <[EMAIL PROTECTED]> San Diego Supercomputer Center
<http://users.sdsc.edu/~kst/> 858-822-0853
"We must do something. This is something.
ps massaging the output. The result isn't strictly speaking
a CRL at all, but perhaps it's what you're looking for.
--
Keith Thompson <[EMAIL PROTECTED]> San Diego Supercomputer Center
<http://users.sdsc.edu/~kst/> 858-82
w (while I was writing this message).
Also, the "openssl-0.9.8f.tar.gz.asc" file is actually a *binary*
signature, not an ASCII signature as the name implies. (Previous *.asc
files have been ASCII signatures.)
--
Keith Thompson <[EMAIL PROTECTED]> San Diego Supercomputer C
On Fri 07-10-12 15:02, Keith Thompson wrote:
[...]
> That's not the only problem. As of a few minutes ago, there were
> two versions of the "openssl-0.9.8f.tar.gz.asc" file, one on the ftp
> server and another on the web server. Both are signed by the same key
> (whic