converting raw signature to PKCS#7 format
Hi I have a library which signs data on a smart card and returns 128 bytes signature. Now the problem is how to convert it into PKCS#7 so that it can be verified by a PKCS#7 compliant verify tool. Is there any utility which can convert raw signature to a PKCS#7 object. The platform on which signature is done is Windows NT/95. Thanks vivek ___ Free Unlimited Internet Access! Try it now! http://www.zdnet.com/downloads/altavista/index.html ___ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: form signing and verification
On Wed, 19 July 2000, Yuji Shinozaki wrote: How are you creating foo.b64? What does it look like? Thanks The problem was with '\n' characters not taken care of in the signature file. Now both the following commands work properly. openssl base64 -d -in $valid \ | openssl pkcs7 -out $sigtmp -inform DER -outform PEM Now in the following command "verify -in $sigtmp -data $theText -cf $db -verbose" actually the syntax is "verify $sigtmp -d $theText -cf $db" it gives following error depth=1 /C=IN/ST=AP/L=City/O=ABC/OU=Secure Machine 172.19.11.11/CN=ABC [EMAIL PROTECTED] verify return:1 depth=0 [EMAIL PROTECTED] verify return:1 2161:error:21071065:PKCS7 routines:PKCS7_signatureVerify:digest failure:pk7_doit.c:786: Is this problem due to message digest algorithm because crypto.signText hashes with SHA and in openssl.cnf default md is md5. Which cert file is required in $db? I supplied the CA cert file. What message will verify give if signature is correct. I saw only a printf("done..") in the code. Thanks vivek ___ $1 million in prizes! 20 daily instant winners. AltaVista Rewards: Click here to win! http://shopping.altavista.com/e.sdc?e=3 ___ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: form signing and verification
On Wed, 19 July 2000, Yuji Shinozaki wrote: How are you creating foo.b64? What does it look like? Thanks The problem was with '\n' characters not taken care of in the signature file. Now both the following commands work properly. openssl base64 -d -in $valid \ | openssl pkcs7 -out $sigtmp -inform DER -outform PEM Now in the following command "verify -in $sigtmp -data $theText -cf $db -verbose" actually the syntax is "verify $sigtmp -d $theText -cf $db" it gives following error depth=1 /C=IN/ST=AP/L=City/O=ABC/OU=Secure Machine 172.19.11.11/CN=ABC [EMAIL PROTECTED] verify return:1 depth=0 [EMAIL PROTECTED] verify return:1 2161:error:21071065:PKCS7 routines:PKCS7_signatureVerify:digest failure:pk7_doit.c:786: Is this problem due to message digest algorithm because crypto.signText hashes with SHA and in openssl.cnf default md is md5. Which cert file is required in $db? I supplied the CA cert file. What message will verify give if signature is correct. I saw only a printf("done..") in the code. Thanks vivek ___ $1 million in prizes! 20 daily instant winners. AltaVista Rewards: Click here to win! http://shopping.altavista.com/e.sdc?e=3 ___ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
can crypto.signText use md5?
Hi In crypto.signText documentation it is written that it hashes using SHA. Can it be made to use md5 for digital signature on a form data? Thanks Vivek ___ $1 million in prizes! 20 daily instant winners. AltaVista Rewards: Click here to win! http://shopping.altavista.com/e.sdc?e=3 ___ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
form signing and verification
Hi How to sign form data and verify at server? I have netscape 4.72 with PKCS#11 CRYPTO MODULES I have also tested javascript method crypto.signText at client side to sign form data. It displays communicator window to signing but gives internal error after pressing OK. On server side does openssl have command line utility to verify signature on a given text? Thanks Vivek ___ $1 million in prizes! 20 daily instant winners. AltaVista Rewards: Click here to win! http://shopping.altavista.com/e.sdc?e=3 ___ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]