very much,
>
> Diego Gonzalez
> -
> -
>
>
> -Original Message-
> From: Tomas Mraz
> Sent: Friday, September 30, 2022 1:22 AM
> To: GonzalezVillalobos, Diego ;
> openssl-users@openssl.org
> Subject: Re: Updating RSA public key generation and signature
>
Subject: Re: Updating RSA public key generation and signature verification from
1.1.1 to 3.0
Caution: This message originated from an External Source. Use proper caution
when opening attachments, clicking links, or responding.
Hi,
unfortunately I do not see anything wrong with the code. Does
t yesterday I was helping someone debug a DigestVerify
issue. We were consistently getting the "first octet is invalid" error out of
the RSA PSS signature verification code, but the same inputs worked with
openssl dgst.
I wrote a fresh minimal program from scratch (really m
endl;
> break;
> } else if (ret < 0) {
> printf("Failed Final Verify
> %s\n",ERR_error_string(ERR_get_error(),NULL));
> cout << "EC Verify error" << endl;
>
--
-Original Message-
From: Tomas Mraz
Sent: Thursday, September 29, 2022 1:12 AM
To: GonzalezVillalobos, Diego ;
openssl-users@openssl.org
Subject: Re: Updating RSA public key generation and
Hi,
comments below.
On Wed, 2022-09-28 at 22:12 +, GonzalezVillalobos, Diego wrote:
> [AMD Official Use Only - General]
>
> Hello Tomas,
>
> I generated the key as you suggested, and I am no longer getting an
> error message! Thank you for that. Here is how I'm generating the key
> now:
>
true;
cout << "SEV EC verification Succesful" << endl;
Could it be because I'm creating a ECDSA SIG object and then turning it into a
der format to verify? Again, suggestions would be appreciated.
Thank you!
Diego Gonzalez Villalobos
-
if (EVP_DigestVerifyUpdate(verify_md_ctx, child_cert,
> pub_key_offset) <= 0){ // Calls SHA256_UPDATE
> cout << "updating digest fails" << endl;
> break;
> }
>
> int ret = EVP_DigestVerifyFinal(verify_md_ctx,
> signature, sig_len);
> cout << ret << endl;
&g
hen I reach EVP_DigestVerifyFinal is showing this error:
Failed Final Verify error:0395:digital envelope routines::no operation set
I have been playing around with it for a while, but I am stuck at this point.
Any advice would be appreciated.
Thank you,
Diego Gonzalez Villalobos
-
On Thu, 2022-09-08 at 16:10 +, GonzalezVillalobos, Diego via
openssl-users wrote:
> [AMD Official Use Only - General]
>
> Hello everyone,
>
> I am currently working on updating a signature verification function
> in C++ and I am a bit stuck. I am trying to replace the
[AMD Official Use Only - General]
Hello everyone,
I am currently working on updating a signature verification function in C++ and
I am a bit stuck. I am trying to replace the deprecated 1.1.1 functions to the
appropriate 3.0 versions. The function takes in 2 certificate objects (parent
I found that if the signing and verification are all done by command line or
all done by API, the verification will pass. But if cross, then failed. Any
default configuration are different?
--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
I am working on the upgrade my program written 4 years before with updated
openssl version 1.1.0j from 1.0.1e. There are so many changes between the
two versions. I updated my code with 1.1.0 API, but it failed and I cannot
figure out the reason.
The RSA key pair and message signature are
, 0x49, 0x64, 0xa3, 0x0d,
> 0xdb, 0xaa};
>
>
>
>
>
> unsigned char
> hashnew[]={0x8f,0x43,0x43,0x46,0x64,0x8f,0x6b,0x96,0xdf,0x89,0xdd,0xa9,0x1c,0x51,0x76,0xb1,0x0a,0x6d,0x83,0x96,0x1d,0xd3,0xc1,0xac,0x88,0xb5,0x9b,0x2d,0xc3,0x27,0xaa,0x4};
>
>
> On Aug 29, 2018, at 5:53 AM, Linta Maria wrote:
>
> As you suggested, signature wasn't correct.
> With below input also it's not working.
Once again, the code is working correct, the key below did not produce
the posted signature. Please use "openssl rsautl" as shown in my
previous
0x83,0x96,0x1d,0xd3,0xc1,0xac,0x88,0xb5,0x9b,0x2d,0xc3,0x27,0xaa,0x4};
-- Forwarded message -
From: *Viktor Dukhovni*
Date: Wed 29 Aug, 2018, 11:30 AM
Subject: Re: [openssl-users] Openssl api for signature verification using
digest
To: openssl-users@openssl.org
> On
> On Aug 29, 2018, at 1:05 AM, Linta Maria wrote:
>
> Still its not working.
The code is working correctly. The real problem is that the PEM
format 2048-bit RSA key you posted:
> BEGIN PUBLIC KEY-
> MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMjyWZfVfBpmNKmIm9HH
>
Thanks Viktor for the help….
Please find below the input format.
Still its not working.
> On Aug 28, 2018, at 7:08 AM, Linta Maria wrote:
>
> I have used below code, but it’s not working. Please help me to get the
correct API.
>
> /*
> * NB: assumes verify_key, sig, siglen md and mdlen are
[ Please post plain text, not HTML ]
> On Aug 28, 2018, at 7:08 AM, Linta Maria wrote:
>
> I have used below code, but it’s not working. Please help me to get the
> correct API.
>
> /*
> * NB: assumes verify_key, sig, siglen md and mdlen are already set up
> * and that verify_key is an RSA
n Tue, Aug 28, 2018, 14:09 Linta Maria wrote:
>
>>
>>
>> Hi All,
>>
>>
>>
>>
>>
>> I have started using open ssl recently for implementing some
>> cryptographic operation.
>>
>> Now I want to implement signature verification by takin
Tuveri
On Tue, Aug 28, 2018, 14:09 Linta Maria wrote:
>
>
> Hi All,
>
>
>
>
>
> I have started using open ssl recently for implementing some cryptographic
> operation.
>
> Now I want to implement signature verification by taking Signature and
> hashed
Hi All,
I have started using open ssl recently for implementing some cryptographic
operation.
Now I want to implement signature verification by taking Signature and
hashed data as input, but I am not able to get the proper API.
I have used below code, but it’s not working. Please help me
➢ I was more talking about the parsing. Currently I have 40 LOC [1] to
Look at X509_get1_ocsp which is in crypto/x509v3/v3_utl.c That’s in 1.0.2 and
later
➢ > X509_CRL_verify. And yes, looking through to find the serial# is what you
have to do.
➢ That's 1.1-specific, correct?
Hi Rich,
On 18-10-17 17:46, Salz, Rich via openssl-users wrote:
> ➢ I used libcrypto to parse out the OCSP URL from the certificate validate
> it against a whitelist of valid OCSP URLs, send an OCSP request and
> validate the response and its signature against a custom certificate
>
➢ I used libcrypto to parse out the OCSP URL from the certificate validate
it against a whitelist of valid OCSP URLs, send an OCSP request and
validate the response and its signature against a custom certificate
store, and then parse out the result.
Two points on that:
➢ -
Hi,
I have an application which wants to do verification of a certificate.
Not in the context of a context or a signature, but simply to verify if
the certificates are still valid and from a source that is correct in
the context in which the application runs.
I used libcrypto to parse out the
manage to
get the status of the request and a given certificate.
However, that doesn't do signature verification. I believe that I should use
OCSP_basic_verify() for that, but I'm not entirely sure whether that is the
case, and if so whether I would need to do some additional checks beforehand
and use d2i_OCSP_RESPONSE(), then with things like
OCSP_response_status() and OCSP_resp_find_status() and friends I can manage to
get the status of the request and a given certificate.
However, that doesn't do signature verification. I believe that I should use
OCSP_basic_verify
OCSP_response_status() and OCSP_resp_find_status() and friends I can manage to
get the status of the request and a given certificate.
However, that doesn't do signature verification. I believe that I should use
OCSP_basic_verify() for that, but I'm not entirely sure whether that is the
case
(continuing top posting to keep thread consistent)
Note that the point of using an X.509 signature at file creation time
and/or client approval time was to reuse the internal file structure
that is already designed to hold that particular signature format
(specifically, the internal file
Bohm
Sent: Wednesday, June 24, 2015 01:53
To: openssl-users@openssl.org
Subject: Re: [openssl-users] beginner needs advice on data
signature/verification
(Continuing top posting to keep thread consistent).
First of all, if the client itself is compromised, the file content can be
compromised
:* Saturday, June 20, 2015 04:48
*To:* openssl-users@openssl.org
*Subject:* [openssl-users] beginner needs advice on data
signature/verification
Hi,
I hope some of you could give me advice on my project using openssl.
MW: Why are you using OpenSSL for this application? You want to create
a file
04:48
*To:* openssl-users@openssl.org
*Subject:* [openssl-users] beginner needs advice on data
signature/verification
Hi,
I hope some of you could give me advice on my project using openssl.
MW: Why are you using OpenSSL for this application? You want to
create a file on a trusted system, pass
Warga
Sent: Saturday, June 20, 2015 04:48
To: openssl-users@openssl.org
Subject: [openssl-users] beginner needs advice on data signature/verification
Hi,
I hope some of you could give me advice on my project using openssl.
MW: Why are you using OpenSSL for this application? You want to create
Hi,
I hope some of you could give me advice on my project using openssl.
Lets say I have a server/service on a machine processing a file a
corresponding client sends. That file is usually created by me on a
clean third machine. The server side is assumed to be uncompromised (no
hacker). The
:sha1WithRSAEncryption
Thanks,
Anand
- Original Message -
From: Dr. Stephen Henson st...@openssl.org
To: openssl-users@openssl.org
Cc:
Sent: Thursday, June 20, 2013 4:52 PM
Subject: Re: openssl 1.0.1e Signature verification problems
On Thu, Jun 20, 2013, anand rao wrote
: BIT STRING
Thanks,
Anand
- Original Message -
From: Wim Lewis w...@omnigroup.com
To: openssl-users@openssl.org
Cc:
Sent: Tuesday, June 18, 2013 11:33 PM
Subject: Re: openssl 1.0.1e Signature verification problems
On 14 Jun 2013, at 6:09 AM, anand rao wrote:
I am using openssl 1.0.1e
On Thu, Jun 20, 2013, anand rao wrote:
The output of command openssl asn1parse -i -in cacert.pem is
0:d=0 hl=4 l= 872 cons: SEQUENCE
4:d=1 hl=4 l= 729 cons: SEQUENCE
8:d=2 hl=2 l= 3 cons: cont [ 0 ]
10:d=3 hl=2 l= 1 prim: INTEGER :02
13:d=2 hl=2
On 14 Jun 2013, at 6:09 AM, anand rao wrote:
I am using openssl 1.0.1e to create a CA and generate certificates.
I am facing an issue while generating the device certificates.
After creating the ca certificate using below command
# openssl req -x509 -new -newkey rsa:1024 -keyout
Signature verification problems..
This was not observed in previous versions. When I tried to change default_md
to sha1 in openssl.cnf it doesn't had any effect.
Please suggest if we need to configure anything in particular in openssl.cnf or
is it a bug.
Thanks,
Anand
application but the RSA
signature verification is failing when I comment the following portion of
code in p_verify.c file, it started working, May I have to clue what should
be set in our application to solve the issue with our modifying the openssl
code.
if (ctx-digest-flags
From: owner-openssl-us...@openssl.org On Behalf Of dwipin
Sent: Thursday, 22 November, 2012 23:20
I am trying to develop a java utility based on Bouncy Castle
that should be
able to sign and encrypt data which can later be decrypted
and verified on
the server side (openssl).
Data
-Signature-Verification-Failure-tp42468.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Its not exactly Signature Verification Failure. I get the following error -
Error reading S/MIME message
24746:error:2107A083:PKCS7 routines:SMIME_read_PKCS7:invalid mime
type:pk7_mime.c:364:type: application/octet-stream
--
View this message in context:
http://openssl.6102.n7.nabble.com
and m set to NULL in EC_POINT_mul). I can see that in the
OpenSSL signature verification code q and m are not NULL in
EC_POINT_mul, so it makes sense why the speedup wouldn't be as great as
when they are NULL (since precomputations are only made for the
generator point of the curve). But I don't
the
reason is for this.
I can see the code that verifies signatures uses EC_POINT_mul, but I don't
see a significant speedup as I did when using it to just generate public
keys (q and m set to NULL in EC_POINT_mul). I can see that in the OpenSSL
signature verification code q and m are not NULL
routines:RSA_padding_check_PKCS1_type_1:block type is not 01
The signature verification is expected to pass as per the data input I have
provided. Something might be wrong in my code. Any help is appreciated.
The data and the example code that I used is , in
http://stackoverflow.com/q/10927586/986020
thanks for help
description I found:
openssl errstr 0407006A
error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not
01
The signature verification is expected to pass as per the data input I
have provided. Something might be wrong in my code. Any help is appreciated.
The data
the detailed description I found:
|openssl errstr 0407006A
error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01
|
The signature verification is expected to pass as per the data input I
have provided. Something might be wrong in my code. Any help is appreciated.
The data
isn't working correctly, or you called it
incorrectly
It's not a hashing issue, since you don't see the padding.
From: TSCOconan chu...@tsco.ca
To: openssl-users@openssl.org,
Date: 10/18/2011 03:03 PM
Subject: Problem with signature verification on microchip embedded
controller
Sent
Hi,
I'm trying to implement certificate signature verification (certificates
are generated and signed using OpenSSL) on a Microchip pic controller. The
Microchip PIC controller doesn't support OpenSSL libraries, but it does have
an encryption/decryption function. I was successful in getting
From: owner-openssl-us...@openssl.org On Behalf Of TSCOconan
Sent: Tuesday, 18 October, 2011 14:57
I'm trying to implement certificate signature verification
snip on a Microchip pic controller. snip
After reading PKCS#1 V2.1 snip
I realized that encryption is essentially the same
majord...@openssl.org
--
View this message in context:
http://old.nabble.com/Java-signature-verification-fail-in-openssl-tp32589928p32594391.html
Sent from the OpenSSL - User mailing list archive at Nabble.com
Jeffrey Walton-3 wrote:
On Tue, Oct 4, 2011 at 10:58 AM, brajan balamurugan@gmail.com wrote:
hi
can any one tell me why the signature verification in openssl fail when
the
message is signed bu java IBM fips compliant.i am using openssl 0.9.8g in
power Pc. i am getting error
Jakob Bohm-7 wrote:
On 10/4/2011 4:58 PM, brajan wrote:
hi
can any one tell me why the signature verification in openssl fail when
the
message is signed bu java IBM fips compliant.i am using openssl 0.9.8g in
power Pc. i am getting error in
if (((unsigned int)sig-digest-length
On 10/5/2011 8:15 AM, brajan wrote:
My steps are
1. raw data eg.balamurugan
2. i am calculating hash for this data using sha256 which is 256 bit for
readable i convert this into (32 to 64 byte) hex string not hex represent.
eg hash string is a123sdf... which is 64 characters
3. now i am
hi
can any one tell me why the signature verification in openssl fail when the
message is signed bu java IBM fips compliant.i am using openssl 0.9.8g in
power Pc. i am getting error in
if (((unsigned int)sig-digest-length != m_len) ||
(memcmp(m,sig-digest-data,m_len) != 0)) line
On 10/4/2011 4:58 PM, brajan wrote:
hi
can any one tell me why the signature verification in openssl fail when the
message is signed bu java IBM fips compliant.i am using openssl 0.9.8g in
power Pc. i am getting error in
if (((unsigned int)sig-digest-length != m_len) ||
(memcmp(m,sig
On Tue, Oct 4, 2011 at 10:58 AM, brajan balamurugan@gmail.com wrote:
hi
can any one tell me why the signature verification in openssl fail when the
message is signed bu java IBM fips compliant.i am using openssl 0.9.8g in
power Pc. i am getting error in
if (((unsigned int)sig
From: owner-openssl-us...@openssl.org On Behalf Of brajan
Sent: Tuesday, 04 October, 2011 10:58
can any one tell me why the signature verification in
openssl fail when the
message is signed bu java IBM fips compliant.i am using
openssl 0.9.8g in
power Pc. i am getting error
))
{
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
}
else
ret=1;
why this error occuring .and how to over come this error
--
View this message in context:
http://old.nabble.com/Error-While-Signature-verification-..-tp32503816p32503816.html
Sent from
A failed signature verification can have many causes. E.g.,
- bad digest
- bad signature
- bad public key
- bad OID
I debug by doing a raw public key operation on the signature. If you see
obvious padding and a good OID, and the digest doesn't match, then you
have to debug why the hash
using c++ )
Thanks Regards
Balamurugan
--
View this message in context:
http://old.nabble.com/Trust-Chain-Loading-and-signature-verification-of-a-certificate-tp32088489p32088489.html
Sent from the OpenSSL - User mailing list archive at Nabble.com
Hi,
I am trying to use OpenSSL to independently verify a CKM_ECDSA_SHA1
signature produced by a Safenet protect gold HSM. The signature
verification with the error below, however using the HSM ctbrowse tool I can
verify the signature being produced. Can anybody out there help me interpret
what
Hi everyone,
we are currently trying to verify an ocsp response.
The return is Response verify OK but we need to verify the signature
algorithm of the response signature.
We tried putting the response into an DER and parsing it. But still no
information about the signature.
There are signature
On Fri, Mar 12, 2010, Michel Pittelkow - michael-wessel.de wrote:
Hi everyone,
we are currently trying to verify an ocsp response.
The return is Response verify OK but we need to verify the signature
algorithm of the response signature.
We tried putting the response into an DER and
Sure! Here are the request and response files.
Kind regards
Michel Pittelkow
Hi everyone,
we are currently trying to verify an ocsp response.
The return is Response verify OK but we need to verify the signature
algorithm of the response signature.
We tried putting the response into an
I forgot to write, which versions are used.
For the client we are using 0.9.8L. But we also tested with M.
We are not sure about the responders but we are trying to find out.
Kind regards
Michel Pittelkow
Hi everyone,
we are currently trying to verify an ocsp response.
The return is
On Fri, Mar 12, 2010, Michel Pittelkow - michael-wessel.de wrote:
I forgot to write, which versions are used.
For the client we are using 0.9.8L. But we also tested with M.
We are not sure about the responders but we are trying to find out.
Oops, there was a bug in the print routine which
Ah! That's exactly the point, where I tried to edit the code and recompile it.
But every time I tried to I became an error in make complaining about
[link_app.] and a false call of 'main' in _start...
Can I just replace the file and recompile openssl? Or do I have to edit
something in any type
On Fri, Mar 12, 2010, Michel Pittelkow - michael-wessel.de wrote:
Ah! That's exactly the point, where I tried to edit the code and recompile
it. But every time I tried to I became an error in make complaining about
[link_app.] and a false call of 'main' in _start...
Can I just replace the
Done that. It now seems to work! Thank you :)
S999D003:/home/ah/test # ./openssl ocsp -respin response-2.der -text
OCSP Response Data:
OCSP Response Status: successful (0x0)
Response Type: Basic OCSP Response
Version: 1 (0x0)
Responder Id: C = DE, O = D-Trust GmbH, CN = D-TRUST
Hello,
We started working on a project several months ago that has a need for
signature verification of an xml file. We had completed our tests and
everything was woking. The provider of the file then sent us a new Public Key
and said that it is what we will get for the live data. The file
On Sat, Feb 06, 2010, Jim Welch wrote:
Hello,
We started working on a project several months ago that has a need for
signature verification of an xml file. We had completed our tests and
everything was woking. The provider of the file then sent us a new Public
Key and said
Subject: Re: Signature Verification
Hi,
In order to help you further, can you post :
- The data to be hashed which is the content of your variable xmlDat
- The signature to be verified which is the content of your variable
sigDat (maybe it's what you posted first)
- The public key
. These are
what I'm giving to the EVP_VerifyUpdate and EVP_VerifyFinal. Still
not verifying.
Thanks Again,
Jim
- Original Message - From: Mounir IDRASSI
mounir.idra...@idrix.net
To: openssl-users@openssl.org
Sent: Friday, November 06, 2009 5:11 PM
Subject: Re: Signature Verification
Hi
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Saturday, January 31, 2009 8:11 AM
To: openssl-users@openssl.org
Subject: RE: Openssl signature verification
From: owner-openssl-us...@openssl.org On Behalf Of Ajeet kumar.S
Sent: Friday, 30 January, 2009 00:07
In openssl
) hash.
You separately asked
In Openssl for signature verification we are using API
ASN1_item_verify().
Let me know the data which is used for finger print (signature)
creation
is the CA public key or some thing else data .
Please clarify this doubt. How we are verifying
Dear All,
In openssl API X509_verify(X509 *a, EVP_PKEY *r) is used to verify the
signature of certificate. I have some doubt please help me.
1. Is in this API we are passing the CA certificate and public key of
CA certificate?
2. What is data over SSL compute the HASH?
3. SSL
On Mon, 2009-01-19 at 11:22 +, Young, Alistair wrote:
* is it possible to define our own curves (rather than using
one of the predefined curves)?
if you want to play with your EC, check crypto/ec/ectest.c
if you want to add a new curve to openssl, have a look at
crypto/ec/ec_curve.c,
ourselves which links to the FIPS
library.
Regards,
Alistair.
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Emanuele Cesena
Sent: 23 January 2009 08:24
To: openssl-users@openssl.org
Subject: Re: ECDSA signature verification
- is there an extra 'not' in this statement?),
but that perhaps doesn't cover ECDSA.
Alistair.
-Original Message-
From: Young, Alistair
Sent: 23 January 2009 10:13
To: 'openssl-users@openssl.org'
Subject: RE: ECDSA signature verification
Thank you, Emanuele.
We really need to use the FIPS
On Fri, 2009-01-23 at 10:13 +, Young, Alistair wrote:
We really need to use the FIPS version of OpenSSL, so updating the code
isn't a possiblity.
ah ok, so maybe you can just skip EVP.
bye!
--
Emanuele Cesena emanuele.ces...@gmail.com
http://ecesena.dyndns.org
Il corpo non ha ideali
On Fri, Jan 23, 2009, Young, Alistair wrote:
... though I notice that the Security Policy document does not
explicitly mention ECDSA in the table of FIPS approved algorithms.
It does mention DSA with 1024-bit keys (but has a confusing footnote
which states that DSA supports a key size of
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: 23 January 2009 13:07
To: openssl-users@openssl.org
Subject: Re: ECDSA signature verification
On Fri, Jan 23, 2009, Young, Alistair wrote
Hi,
I'm new to OpenSSL, having just installed openssl-fips-1.2. I'm looking
for some guidance in how to use OpenSSL (from the command line) to
verify ECDSA signatures.
In particular, I have the following questions:
* is it possible to define our own curves (rather than using
one of the
Generic_117350-39 sun4u sparc SUNW,Sun-Fire-280R
Regards
Ashith
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola
Sent: Friday, October 12, 2007 11:48 PM
To: openssl-users@openssl.org
Subject: RE: Signature verification fails with block type is not 01
Has anyone seen this behavior? Any help would be appreciated.
Thanks in advance,
Regards
Ashith
-Original Message-
From: Belliappa, Ashith Muddiana (HP Software)
Sent: Wednesday, October 17, 2007 11:37 AM
To: 'openssl-users@openssl.org'
Subject: RE: Signature verification fails
Hi,
We have checked for proper library files usage during the signature
verification. Even we have compared the file size of the library used in
working and non- working machine and found both are exactly same. Even
the checksum matches for the files.
In Solaris 5.7 also it works fine
Belliappa, Ashith Muddiana (HP Software) wrote:
Hi,
We have checked for proper library files usage during the signature
verification. Even we have compared the file size of the library used in
working and non- working machine and found both are exactly same. Even
the checksum matches
Hello,
We have the same openssl version in both the machines. Still the
problem occurs.
My proposition was to check private key modulus and public/certificate
modulus to be sure that they are the same.
Best regards,
--
Marek Marcola [EMAIL PROTECTED]
Hello,
Does anyone have a separate test program where we can test only the
signature verification?
# openssl genrsa -out rsa.pem 2048
# openssl rsa -in rsa.pem -text -noout
# openssl rsa -in rsa.pem -pubout -out rsa-pub.pem
# openssl rsa -in rsa-pub.pem -pubin -text -noout
# echo test test
haven't got 5.7 thing. Is it that you have also checked the code on a
5.7 found it to be working properly?)
Does anyone have a separate test program where we can test only the
signature verification?
Regards
Ashith
-jb
--
No snowflake in an avalanche ever feels responsible
On Fri, Oct 12, 2007, Belliappa, Ashith Muddiana (HP Software) wrote:
Hi,
We have the same openssl version in both the machines. Still the
problem occurs.
Do you have the same binaries or did you compile it on both machines?
If you compiled it try make test on the failing machine if that
Hi,
We have complied the code in an Solaris 5.7 machine. We have the same
set of binaries working fine in all the Solaris 5.8 machines. I am
getting the error ONLY in ONE Solaris 5.8 machine.
Does anyone have a separate test program where we can test only the
signature verification?
Regards
Hello,
We are using openssl 0.9.8d in our environment. In one of the
Solaris box we are getting an “block type is not 01” while doing the
signature verification. We have compared the openssl (0.9.7l) and
openssl (0.9.8d) and found few difference in the signature
verification part. We
: Signature verification fails with block type is not 01
Hello,
We are using openssl 0.9.8d in our environment. In one of the
Solaris box we are getting an block type is not 01 while doing the
signature verification. We have compared the openssl (0.9.7l) and
openssl (0.9.8d) and found few
Hi All,
We are using openssl 0.9.8d in our environment. In one of the Solaris
box we are getting an block type is not 01 while doing the signature
verification. We have compared the openssl (0.9.7l) and openssl (0.9.8d)
and found few difference in the signature verification part. We then
used
Hi,
I am trying to use openssl to sign documents and store detached
signatures in PKCS7 format.
First, I sign the document :
openssl smime -sign -in document.txt -out document.txt.sign -signer
certs/jcr.crt -certfile certs/ca.crt -inkey private/jcr.key
When I check the signature, it is OK :
On Wed, Feb 07, 2007, Jean-Claude Repetto wrote:
Hi,
I am trying to use openssl to sign documents and store detached
signatures in PKCS7 format.
First, I sign the document :
openssl smime -sign -in document.txt -out document.txt.sign -signer
certs/jcr.crt -certfile certs/ca.crt
1 - 100 of 123 matches
Mail list logo