Hi,
On Tue, Mar 14, 2023 at 5:54 AM David Sommerseth
wrote:
>
>
> Just got feedback from the reporter in the Fedora bugzilla; this patch
> works well on Fedora 38.
>
> I suggest adding this tag to the commit log. Feel free to add the URL
> tag to the bugzilla ticket too.
>
> Tested-by:
On 14/03/2023 10:02, David Sommerseth wrote:
On 14/03/2023 09:45, David Sommerseth wrote:
On 11/03/2023 06:24, selva.n...@gmail.com wrote:
From: Selva Nair
- With OpenSSL 3.0 and xkey-provider, we use
pkcs11h_certificate_signAny_ex()
which returns EC signature as raw r|s concatenated.
On 14/03/2023 09:45, David Sommerseth wrote:
On 11/03/2023 06:24, selva.n...@gmail.com wrote:
From: Selva Nair
- With OpenSSL 3.0 and xkey-provider, we use
pkcs11h_certificate_signAny_ex()
which returns EC signature as raw r|s concatenated. But OpenSSL
expects
a DER encoded ASN.1
On 11/03/2023 06:24, selva.n...@gmail.com wrote:
From: Selva Nair
- With OpenSSL 3.0 and xkey-provider, we use pkcs11h_certificate_signAny_ex()
which returns EC signature as raw r|s concatenated. But OpenSSL expects
a DER encoded ASN.1 structure.
Do this conversion as done in
From: Selva Nair
- With OpenSSL 3.0 and xkey-provider, we use pkcs11h_certificate_signAny_ex()
which returns EC signature as raw r|s concatenated. But OpenSSL expects
a DER encoded ASN.1 structure.
Do this conversion as done in cryptoapi.c. For code re-use, ecdsa_bin2sig()
is