Right, I know remember that I had problems with leading zero's
as well :) Take a look at the code for details:
https://github.com/lsh123/xmlsec/blob/f3a59c721e38a663405093e2bbb30e2bf45853a2/src/openssl/signatures.c#L597
Aleksey
On 1/4/21 11:06 AM, Timothy Legge wrote:
Thanks. I suspect it is related to the possible leading zeros in the
I2OSP spec that I may be losing when I concatenate r and s but I have
not tracked it down yet.
Tim
On Mon, Jan 4, 2021 at 2:25 PM Aleksey Sanin <[email protected]> wrote:
https://www.w3.org/TR/xmldsig-core1/#sec-DSA
Aleksey
On 1/4/21 9:07 AM, Timothy Legge wrote:
Hi
This is somewhat off topic as it is related to my maintenance of the
Perl XML::Sig module.
DSA signatures are a base64 encoded concatenation of the r and s octet
streams. I can sign and verify DSA signatures with XML::Sig or xmlsec
but occasionally the DSA signature validation fails (for both XML::Sig
and xmlsec at the same time).
I assume something is getting lost when I concatenate r and s before
it is base64 encoded. Any thoughts based on how xmlsec generates the
base64 encoded DSA signature?
regards
Tim
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
