[EMAIL PROTECTED] gives an error message, so I repost here (in the hope
that the address used for mailing list subscription works better).
----- Forwarded message from Mail Delivery Subsystem <MAILER-DAEMON> -----
[...]
... while talking to pop.spectraweb.ch.:
>>> RCPT To:<[EMAIL PROTECTED]>
<<< 550 RCPT <[EMAIL PROTECTED]> ERROR. Mailbox doesn't exist
550 <[EMAIL PROTECTED]>... User unknown
[...]
Date: Sat, 19 Jun 1999 14:43:42 +0200
From: [EMAIL PROTECTED] (Bodo Moeller)
To: Dror Otmi <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: Re: Request verification failure
In-Reply-To: <[EMAIL PROTECTED]>; from Dror Otmi on Fri, Jun 18, 1999 at
09:54:27AM +0200
On Fri, Jun 18, 1999 at 09:54:27AM +0200, Dror Otmi wrote:
> As you asked I send you two of those
> requests that pass the verification test of SSLeay 0.8.1 but not of
> OpenSSL 0.9.2b and higher (I didn't test the versions in between).
I tested DrorReq.pem with SSLeay 0.8.1b (which, I think, is like 0.8.1
except for a change related to the Bleichenbacher attack on PKCS #1,
which did not have any effect on any actual computations), and
verification failed also with that version. Both with 0.8.1b and
0.9.2b, the hash can be obtained from the RSA signature and has
correct length etc., but differs from the one computed for
verification.
All this seems to suggest that in 0.8.1 there was a platform-specific
bug in either the encoding functions used by i2d_X509_REQ_INFO (most
likely in the integer encoding), or in the hash computation. On what
platform ("Configure" entry) did you compile and use 0.8.1?
----- End forwarded message -----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
