Hi, I've trying for the last couple of days to verify a digital signature which was generated by Capicoms Signeddata. Sign function(method). The digital signature is uploaded to a Sun Solaris system. Many of you have been very helpfull and my insight has increased. On the Sun system I try then to verify the digital signature but till now without success.I'm begining to believe that data signed with capicom can only be verified with capicom! All my efforts to verify with openssl smime have failed. Even after converting the data from Unicode to ansi. When I extract the signature on the Sun machine from the file containing the digital signature with:
openssl asn1parse -in 19870193.pkcs7 -out SIG -noout -strparse 614 and then try to verify it with: openssl rsautl -in SIG -verify -asn1parse -inkey IVAN_pub_Key.pem -pubin it generates the following error: RSA operation error 1245:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:100: 1245:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:459: Aleksey Sanin warned me that capicom uses a different format (eg differen byte order) for the digital signature. If this is the case then I think I'll have to start looking for another way of signing. Maybe is the crypto.signtext from Netscape a better option. So, I would like to hear if someone in the world has succeeded in verifying a digital signature (signed with capicom) on a Unix system. kind regards, Ivan ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
