On Tue, Aug 24, 2004, rai mahua wrote:
> Given the r & s part of the DSA signature,
> I generate a DSA_signature out of it, and
> need to pass it to
> openssl dgst -dss1 -signature ....
>
> This gives me the following error:
> Error Verifying Data
> 50524:error:0D0680A8:asn1 encoding
> routines:ASN1_CHECK_TLEN:wrong
> tag:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/asn1/tasn_dec.c:946:
> 50524:error:0D07803A:asn1 encoding
> routines:ASN1_ITEM_EX_D2I:nested asn1
> error:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/asn1/tasn_dec.c:304:Type=DSA_SIG
>
> Does i2d_DSA_SIG return signature in some encoded
> form?
>
> Thanks,
> Pallavi
>
>
> /******code snippet ***************/
>
>
> u_char sigdata[BUFSIZ], complete_sig[BUFSIZ];
> long siglen, complete_sig_len;
> DSA_SIG *dsa_sig;
>
> bzero(sigdata, sizeof(sigdata));
> bzero(complete_sig, sizeof(complete_sig));
> /*
> * Since we are given the 'r' & 's' part of the DSA
> * signature, we need
> * to generate a complete DSA signature out of this.
> */
> if (siglen != DSA_R_SIZE + DSA_S_SIZE)
> printf("error..");
>
> dsa_sig = DSA_SIG_new();
> if (dsa_sig == NULL)
> printf("could not create signature");
> dsa_sig->r = BN_bin2bn(sigdata, DSA_R_SIG_SIZE,
> dsa_sig->r);
> dsa_sig->s = BN_bin2bn(sigdata + DSA_R_SIG_SIZE,
> DSA_S_SIG_SIZE, dsa_sig->s);
>
> complete_sig_len = i2d_DSA_SIG(dsa_sig,
> &complete_sig);
> DSA_SIG_free(dsa_sig);
>
>
You are not calling the i2d_DSA_SIG() function properly. Read the FAQ for more
details.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
