Hello,
I notice that the length for a certificate verify message produced by s_client
is always 0x80 bytes (indicated in the messgeLength field). However, according
to RFC 4346, the CertificateVerify message should be either 36 or 20 bytes,
depending on the signature algorithm. Can anyone kindly let me know why there
are 0x80 bytes?
Thanks.
Xiaoyu
struct {
Signature signature;
} CertificateVerify;
CertificateVerify.signature.md5_hash
MD5(handshake_messages);
CertificateVerify.signature.sha_hash
SHA(handshake_messages);
struct {
select (SignatureAlgorithm) {
case anonymous: struct { };
case rsa:
digitally-signed struct {
opaque md5_hash[16];
opaque sha_hash[20];
};
case dsa:
digitally-signed struct {
opaque sha_hash[20];
};
};
};
} Signature;
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
