Sorry, I didn't get my brain last friday. I was thinking the length
enforcement concerns the public key, whereas it concerns the
signature... stupid.
Indeed, in the streaming format I'm using, signature is stored on a
fixed size field which is equal to DSA_size().
padding with \x00 is used to complete the signature, and unfortunately,
the real signature length was not stored, thinking it was redundant with
the information stored in the ASN1 format.
Thank you for helping me to point this flaw.
arnaud
Le 16/01/2015 23:42, Dr. Stephen Henson a écrit :
On Fri, Jan 16, 2015, arnaud.moui...@invoxia.com wrote:
If you want to know about the signature, it was generating by signing the hash
result
Do you have a code snippet of how you are generating the signature? That is
the code which calls DSA_sign()?
I can think of one way that could be wrong. If you are using DSA_size(key) as
the signature length instead of the length returned by DSA_sign() that will
fail under some circumstances. That's because DSA_size() returns the
maximum length of the signature whereas DSA_sign() returns the actual
length which may be less. I
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
