DSA_verify(...) method FIPS compliant?

DSA_verify() is not FIPS compliant? If so, will moving to FOM 1.2.3 help? Cheers, -Chang Lee

Re: Convert ASN1_OCTET_STRING contents to ASN1 Sequence

Nice tip. I'll look into that. On Thu, Sep 22, 2011 at 4:19 AM, Frank Morgner wrote: > On Thursday, September 22 at 08:41AM, Dominik Oepen wrote: > > > > Am 21.09.2011 23:27, schrieb Chang Lee: > > > Does anyone know of a way to take an ASN1_OCTET_STRING that

Re: Convert ASN1_OCTET_STRING contents to ASN1 Sequence

ASN1_get_object() got the job done. Thanks. On Thu, Sep 22, 2011 at 1:34 PM, Dr. Stephen Henson wrote: > On Thu, Sep 22, 2011, Chang Lee wrote: > > > Thanks for the info. I'll try to get it to work using ASN1_get_object(). > > Just for my edification, was my approach

Re: Convert ASN1_OCTET_STRING contents to ASN1 Sequence

Thanks for the info. I'll try to get it to work using ASN1_get_object(). Just for my edification, was my approach using the templates and macros not a viable option? On Thu, Sep 22, 2011 at 12:22 PM, Dr. Stephen Henson wrote: > On Thu, Sep 22, 2011, Chang Lee wrote: > > > I&

Re: Convert ASN1_OCTET_STRING contents to ASN1 Sequence

ther->value.octet_string; AUTHENTICODE_CONTENT *pAuthContent = d2i_AUTHENTICODE_CONTENT(NULL, (const unsigned char**)&content->data, content->length); ... d2i_AUTHENTICODE_CONTENT(...) errors out. -Clee On Thu, Sep 22, 2011 at 10:07 AM, Dr. Ste

Re: Convert ASN1_OCTET_STRING contents to ASN1 Sequence

inik Oepen < oe...@informatik.hu-berlin.de> wrote: > Am 21.09.2011 23:27, schrieb Chang Lee: > > Does anyone know of a way to take an ASN1_OCTET_STRING that contains a > > DER encoded Sequence and extract the contents of the Sequence as an > > ASN1_STRING. Essentially,

Convert ASN1_OCTET_STRING contents to ASN1 Sequence

Does anyone know of a way to take an ASN1_OCTET_STRING that contains a DER encoded Sequence and extract the contents of the Sequence as an ASN1_STRING. Essentially, I want to construct an ASN1 object of the Sequence. I guess I could manually parse the Sequence (and deal with the different types o

Re: PKCS7_verify() implementation incomplete?

uld you agree with my conclusion or am I missing something? -Chang On Mon, Aug 15, 2011 at 2:03 PM, Dr. Stephen Henson wrote: > On Mon, Aug 15, 2011, Chang Lee wrote: > > > I appreciate the timely response. So it is as I suspected then. > > PKSC_signatureVerify() is not digesti

Re: PKCS7_verify() implementation incomplete?

etc... It just needs to be interpreted as an OCTET STRING. -Chang On Mon, Aug 15, 2011 at 12:27 PM, Dr. Stephen Henson wrote: > On Mon, Aug 15, 2011, Chang Lee wrote: > > > Has anyone been able to use PKCS7_verify(...) to verify a SignedData > > signature with authenticated

PKCS7_verify() implementation incomplete?

ibute. This implementation would be wrong. Is this a bug or do have I stayed up too long looking at this code. I'm using 0.9.8r. -Chang Lee