AW: WG: OCSP response signature verification

2010-03-12 Thread Michel Pittelkow - michael-wessel . de
Done that. It now seems to work! Thank you :) S999D003:/home/ah/test # ./openssl ocsp -respin response-2.der -text OCSP Response Data: OCSP Response Status: successful (0x0) Response Type: Basic OCSP Response Version: 1 (0x0) Responder Id: C = DE, O = D-Trust GmbH, CN = D-TRUST OCS

Re: WG: OCSP response signature verification

2010-03-12 Thread Dr. Stephen Henson
On Fri, Mar 12, 2010, Michel Pittelkow - michael-wessel.de wrote: > Ah! That's exactly the point, where I tried to edit the code and recompile > it. But every time I tried to I became an error in make complaining about > [link_app.] and a false call of 'main' in _start... > > Can I just replace

AW: WG: OCSP response signature verification

2010-03-12 Thread Michel Pittelkow - michael-wessel . de
Ah! That's exactly the point, where I tried to edit the code and recompile it. But every time I tried to I became an error in make complaining about [link_app.] and a false call of 'main' in _start... Can I just replace the file and recompile openssl? Or do I have to edit something in any type

Re: WG: OCSP response signature verification

2010-03-12 Thread Dr. Stephen Henson
On Fri, Mar 12, 2010, Michel Pittelkow - michael-wessel.de wrote: > I forgot to write, which versions are used. > For the client we are using 0.9.8L. But we also tested with M. > We are not sure about the responders but we are trying to find out. > Oops, there was a bug in the print routine whic

AW: WG: OCSP response signature verification

2010-03-12 Thread Michel Pittelkow - michael-wessel . de
I forgot to write, which versions are used. For the client we are using 0.9.8L. But we also tested with M. We are not sure about the responders but we are trying to find out. Kind regards Michel Pittelkow > Hi everyone, > > we are currently trying to verify an ocsp response. > The return is "Res

RE: WG: OCSP response signature verification

2010-03-12 Thread Michel Pittelkow - michael-wessel . de
Sure! Here are the request and response files. Kind regards Michel Pittelkow > Hi everyone, > > we are currently trying to verify an ocsp response. > The return is "Response verify OK" but we need to verify the signature > algorithm of the response signature. > We tried putting the response in

Re: WG: OCSP response signature verification

2010-03-12 Thread Dr. Stephen Henson
On Fri, Mar 12, 2010, Michel Pittelkow - michael-wessel.de wrote: > Hi everyone, > > we are currently trying to verify an ocsp response. > The return is "Response verify OK" but we need to verify the signature > algorithm of the response signature. > We tried putting the response into an DER and

WG: OCSP response signature verification

2010-03-12 Thread Michel Pittelkow - michael-wessel . de
Hi everyone, we are currently trying to verify an ocsp response. The return is "Response verify OK" but we need to verify the signature algorithm of the response signature. We tried putting the response into an DER and parsing it. But still no information about the signature. There are signature