The PGP/GPG signature is for the ZIP file, not the DLL. The DLL is signed
separately with a code-signing certificate. You can verify the DLL signature
if you right click it, select "properties", then select "digital
signatures".
-----Original Message-----
From: Joe12
Sent: Wednesday, December 08, 2010 5:26 PM
To: [email protected]
Subject: FIPS DLL - error message when trying to verify integrity
I've tried to verify the pgp signature of the the FIPS DLL 5.3.0 but I got
an
error message: gpg: BAD signature from "Wei Dai (Crypto++ Code Signing Key)
<[email protected]>"
I've followed the process mentioned in section 2.1.2 - Verifying Integrity
in the Crypto Officer guide.
I've used the gpg which is part of GnuPG 1.4.11- this is the latest version
of Gun Privacy Assistant in gnugp.org website. I couldn't find Privacy Guard
Version 1.06.
Here is the complete process that I followed
gpg --import pubkey.asc
gpg: key 04549843: public key "Wei Dai (Crypto++ Code Signing Key)
<crypt...@wei
dai.com>" imported
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
gpg cryptopp530win32win64.zip.sig
Detached signature.
Please enter name of data file: cryptopp.dll
gpg: Signature made 08/15/07 13:08:45 using RSA key ID 04549843
gpg: BAD signature from "Wei Dai (Crypto++ Code Signing Key)
<[email protected]
m>"
--
View this message in context:
http://old.nabble.com/FIPS-DLL---error-message-when-trying-to-verify-integrity-tp30411986p30411986.html
Sent from the Crypto++ Users mailing list archive at Nabble.com.
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to
[email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
