Hello Scott, Yes, I have the windows crypto library code. I have checked there for the private key used for signing. But I didn't get any hadrcoded key there. The only 2 hardcoded key I found there are g_lpRandomKey and g_lpSessionKey, where g_lpRandomKey is used for blowfish encryption of private key and g_lpSessionKey is not used at all. Please let me know, if you find any other.
Thanks, Minal ----- Original Message ----- From: "Scott C. Best" <[EMAIL PROTECTED]> To: "Minal Amle" <[EMAIL PROTECTED]> Cc: "Kaboodle-devel" <[EMAIL PROTECTED]>; "Varsha Kadam" <[EMAIL PROTECTED]>; "Sonia Soman" <[EMAIL PROTECTED]> Sent: Tuesday, February 11, 2003 11:24 AM Subject: Re: [Kaboodle-devel] Verification error > > Well, yeah. I would imagine you'd need that. :) You have > the code for the windows platform, don't you? That's where I'm > going to go look for it. > > -Scott > > On Tue, 4 Feb 2003, Minal Amle wrote: > > > Hello Scott, > > > > My MD5 results in perl are according to standard RFC. I think there is some > > mismatch with the keys used for signing and verfication. > > In kaboodle a hardcoded public key is used for verification. I am not able > > to find out its correspoding private key that is being used for signing. Can > > you please send me that server's private key? > > > > Thanks and Regards, > > Minal > > -----Original Message----- > > From: Scott C. Best <[EMAIL PROTECTED]> > > To: Minal Amle <[EMAIL PROTECTED]> > > Cc: Kaboodle-devel <[EMAIL PROTECTED]>; Varsha Kadam > > <[EMAIL PROTECTED]>; Sonia Soman <[EMAIL PROTECTED]> > > Date: Monday, February 10, 2003 10:05 PM > > Subject: Re: [Kaboodle-devel] Verification error > > > > > > >Minal: > > > Hmm. First, I'd check the validity of the two algorithms. > > >So I'd have the old Windows API MD5 something, and compare that > > >hash with the output of the new Perl MD5. The result should be > > >exact, of course. After that, I'd do the same for the RSA key: > > >sign the same file with the two systems and compare the outputs. > > > > > > I'm hopeful that this is just an EOL marker or something. > > > > > >-Scott > > > > > >On Tue, 4 Feb 2003, Minal Amle wrote: > > > > > >> Hello Scott, > > >> > > >> While testing the Partnership file and Registration file compatibility > > with kaboodle, I am facing some problem with the signature verfication of > > the files. > > >> I am trying to find out the reason, why is it failing at the time of > > verification, though we have used the similar algorithms (i.e. RSA for > > signing-verification and MD5 for hashing ) at both the ends. Previously we > > were using similar windows crypto API at both the ends (kaboodle and > > website). And now we have perl crypto module at website end and windows > > crypto API at kaboodle end. But this should not make any difference. > > >> Any suggestions? > > >> > > >> Regadrs, > > >> Minal Amle > > >> Software Engineer > > >> OAS Information Systems Pvt. Ltd. > > >> #2, Symphony-C, Range Hills Road, > > >> Pune 411020 > > >> Tel: +91 20 5520311 > > >> Fax: +91 20 5520312 > > >> Email: [EMAIL PROTECTED] > > >> http://www.oas.co.in > > >> > > > > > > > > > > > >------------------------------------------------------- > > >This SF.NET email is sponsored by: > > >SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! > > >http://www.vasoftware.com > > >_______________________________________________ > > >Kaboodle-devel mailing list > > >[EMAIL PROTECTED] > > >https://lists.sourceforge.net/lists/listinfo/kaboodle-devel > > > > > > > > > ------------------------------------------------------- This SF.NET email is sponsored by: SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See! http://www.vasoftware.com _______________________________________________ Kaboodle-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/kaboodle-devel
