Hi, all.
In a project I'm working now we don't want to use any X509 extensions,
basically due to binary size limitation. I've commented a lot a source
code, removing any reference to X509_EXTENSION structure.
But during server certificate validation I get a error while validating
the second certificate in the cert chain. Something get wrong while
executing hash function.
I got a error (rsa_sign.c, in RSA_verify):
RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
Call Stack:
RSA_verify(...) line 208
EVP_DigestFinal(...) line 78 + 21 bytes
EVP_VerifyFinal(...) line 90 + 20 bytes
ASN1_verify(...) line 106 + 29 bytes
X509_verify(...) line 71 + 34 bytes
internal_verify(...) line 522 + 13 bytes
Does any body knows what can be wrong? Is X509v3 really that important?
thanx,
Gleison
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
