Stephen,
"Stephen Henson via RT" <[EMAIL PROTECTED]> writes:
> What version of OpenSSL are you using? Since OpenSSL 0.9.7c and later
> this is present:
Hmm, I'm using what Red Hat ships, which I guess is 0.9.7a + a bunch
of patches. So I guess this means I need to push back at Red Hat.
That's unfortunate, as Red Hat is _STILL_ shipping 0.9.7a + patches
even in Fedora Core 3 and the yet-to-be-released RHEL4. I guess it's
time to talk to them, too.
> if (EVP_MD_CTX_type(mdc) == md_type)
> break;
> /* Workaround for some broken clients that put the signature
> * OID instead of the digest OID in digest_alg->algorithm
> */
> if (EVP_MD_pkey_type(EVP_MD_CTX_md(mdc)) == md_type)
> break;
> btmp=BIO_next(btmp);
>
>
> so the case you are referring to should be handled. If for some reason
> you are using a newer version of OpenSSL and still see this issue please
> send me the PKCS#7 structure OpenSSL doesn't like and I'll analyse it.
Is there a good (suggested) workaround for the older version that
doesn't have this fix? Can I, perhaps, define a new hash-type that
defines itself as sha1WithRSAEncryption? Or do you think that would
cause problems?
Thanks!
> Steve.
-derek
--
Derek Atkins 617-623-3745
[EMAIL PROTECTED] www.ihtfp.com
Computer and Internet Security Consultant
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
