> Some smartcards receive the data and put them in > a PKCS#1 structure before signing them (but they > put the Sha1 Identifier in the > DigestAlgorithmIdentifier field). > This signatures are well verified by Open-SSL > if I put them into a signed PKCS#7 and push a > Sha1 algorithm identifier into the algorithms > stack. > Some others smartcards simply encrypt with the private key > what you thell them to sign. > I can't verify these signatures with Open-SSL. I've done a little routine that builds up the PKCS#1 signature and converts it to der, then pass this data to the PKCS11 C_Sign function. Open-SSL verify is ok. But the only way I have to distinguish between Smartcards that build a PKCS1 structure before signing it is the PKCS11 dll name.... i don't ike it too much. Other ideas? Now the main problem is: > How can i verify smartcard signatures with algorithms other than Sha1? (for smartcards that build themself the PKCS1 signature structure, off course) ??? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]