Will somebody tell me how to add an OID and corresponding verification routine to OpenSSL version 0.9.7c to verify a SHA-256 signature. Currently I am trapping the X509_V_ERR_CERT_SIGNATURE_FAILURE and X509_V_ERR_CRL_SIGNATURE_FAILURE errors in my verify callback routine, comparing the OID in the algorithm->data section to the OID for SHA256WithRSA (1.2.840.113549.1.1.11), if it matches, computing the SHA256 hash myself and comparing it to the passed signature data using RSA_verify(). This works fine, but I know there has to be more subtle way to add the OID and hash function to OpenSSL, I just can not find any complete example or write-up anywhere. I keep finding tidbits about adding OIDs and other parts, but am not seeing how the parts all go together.
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]