Dr. Stephen Henson wrote:
Well it looks like you aren't using a debug version of OpenSSL. That would give a more meaningful backtrace.
:( Right.. I should at this point...
When you get that print out the ASN1_ITEM structure in some of the frames: that should tell you exactly which field is causing the problems.
Well, today I noticed also another strange behaviour, so I think there is something wrong with the ASN1 definitions. Yes.. I checked, I used ASN1_OBJECT for the signatureAlgorithm instead of X509_ALGOR!!! :) This fixed this problem.. now the response is generated correctly. I have another strange problem, now. Indeed when I write the PRQP_RESP out it seems to be fine, but when I read it in, it seems to misinterpret the X509_ALGOR and it does not load the attached certificate in the STACK_OF(X509) in the certs field.. but the strange thing is that it successfully load the response! I tagged the prqpSignature with [9] and the certificate stack (within that structure) with [8], here is what I get: In the server, if I print out the response I get this: -----BEGIN PRQP RESPONSE----- MIIDnTA1AgEBoAwCClblf1Uu+R7Jt98YDTA3MDkyNjE5Mjk0OVqhDxgNMDcwOTI2 MTkzNDQ5WjACAgCpggNiMIIDXjANBgkqhkiG9w0BAQUFAAOBgQDBOXlfkm6ZEVOH A15ZvGhYJs8ZFffaq7Jlt8LX6UWCTH8ThtV2tPUylfecKWOj0N/5CQ0ljw/8CafM L+Lyi05BnWDM8MMrndwhsXrT2EUyhpaarZ7fqsgZQdY6XXbrG7SIop7wfsdyypkB F/80k/1Euh96JsWnuA6E7tiOAPrPmKiCAscwggLDMIICvzCCAiigAwIBAgIJANBj wjCQ0iokMA0GCSqGSIb3DQEBBQUAMEoxFDASBgNVBAMTC1BSUVAgU2VydmVyMRQw EgYDVQQLEwtUZXN0IFNlcnZlcjEPMA0GA1UEChMGT3BlbkNBMQswCQYDVQQGEwJV UzAeFw0wNzA5MjIwMTM5NDRaFw0wNzEwMjIwMTM5NDRaMEoxFDASBgNVBAMTC1BS UVAgU2VydmVyMRQwEgYDVQQLEwtUZXN0IFNlcnZlcjEPMA0GA1UEChMGT3BlbkNB MQswCQYDVQQGEwJVUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAy3pZmBav UIhlaalKcj7PA9A3o6U2MapmDHui4ueFnDGNBQw03h/L9zPBjOa/Zsjs0IdGbeAp fIi05YKGbGP3lwthy2lvRmlu0MqNHsI3qx+jbYuhG9edxmbHgDFVm4xOCpGFqFPS 4qD3XK78kEMvmZfLbhXayTQnyXJ1KGYerzsCAwEAAaOBrDCBqTAdBgNVHQ4EFgQU 9AEnRNHZBW4p8KGWC+EwcV6pMMUwegYDVR0jBHMwcYAU9AEnRNHZBW4p8KGWC+Ew cV6pMMWhTqRMMEoxFDASBgNVBAMTC1BSUVAgU2VydmVyMRQwEgYDVQQLEwtUZXN0 IFNlcnZlcjEPMA0GA1UEChMGT3BlbkNBMQswCQYDVQQGEwJVU4IJANBjwjCQ0iok MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAMrdTIwtpzkka9n84GFWx 3TBLnJ718exB1rzSqtOE00tPyxiTn6WMWaPalvbPGq+GelJSiK0/5u9pWiq37KzK iC18vNJFj+Mn/yxqBWAuPSN5W5ONLlDsdSqmQ/DOxb0ChAZpkfEtPTFn7ApnFFBA 7MyZo0PiL/dGcOBIHrT+B5E= -----END PRQP RESPONSE----- while in the client, when I print out the response, I get only this: -----BEGIN PRQP RESPONSE----- MIHVMDYCAQGgDAIKVuV/VS75Hsm33xgNMDcwOTI2MTkyOTQ5WqEPGA0wNzA5MjYx OTM0NDlaMAMCAQCpgZowgZcwDQYJKoZIhvcNAQEFBQADgYEAwTl5X5JumRFThwNe WbxoWCbPGRX32quyZbfC1+lFgkx/E4bVdrT1MpX3nCljo9Df+QkNJY8P/AmnzC/i 8otOQZ1gzPDDK53cIbF609hFMoaWmq2e36rIGUHWOl126xu0iKKe8H7HcsqZARf/ NJP9RLofeibFp7gOhO7YjgD6z5ioAjAA -----END PRQP RESPONSE----- MMm... another error in the ASN1 definition ? Any idea ? Later, Max -- Best Regards, Massimiliano Pala --o------------------------------------------------------------------------ Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED] [EMAIL PROTECTED] Dartmouth Computer Science Dept Home Phone: +1 (603) 397-3883 PKI/Trust - Office 063 Work Phone: +1 (603) 646-9179 --o------------------------------------------------------------------------
smime.p7s
Description: S/MIME Cryptographic Signature