Dr. Stephen Henson wrote:
Well it looks like you aren't using a debug version of OpenSSL. That would give a more meaningful backtrace.
:( Right.. I should at this point...
When you get that print out the ASN1_ITEM structure in some of the frames: that should tell you exactly which field is causing the problems.
Well, today I noticed also another strange behaviour, so I think there is
something wrong with the ASN1 definitions.
Yes.. I checked, I used ASN1_OBJECT for the signatureAlgorithm instead of
X509_ALGOR!!! :) This fixed this problem.. now the response is generated
correctly.
I have another strange problem, now. Indeed when I write the PRQP_RESP
out it seems to be fine, but when I read it in, it seems to misinterpret the
X509_ALGOR and it does not load the attached certificate in the STACK_OF(X509)
in the certs field.. but the strange thing is that it successfully load the
response! I tagged the prqpSignature with [9] and the certificate stack (within
that structure) with [8], here is what I get:
In the server, if I print out the response I get this:
-----BEGIN PRQP RESPONSE-----
MIIDnTA1AgEBoAwCClblf1Uu+R7Jt98YDTA3MDkyNjE5Mjk0OVqhDxgNMDcwOTI2
MTkzNDQ5WjACAgCpggNiMIIDXjANBgkqhkiG9w0BAQUFAAOBgQDBOXlfkm6ZEVOH
A15ZvGhYJs8ZFffaq7Jlt8LX6UWCTH8ThtV2tPUylfecKWOj0N/5CQ0ljw/8CafM
L+Lyi05BnWDM8MMrndwhsXrT2EUyhpaarZ7fqsgZQdY6XXbrG7SIop7wfsdyypkB
F/80k/1Euh96JsWnuA6E7tiOAPrPmKiCAscwggLDMIICvzCCAiigAwIBAgIJANBj
wjCQ0iokMA0GCSqGSIb3DQEBBQUAMEoxFDASBgNVBAMTC1BSUVAgU2VydmVyMRQw
EgYDVQQLEwtUZXN0IFNlcnZlcjEPMA0GA1UEChMGT3BlbkNBMQswCQYDVQQGEwJV
UzAeFw0wNzA5MjIwMTM5NDRaFw0wNzEwMjIwMTM5NDRaMEoxFDASBgNVBAMTC1BS
UVAgU2VydmVyMRQwEgYDVQQLEwtUZXN0IFNlcnZlcjEPMA0GA1UEChMGT3BlbkNB
MQswCQYDVQQGEwJVUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAy3pZmBav
UIhlaalKcj7PA9A3o6U2MapmDHui4ueFnDGNBQw03h/L9zPBjOa/Zsjs0IdGbeAp
fIi05YKGbGP3lwthy2lvRmlu0MqNHsI3qx+jbYuhG9edxmbHgDFVm4xOCpGFqFPS
4qD3XK78kEMvmZfLbhXayTQnyXJ1KGYerzsCAwEAAaOBrDCBqTAdBgNVHQ4EFgQU
9AEnRNHZBW4p8KGWC+EwcV6pMMUwegYDVR0jBHMwcYAU9AEnRNHZBW4p8KGWC+Ew
cV6pMMWhTqRMMEoxFDASBgNVBAMTC1BSUVAgU2VydmVyMRQwEgYDVQQLEwtUZXN0
IFNlcnZlcjEPMA0GA1UEChMGT3BlbkNBMQswCQYDVQQGEwJVU4IJANBjwjCQ0iok
MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAMrdTIwtpzkka9n84GFWx
3TBLnJ718exB1rzSqtOE00tPyxiTn6WMWaPalvbPGq+GelJSiK0/5u9pWiq37KzK
iC18vNJFj+Mn/yxqBWAuPSN5W5ONLlDsdSqmQ/DOxb0ChAZpkfEtPTFn7ApnFFBA
7MyZo0PiL/dGcOBIHrT+B5E=
-----END PRQP RESPONSE-----
while in the client, when I print out the response, I get only
this:
-----BEGIN PRQP RESPONSE-----
MIHVMDYCAQGgDAIKVuV/VS75Hsm33xgNMDcwOTI2MTkyOTQ5WqEPGA0wNzA5MjYx
OTM0NDlaMAMCAQCpgZowgZcwDQYJKoZIhvcNAQEFBQADgYEAwTl5X5JumRFThwNe
WbxoWCbPGRX32quyZbfC1+lFgkx/E4bVdrT1MpX3nCljo9Df+QkNJY8P/AmnzC/i
8otOQZ1gzPDDK53cIbF609hFMoaWmq2e36rIGUHWOl126xu0iKKe8H7HcsqZARf/
NJP9RLofeibFp7gOhO7YjgD6z5ioAjAA
-----END PRQP RESPONSE-----
MMm... another error in the ASN1 definition ? Any idea ?
Later,
Max
--
Best Regards,
Massimiliano Pala
--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
[EMAIL PROTECTED]
Dartmouth Computer Science Dept Home Phone: +1 (603) 397-3883
PKI/Trust - Office 063 Work Phone: +1 (603) 646-9179
--o------------------------------------------------------------------------
smime.p7s
Description: S/MIME Cryptographic Signature
