On Thu, Apr 16, 2009, ThanhTrung Do wrote: > > Dear All, > > I run into a problem with MS CAPI and OpenSSL, googled a lot and found some > information about endianness, tried but got no luck. > > I'm writing a mini-driver for a smartcard, my card does not support key > generation, so I have to import keys from Private Key Blobs sent by CAPI. > > In CardSignData function (the routine in my driver), I have to sign a 20-byte > buffer (passed in little-endian format) and sent back the signed data to > CAPI. > > My OpenSSL code works properly, I can extract puclic/private keys from > Private Key Blobs, then signing & verifying works perfectly with my extracted > keys (EVP_PKEY). I use EVP_xxx API for signing/verifying. > > But when I sent back signed data to CAPI, it reported: "Unexpected error". I > tried a couple ways to reverse byte-order, but got no lucks: > + Reverse input buffer, do signing, send signed buffer back > + Reverse input buffer, do signing, reverse signed buffer, send it back > + Do not reverse input buffer, do signing, send signed buffer back > > Can anyone give me some ideas on this issues? >
Seems like you've missed the one that should work ;-) Do no reverse input buffer, do signing, reverse signed buffer, send it back. That assumes and RSA key. For a DSA key things are more complex. There is a CryptoAPI ENGINE for OpenSSL (engines/e_capi.c) which includes examples of all this stuff. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org