Verify certificate with RSA-PSS

Alexei Soloview Wed, 03 Nov 2010 06:03:17 -0700

Hello!

I have read earlier messages about support of RSA-PSS, but I'm confused.


I'm trying to verify certificate that signed using RSA-PSS. OpenSSL version
is 1.0.0a.

============================================================================
==========
    X509_STORE_CTX cert_ctx;
    X509_STORE *store = fillTrustedCertificateStore(csca);

    X509 *certificate = readCertificate(dsc);
    if (store && certificate && X509_STORE_CTX_init (&cert_ctx, store,
certificate, NULL))
    {
        int r = X509_verify_cert(&cert_ctx);
        int e = X509_STORE_CTX_get_error(&cert_ctx);

        std::cout << "r = " << r << ", e = " << e << "\n";
    }
============================================================================
==========

Output: r = 0, e = 7
7 means X509_V_ERR_CERT_SIGNATURE_FAILURE

Sample certificate I got at this page http://www.kaiser.cx/x509Pss.html

What's wrong with this code?

Sincerelly, Alexei.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Verify certificate with RSA-PSS

Reply via email to