On Thu, Oct 17, 2002 at 06:59:26PM +0200, Ibl Wolfgang wrote:
> Hello,
>
> I'm trying to verify text, which has been signed using wincrypt's
> CryptSignMessage. This function produces pkcs#7 output.
> OpenSSL outputs the message:
>
> Verification Failure
> 1992:error:2107106C:PKCS7 routines:PKCS7_signatureVerify:unable to find
> message
> digest:./crypto/pkcs7/pk7_doit.c:723:
> 1992:error:21075069:PKCS7 routines:PKCS7_verify:signature
> failure:./crypto/pkcs7
> /pk7_smime.c:256:
>
> The ASN analysis of the Pkcs#7 File results, that the message digest is
> stored under the OID:
>
> 0407 30 D: SEQUENCE {
> 0409 06 9: OBJECT IDENTIFIER
> : sha1withRSAEncryption (1 2 840 113549 1 1 5)
Fragment shown is likely part of SignerInfo.
I think sha1 object should be here. At least it is so according to
Secure Electronic Transactions specifications
> 0414 05 0: NULL
> : }
> 0416 30 D: SEQUENCE {
> 0418 06 9: OBJECT IDENTIFIER
> : rsaEncryption (1 2 840 113549 1 1 1)
> 0423 05 0: NULL
> : }
> 0425 04 80: OCTET STRING
> : 1B 24 07 E9 69 EB 0D 78 48 5E 84 08 6D F5 BF C6
> ...
> Any suggestions to bypass this problem?
>
> Thanx in advance
>
> Wolfgang
--
Naina library: http://www.unity.net/~vf/naina_r1.tgz
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
