Hi Maillist I met a problem while porting openssl from Linux PC to mips64 platform, the openssl version is 0.9.7i
I use openssl to verify a signature(x509), openssl prompt the error info *unhandled critical extension* on mips64 platform But this operation was ok on Linux Pc, I think this may caused by some compile problem, but I havn't any clue, is there any patch I need add, any specail complie option, or flag Is there anyone can give some suggestion about this problem, thanks a lot the detail info is below I use xmlsec lib's cmd-line application like following way, I'm not clear what's *unhandled critical extension *mean, can you give me some info about this, ** # ./xmlsec1 --verify --id-attr:Id LicenceData --store-signatures --enable-visa3d-hack --trusted-pem root.crt --X509-skip-strict-checks D0185601.XML func=xmlSecOpenSSLX509StoreVerify:file= x509vfy.c:line=360:obj=x509-store:subj=X509_verify_cert:error=4:cryptolibrary function failed:subj=/C=FI/O=Nokia/CN=Nokia NET Licence Generator ILG;err=34;msg=*unhandled critical extension* func=xmlSecOpenSSLX509StoreVerify:file= x509vfy.c:line=408:obj=x509-store:subj=unknown:error=71:certificateverification failed:err=34;msg=unhandled critical extension func=xmlSecKeysMngrGetKey:file= keys.c:line=1364:obj=unknown:subj=xmlSecKeysMngrFindKey:error=1:xmlseclibrary function failed: func=xmlSecDSigCtxProcessKeyInfoNode:file= xmldsig.c:line=871:obj=unknown:subj=unknown:error=45:key is not found: func=xmlSecDSigCtxProcessSignatureNode:file= xmldsig.c:line=565:obj=unknown:subj=xmlSecDSigCtxProcessKeyInfoNode:error=1:xmlseclibrary function failed: func=xmlSecDSigCtxVerify:file= xmldsig.c:line=366:obj=unknown:subj=xmlSecDSigCtxSigantureProcessNode:error=1:xmlseclibrary function failed: Error: signature failed ERROR SignedInfo References (ok/all): 1/1 Manifests References (ok/all): 0/0 = VERIFICATION CONTEXT == Status: unknown == flags: 0x00000018 == flags2: 0x00000000 == Id: "licRAN1001LK-pkisig-1" == Key Info Read Ctx: = KEY INFO READ CONTEXT == flags: 0x00004000 == flags2: 0x00000000 == enabled key data: all == RetrievalMethod level (cur/max): 0/1 == TRANSFORMS CTX (status=0) == flags: 0x00000000 == flags2: 0x00000000 == enabled transforms: all === uri: NULL === uri xpointer expr: NULL == EncryptedKey level (cur/max): 0/1 === KeyReq: ==== keyId: rsa ==== keyType: 0x00000001 ==== keyUsage: 0x00000002 ==== keyBitsSize: 0 === list size: 0 == Key Info Write Ctx: = KEY INFO WRITE CONTEXT == flags: 0x00000000 == flags2: 0x00000000 == enabled key data: all == RetrievalMethod level (cur/max): 0/1 == TRANSFORMS CTX (status=0) == flags: 0x00000000 == flags2: 0x00000000 == enabled transforms: all === uri: NULL === uri xpointer expr: NULL == EncryptedKey level (cur/max): 0/1 === KeyReq: ==== keyId: NULL ==== keyType: 0x00000001 ==== keyUsage: 0xffffffff ==== keyBitsSize: 0 === list size: 0 == Signature Transform Ctx: == TRANSFORMS CTX (status=0) == flags: 0x00000000 == flags2: 0x00000000 == enabled transforms: all === uri: NULL === uri xpointer expr: NULL === Transform: c14n-with-comments (href= http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments) === Transform: membuf-transform (href=NULL) === Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1) == Signature Method: === Transform: rsa-sha1 (href=http://www.w3.org/2000/09/xmldsig#rsa-sha1) == SignedInfo References List: === list size: 1 = REFERENCE VERIFICATION CONTEXT == Status: succeeded == URI: "#licRAN1001LK" == Reference Transform Ctx: == TRANSFORMS CTX (status=2) == flags: 0x00000001 == flags2: 0x00000000 == enabled transforms: all === uri: === uri xpointer expr: #licRAN1001LK === Transform: Visa3DHackTransform (href=NULL) === Transform: c14n-with-comments (href= http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments) === Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1) === Transform: membuf-transform (href=NULL) == Digest Method: === Transform: sha1 (href=http://www.w3.org/2000/09/xmldsig#sha1) == Manifest References List: === list size: 0 Error: failed to verify file "D0185601.XML" ** **
