[openssl-users] i2d_X509_SIG() in FIPS mode
gayathri.annur at gmail.com
Thu Feb 5 08:43:18 UTC 2015
Tried with above method and its not worked. Please let me know is it
possible to use NID_md5WithRSAEncryption, NID_md5 in fips mode.
On Wed, Feb 4, 2015 at 8:56 PM, Dr. Stephen Henson <steve at openssl.org>
> On Tue, Feb 03, 2015, Gayathri Manoj wrote:
> > Hi Steve, Viktor,
> > I have tried with len also, But this also causing seg fault.
> > my requiremnt is to store max 2048 bit keys. Hence I used length as
> > +1.
> > currently i ma getting len value = 28514.
> > X509_SIG sig;
> > X509_ALGOR algor;
> > ASN1_OCTET_STRING digest;
> > ASN1_TYPE parameter;
> > ASN1_item_digest() // to get digest details
> > sig.algor = &algor;
> > sig.algor->algorithm=OBJ_nid2obj(NID_md5);
> > parameter.type=V_ASN1_NULL;
> > parameter.value.ptr=NULL;
> > sig.algor->parameter = ¶meter;
> > sig.digest = &digest;
> > sig.digest->data=(unsigned char*)msg;
> > sig.digest->length=datalen;
> > len = i2d_X509_SIG(&sig,NULL);
> You should only use a pointer to an ASN.1 structure and not the actual
> structure itself because you can end up with various fields taking odd
> uninitialised values (I suspect the fact you haven't initialised "flags" is
> at least one problem here. A complete set of accessor functions
> doesn't currently exist for X509_SIG so you have to access some internals.
> In outline something like this:
> X509_SIG *sig = X509_SIG_new();
> X509_ALGOR_set0(sig->algor, OBJ_nid2obj(nid), V_ASN1_NULL, NULL);
> ASN1_STRING_set(sig->digest, digest, digestlen);
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users