[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Réf. : RE: Verify




Bob,

>I do not understand your question.  What file.  This combination cannot be
>used with verify, it is a Diffie-Hellmann encryption certificate.  A better
>choice, if you have no preference is to use one of the DSA logins (I do not
>demonstrate any DSA logins in this manner).  The before-mentioned RSA
>certificate will work.  The following file combination will also work:
With "ElmerDsa.out ElmerDsaX_8.dat ElmoRocks", the file
.\test\specMatrix.d\CMS_Examples.d\11.4.bin
seems to be verified, as the following shows :

****************************
CSM_MsgToVerify::ReportMsgData(ostream &os)
CSM_MsgSignerInfos::ReportMsgData(ostream &os)
  Number 1 signer info WAS VERIFIED.
    CSM_MsgSignerInfo::ReportMsgData(ostream &os)
      CSM_RecipientIdentifier::Report(IssuerAndSerialNumber)
      Issuer = C=US@O=US Government@OU=VDA Site@CN=CarlCA
      Serial Number = 5c010192
      digestAlgorithm OID=1.3.14.3.2.26
      signatureAlgorithm OID=1.2.840.10040.4.1
    Signed Attributes: #### CSM_MsgAttributes::Report(ostream &os)
      ####################  ATTRIBUTE (1, 1) ::::
      contentType=1.2.840.113549.1.7.1
      ####################  ATTRIBUTE (1, 2) ::::
      messageDigest=406affffffec85279ffffffba6e1622dffffff9e629ffffffc022ffffff9
6ffffff87ffffffdd48 HEX
      ####################  ATTRIBUTE (1, 3) ::::
      securityLabel=
        security_policy_identifier=1.2.3.4.5.6.7.8
        security_classification=1
        pMark=THIS IS A PRIVACY MARK TEST
        security_categories=type=1.2.3.4.5.6.7.888
          1325424f422054484953204953204120544553542053454355524954592d4341544547
4f52592e HEX
      ####################  ATTRIBUTE (1, 4) ::::
      equivalentLabels=
        Label=
          security_policy_identifier=1.2.3.4.5.6.7.8
        security_classification=1
          pMark=BOB THIS IS A PRIVACY MARK TEST
        security_categories=type=1.2.3.4.5.6.7.888
          1325424f422054484953204953204120544553542053454355524954592d4341544547
4f52592e HEX
        Label=
          security_policy_identifier=1.2.3.4.5.6.7.9
        security_classification=1
          pMark=BOB THIS IS A SECOND PRIVACY MARK TEST
        security_categories=type=1.2.3.4.5.6.7.888
          1325424f422054484953204953204120544553542053454355524954592d4341544547
4f52592e HEX
****************************

Do you think it's correct ?

On the other side, with "DSAFreeGroup1User2.out dsaFreeGroup1_User2X_8.dat
ElmoRocks",
the file you send isn't verified :(

****************************
CSM_MsgToVerify::ReportMsgData(ostream &os)
CSM_MsgSignerInfos::ReportMsgData(ostream &os)
  No SignerInfos were present or verified.
****************************

Am I still wrong ?

>An alternative example for using the CSM_MsgToVerify class exists in a
>utility we do not presently deliver in the SFL release:  report_tool.  This
>utility will take any command line listed file, address book, login config
>file (our existing file will work fine, I can create 1 for you specifically
>for the free3 CTIL) and dump the SignedData, verify the result and report
>its findings.  The login is the only config file used.  You are welcome to
>this source code and project if you are interested (it has not been tested
>on Unix, but should build easily).
Thanks, please send me the package privately, since it may be too big for the
list.

Regards.