On 8/22/06, David Stutzman <[EMAIL PROTECTED]> wrote:
We are trying to verify a DSA signature that was generated outside of NSS using NSS methods. It consists solely of the r+s elements put together. It seems that an NSS signature is ASN.1 encoded so if we pass the bare signature in we are getting SEC_ERROR_BAD_DER (-8183). I assume this is because it tries to decode the data we pass in but since it isn't encoded it gets an error. Ultimately we'd like to be able to go both ways and export a signature that is compatible with the outside method (bare r+s) as well as importing. Can you provide any insight on this?
I guess you are using VFY_VerifyDigest or some other VFY_ function. You can use PK11_Verify to verify a bare r+s DSA signature. Just put the signature in a SECItem of 40 bytes, with the first 20 bytes holding r and the second 20 bytes holding s. You can use the code in ssl3_VerifySignedHashes as an example: http://lxr.mozilla.org/security/ident?i=ssl3_VerifySignedHashes Look in particular at how it checks the isTLS boolean to determine if the input DSA signature is ASN.1 encoded. -- Anyang Ren Open source developer _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
