DSA signing and verification - Openssl

This is a discussion on DSA signing and verification - Openssl ; Hi all, I am trying to use DSA_sign and DSA_verify functions to generate a signature and verify it. If I do this in the same file, that is signing and then verifying using the public key, things go on smoothly. ...

+ Reply to Thread
Results 1 to 14 of 14

Thread: DSA signing and verification

  1. DSA signing and verification

    Hi all,

    I am trying to use DSA_sign and DSA_verify functions to generate a signature
    and verify it. If I do this in the same file, that is signing and then
    verifying using the public key, things go on smoothly. However, if I try to
    save the DSA structure, that is by saving each of the values other than the
    private key, which I can later restore and use as a public key to verify the
    signature, the verification fails.

    How can I generate a signature at one place (say the client) and verify it
    on another process (say a server)? Essentially how can I save the public key
    counterpart of the private key that was used to sign in the first place.

    Thanks for the help


  2. Re: DSA signing and verification


    Hi Siddhartha:

    It's never a problem, but the procedure is as follows:

    1.- You sign with private key and certificate connected with that key
    2.- If you then encrypt, you encrypt with the certificate of your
    counterpart or recepient

    When the recepient gets the encrypted block of data, he decrypts with his
    private key and certificate associated with it.

    To verify signature, the recepient only needs YOUR public key but using the
    -noverify option of the openssl smime -verify, to avoid testing the your
    certificate against the certificate authority. If you provide both your
    certificate and the certificate authority cert, then the recepient can avoid
    the -noverify switch and give the -CA instead. It's always good practice to
    provide both your cert and the ca cert who signed your cert.

    Hope this helps.



    Siddhartha Chhabra wrote:
    >
    > Hi all,
    >
    > I am trying to use DSA_sign and DSA_verify functions to generate a
    > signature
    > and verify it. If I do this in the same file, that is signing and then
    > verifying using the public key, things go on smoothly. However, if I try
    > to
    > save the DSA structure, that is by saving each of the values other than
    > the
    > private key, which I can later restore and use as a public key to verify
    > the
    > signature, the verification fails.
    >
    > How can I generate a signature at one place (say the client) and verify it
    > on another process (say a server)? Essentially how can I save the public
    > key
    > counterpart of the private key that was used to sign in the first place.
    >
    > Thanks for the help
    >
    >


    --
    View this message in context: http://www.nabble.com/DSA-signing-an...p18039268.html
    Sent from the OpenSSL - User mailing list archive at Nabble.com.

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  3. RE: DSA signing and verification

    I had a similar problem. I found I had to define my own macros for this
    as they were not in the OpenSSL set.



    #define PEM_write_DSAPublicKey(fp,x) \

    PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\

    PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)



    #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \

    (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char
    **)x,cb,u)





    /* Then to save the public key to a file referenced by fptr */



    DSA *dsa_E=NULL;



    /* Generate your DSA key somewhere in here */



    i = PEM_write_DSAPublicKey(fptr, dsa_E );



    /* Transfer the public key file to the remote */

    /* where the remote does the following assuming that fptr references
    the public key file */



    dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );





    Bill

    ________________________________

    From: owner-openssl-users@openssl.org
    [mailtowner-openssl-users@openssl.org] On Behalf Of Siddhartha Chhabra
    Sent: June 20, 2008 7:37 PM
    To: openssl-users@openssl.org
    Subject: DSA signing and verification



    Hi all,

    I am trying to use DSA_sign and DSA_verify functions to generate a
    signature and verify it. If I do this in the same file, that is signing
    and then verifying using the public key, things go on smoothly. However,
    if I try to save the DSA structure, that is by saving each of the values
    other than the private key, which I can later restore and use as a
    public key to verify the signature, the verification fails.

    How can I generate a signature at one place (say the client) and verify
    it on another process (say a server)? Essentially how can I save the
    public key counterpart of the private key that was used to sign in the
    first place.

    Thanks for the help





  4. Re: DSA signing and verification

    Thanks for your quick replies, however, I did not understand it clearly, I
    am very new to OpenSSL

    Here is what I am doing in my code

    dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    DSA_generate_key(dsa)

    Now I have the keys generated. Now if I say
    SHA1(sigbuf,11,dgst);
    //Generate a signature

    if (1 == DSA_sign(0, dgst, sizeof(dgst), signature, &siglen, dsa))
    {
    printf("Succeeded\n");
    }


    if( 1 == DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    {
    printf("Succeeded\n");
    }


    This works fine. But When I try to save everything in structure dsa to
    another structure dsa2, barring the private key, to use it at the server for
    verification, it fails. I am developing a prototype which has exactly these
    requirements, I do not want the public key to be signed by a CA, just a
    client signing data X and the server be able to verify it.

    Can you please say whats wrong with the above code?

    Thanks a ton
    On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    wrote:

    > I had a similar problem. I found I had to define my own macros for this
    > as they were not in the OpenSSL set.
    >
    >
    >
    > #define PEM_write_DSAPublicKey(fp,x) \
    >
    > PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\
    >
    > PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
    >
    >
    >
    > #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
    >
    > (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char **)x,cb,u)
    >
    >
    >
    >
    >
    > /* Then to save the public key to a file referenced by fptr */
    >
    >
    >
    > DSA *dsa_E=NULL;
    >
    >
    >
    > /* Generate your DSA key somewhere in here */
    >
    >
    >
    > i = PEM_write_DSAPublicKey(fptr, dsa_E );
    >
    >
    >
    > /* Transfer the public key file to the remote */
    >
    > /* where the remote does the following assuming that fptr references the
    > public key file */
    >
    >
    >
    > dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );
    >
    >
    >
    >
    >
    > Bill
    > ------------------------------
    >
    > *From:* owner-openssl-users@openssl.org [mailto:
    > owner-openssl-users@openssl.org] *On Behalf Of *Siddhartha Chhabra
    > *Sent:* June 20, 2008 7:37 PM
    > *To:* openssl-users@openssl.org
    > *Subject:* DSA signing and verification
    >
    >
    >
    > Hi all,
    >
    > I am trying to use DSA_sign and DSA_verify functions to generate a
    > signature and verify it. If I do this in the same file, that is signing and
    > then verifying using the public key, things go on smoothly. However, if I
    > try to save the DSA structure, that is by saving each of the values other
    > than the private key, which I can later restore and use as a public key to
    > verify the signature, the verification fails.
    >
    > How can I generate a signature at one place (say the client) and verify it
    > on another process (say a server)? Essentially how can I save the public key
    > counterpart of the private key that was used to sign in the first place.
    >
    > Thanks for the help
    >
    >



  5. Re: DSA signing and verification

    I will try the method that Bill just mentioned and hope that it works,
    Thanks again, but I would still like to know the problem with the way I am
    trying to do stuff.

    Thanks

    On Fri, Jun 20, 2008 at 4:58 PM, Siddhartha Chhabra <
    siddhartha.chhabra@gmail.com> wrote:

    > Thanks for your quick replies, however, I did not understand it clearly, I
    > am very new to OpenSSL
    >
    > Here is what I am doing in my code
    >
    > dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    > DSA_generate_key(dsa)
    >
    > Now I have the keys generated. Now if I say
    > SHA1(sigbuf,11,dgst);
    > //Generate a signature
    >
    > if (1 == DSA_sign(0, dgst, sizeof(dgst), signature, &siglen, dsa))
    > {
    > printf("Succeeded\n");
    > }
    >
    >
    > if( 1 == DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    > {
    > printf("Succeeded\n");
    > }
    >
    >
    > This works fine. But When I try to save everything in structure dsa to
    > another structure dsa2, barring the private key, to use it at the server for
    > verification, it fails. I am developing a prototype which has exactly these
    > requirements, I do not want the public key to be signed by a CA, just a
    > client signing data X and the server be able to verify it.
    >
    > Can you please say whats wrong with the above code?
    >
    > Thanks a ton
    >
    > On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    > wrote:
    >
    >> I had a similar problem. I found I had to define my own macros for this
    >> as they were not in the OpenSSL set.
    >>
    >>
    >>
    >> #define PEM_write_DSAPublicKey(fp,x) \
    >>
    >> PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\
    >>
    >> PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
    >>
    >>
    >>
    >> #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
    >>
    >> (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char
    >> **)x,cb,u)
    >>
    >>
    >>
    >>
    >>
    >> /* Then to save the public key to a file referenced by fptr */
    >>
    >>
    >>
    >> DSA *dsa_E=NULL;
    >>
    >>
    >>
    >> /* Generate your DSA key somewhere in here */
    >>
    >>
    >>
    >> i = PEM_write_DSAPublicKey(fptr, dsa_E );
    >>
    >>
    >>
    >> /* Transfer the public key file to the remote */
    >>
    >> /* where the remote does the following assuming that fptr references the
    >> public key file */
    >>
    >>
    >>
    >> dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );
    >>
    >>
    >>
    >>
    >>
    >> Bill
    >> ------------------------------
    >>
    >> *From:* owner-openssl-users@openssl.org [mailto:
    >> owner-openssl-users@openssl.org] *On Behalf Of *Siddhartha Chhabra
    >> *Sent:* June 20, 2008 7:37 PM
    >> *To:* openssl-users@openssl.org
    >> *Subject:* DSA signing and verification
    >>
    >>
    >>
    >> Hi all,
    >>
    >> I am trying to use DSA_sign and DSA_verify functions to generate a
    >> signature and verify it. If I do this in the same file, that is signing and
    >> then verifying using the public key, things go on smoothly. However, if I
    >> try to save the DSA structure, that is by saving each of the values other
    >> than the private key, which I can later restore and use as a public key to
    >> verify the signature, the verification fails.
    >>
    >> How can I generate a signature at one place (say the client) and verify it
    >> on another process (say a server)? Essentially how can I save the public key
    >> counterpart of the private key that was used to sign in the first place.
    >>
    >> Thanks for the help
    >>
    >>

    >



  6. Re: DSA signing and verification

    On trying the macros, it gives the following errors

    c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(201) :
    error C2664: 'PEM_ASN1_write' : cannot convert parameter 1 from 'int
    (__cdecl *)(void)' to 'i2d_of_void (__cdecl *)'
    This conversion requires a reinterpret_cast, a C-style cast or
    function-style cast
    c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(264) :
    error C2664: 'PEM_ASN1_read' : cannot convert parameter 1 from 'char
    *(__cdecl *)(void)' to 'd2i_of_void (__cdecl *)'
    This conversion requires a reinterpret_cast, a C-style cast or
    function-style cast

    I believe its more of a coding problem now, to typecast the pointers
    properly rather than anything else, but still I am wondering if you faced
    the same issues or not ?


    On Fri, Jun 20, 2008 at 5:00 PM, Siddhartha Chhabra <
    siddhartha.chhabra@gmail.com> wrote:

    > I will try the method that Bill just mentioned and hope that it works,
    > Thanks again, but I would still like to know the problem with the way I am
    > trying to do stuff.
    >
    > Thanks
    >
    > On Fri, Jun 20, 2008 at 4:58 PM, Siddhartha Chhabra <
    > siddhartha.chhabra@gmail.com> wrote:
    >
    >> Thanks for your quick replies, however, I did not understand it clearly, I
    >> am very new to OpenSSL
    >>
    >> Here is what I am doing in my code
    >>
    >> dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    >> DSA_generate_key(dsa)
    >>
    >> Now I have the keys generated. Now if I say
    >> SHA1(sigbuf,11,dgst);
    >> //Generate a signature
    >>
    >> if (1 == DSA_sign(0, dgst, sizeof(dgst), signature, &siglen, dsa))
    >> {
    >> printf("Succeeded\n");
    >> }
    >>
    >>
    >> if( 1 == DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    >> {
    >> printf("Succeeded\n");
    >> }
    >>
    >>
    >> This works fine. But When I try to save everything in structure dsa to
    >> another structure dsa2, barring the private key, to use it at the server for
    >> verification, it fails. I am developing a prototype which has exactly these
    >> requirements, I do not want the public key to be signed by a CA, just a
    >> client signing data X and the server be able to verify it.
    >>
    >> Can you please say whats wrong with the above code?
    >>
    >> Thanks a ton
    >>
    >> On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    >> wrote:
    >>
    >>> I had a similar problem. I found I had to define my own macros for
    >>> this as they were not in the OpenSSL set.
    >>>
    >>>
    >>>
    >>> #define PEM_write_DSAPublicKey(fp,x) \
    >>>
    >>> PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\
    >>>
    >>> PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
    >>>
    >>>
    >>>
    >>> #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
    >>>
    >>> (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char
    >>> **)x,cb,u)
    >>>
    >>>
    >>>
    >>>
    >>>
    >>> /* Then to save the public key to a file referenced by fptr */
    >>>
    >>>
    >>>
    >>> DSA *dsa_E=NULL;
    >>>
    >>>
    >>>
    >>> /* Generate your DSA key somewhere in here */
    >>>
    >>>
    >>>
    >>> i = PEM_write_DSAPublicKey(fptr, dsa_E );
    >>>
    >>>
    >>>
    >>> /* Transfer the public key file to the remote */
    >>>
    >>> /* where the remote does the following assuming that fptr references the
    >>> public key file */
    >>>
    >>>
    >>>
    >>> dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );
    >>>
    >>>
    >>>
    >>>
    >>>
    >>> Bill
    >>> ------------------------------
    >>>
    >>> *From:* owner-openssl-users@openssl.org [mailto:
    >>> owner-openssl-users@openssl.org] *On Behalf Of *Siddhartha Chhabra
    >>> *Sent:* June 20, 2008 7:37 PM
    >>> *To:* openssl-users@openssl.org
    >>> *Subject:* DSA signing and verification
    >>>
    >>>
    >>>
    >>> Hi all,
    >>>
    >>> I am trying to use DSA_sign and DSA_verify functions to generate a
    >>> signature and verify it. If I do this in the same file, that is signing and
    >>> then verifying using the public key, things go on smoothly. However, if I
    >>> try to save the DSA structure, that is by saving each of the values other
    >>> than the private key, which I can later restore and use as a public key to
    >>> verify the signature, the verification fails.
    >>>
    >>> How can I generate a signature at one place (say the client) and verify
    >>> it on another process (say a server)? Essentially how can I save the public
    >>> key counterpart of the private key that was used to sign in the first place.
    >>>
    >>> Thanks for the help
    >>>
    >>>

    >>

    >



  7. RE: DSA signing and verification

    Check your include statements. You might need either or both of:



    #include

    #include



    Bill

    ________________________________

    From: owner-openssl-users@openssl.org
    [mailtowner-openssl-users@openssl.org] On Behalf Of Siddhartha Chhabra
    Sent: June 20, 2008 8:39 PM
    To: openssl-users@openssl.org
    Subject: Re: DSA signing and verification



    On trying the macros, it gives the following errors

    c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(201)
    : error C2664: 'PEM_ASN1_write' : cannot convert parameter 1 from 'int
    (__cdecl *)(void)' to 'i2d_of_void (__cdecl *)'
    This conversion requires a reinterpret_cast, a C-style cast or
    function-style cast
    c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(264)
    : error C2664: 'PEM_ASN1_read' : cannot convert parameter 1 from 'char
    *(__cdecl *)(void)' to 'd2i_of_void (__cdecl *)'
    This conversion requires a reinterpret_cast, a C-style cast or
    function-style cast

    I believe its more of a coding problem now, to typecast the pointers
    properly rather than anything else, but still I am wondering if you
    faced the same issues or not ?



    On Fri, Jun 20, 2008 at 5:00 PM, Siddhartha Chhabra
    wrote:

    I will try the method that Bill just mentioned and hope that it works,
    Thanks again, but I would still like to know the problem with the way I
    am trying to do stuff.

    Thanks



    On Fri, Jun 20, 2008 at 4:58 PM, Siddhartha Chhabra
    wrote:

    Thanks for your quick replies, however, I did not understand it clearly,
    I am very new to OpenSSL

    Here is what I am doing in my code

    dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    DSA_generate_key(dsa)

    Now I have the keys generated. Now if I say
    SHA1(sigbuf,11,dgst);
    //Generate a signature

    if (1 == DSA_sign(0, dgst, sizeof(dgst), signature, &siglen, dsa))
    {
    printf("Succeeded\n");
    }


    if( 1 == DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    {
    printf("Succeeded\n");
    }


    This works fine. But When I try to save everything in structure dsa to
    another structure dsa2, barring the private key, to use it at the server
    for verification, it fails. I am developing a prototype which has
    exactly these requirements, I do not want the public key to be signed by
    a CA, just a client signing data X and the server be able to verify it.

    Can you please say whats wrong with the above code?

    Thanks a ton



    On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    wrote:

    I had a similar problem. I found I had to define my own macros for this
    as they were not in the OpenSSL set.



    #define PEM_write_DSAPublicKey(fp,x) \

    PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\

    PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)



    #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \

    (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char
    **)x,cb,u)





    /* Then to save the public key to a file referenced by fptr */



    DSA *dsa_E=NULL;



    /* Generate your DSA key somewhere in here */



    i = PEM_write_DSAPublicKey(fptr, dsa_E );



    /* Transfer the public key file to the remote */

    /* where the remote does the following assuming that fptr references
    the public key file */



    dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );





    Bill

    ________________________________

    From: owner-openssl-users@openssl.org
    [mailtowner-openssl-users@openssl.org] On Behalf Of Siddhartha Chhabra
    Sent: June 20, 2008 7:37 PM
    To: openssl-users@openssl.org
    Subject: DSA signing and verification



    Hi all,

    I am trying to use DSA_sign and DSA_verify functions to generate a
    signature and verify it. If I do this in the same file, that is signing
    and then verifying using the public key, things go on smoothly. However,
    if I try to save the DSA structure, that is by saving each of the values
    other than the private key, which I can later restore and use as a
    public key to verify the signature, the verification fails.

    How can I generate a signature at one place (say the client) and verify
    it on another process (say a server)? Essentially how can I save the
    public key counterpart of the private key that was used to sign in the
    first place.

    Thanks for the help









  8. Re: DSA signing and verification

    I tried that but I think it has to do with the cast applied to the functions
    as it says

    cannot convert parameter 1 from 'int (__cdecl *)(void)' to 'i2d_of_void
    (__cdecl *)'
    This conversion requires a reinterpret_cast, a C-style cast or
    function-style cast

    cannot convert parameter 1 from 'char *(__cdecl *)(void)' to 'd2i_of_void
    (__cdecl *)'
    This conversion requires a reinterpret_cast, a C-style cast or
    function-style cast

    I will try it out and I hope once its typecasted I can use it for my
    intended purposes. Let me know if you have any more comments.

    Thanks alot for all the help...I can see some light at the end of the tunnel
    now

    On Fri, Jun 20, 2008 at 5:55 PM, Bill Colvin
    wrote:

    > Check your include statements. You might need either or both of:
    >
    >
    >
    > #include
    >
    > #include
    >
    >
    >
    > Bill
    > ------------------------------
    >
    > *From:* owner-openssl-users@openssl.org [mailto:
    > owner-openssl-users@openssl.org] *On Behalf Of *Siddhartha Chhabra
    > *Sent:* June 20, 2008 8:39 PM
    > *To:* openssl-users@openssl.org
    > *Subject:* Re: DSA signing and verification
    >
    >
    >
    > On trying the macros, it gives the following errors
    >
    > c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(201) :
    > error C2664: 'PEM_ASN1_write' : cannot convert parameter 1 from 'int
    > (__cdecl *)(void)' to 'i2d_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style cast or
    > function-style cast
    > c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(264) :
    > error C2664: 'PEM_ASN1_read' : cannot convert parameter 1 from 'char
    > *(__cdecl *)(void)' to 'd2i_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style cast or
    > function-style cast
    >
    > I believe its more of a coding problem now, to typecast the pointers
    > properly rather than anything else, but still I am wondering if you faced
    > the same issues or not ?
    >
    > On Fri, Jun 20, 2008 at 5:00 PM, Siddhartha Chhabra <
    > siddhartha.chhabra@gmail.com> wrote:
    >
    > I will try the method that Bill just mentioned and hope that it works,
    > Thanks again, but I would still like to know the problem with the way I am
    > trying to do stuff.
    >
    > Thanks
    >
    >
    >
    > On Fri, Jun 20, 2008 at 4:58 PM, Siddhartha Chhabra <
    > siddhartha.chhabra@gmail.com> wrote:
    >
    > Thanks for your quick replies, however, I did not understand it clearly, I
    > am very new to OpenSSL
    >
    > Here is what I am doing in my code
    >
    > dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    > DSA_generate_key(dsa)
    >
    > Now I have the keys generated. Now if I say
    > SHA1(sigbuf,11,dgst);
    > //Generate a signature
    >
    > if (1 == DSA_sign(0, dgst, sizeof(dgst), signature, &siglen, dsa))
    > {
    > printf("Succeeded\n");
    > }
    >
    >
    > if( 1 == DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    > {
    > printf("Succeeded\n");
    > }
    >
    >
    > This works fine. But When I try to save everything in structure dsa to
    > another structure dsa2, barring the private key, to use it at the server for
    > verification, it fails. I am developing a prototype which has exactly these
    > requirements, I do not want the public key to be signed by a CA, just a
    > client signing data X and the server be able to verify it.
    >
    > Can you please say whats wrong with the above code?
    >
    > Thanks a ton
    >
    >
    >
    > On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    > wrote:
    >
    > I had a similar problem. I found I had to define my own macros for this as
    > they were not in the OpenSSL set.
    >
    >
    >
    > #define PEM_write_DSAPublicKey(fp,x) \
    >
    > PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\
    >
    > PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
    >
    >
    >
    > #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
    >
    > (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char **)x,cb,u)
    >
    >
    >
    >
    >
    > /* Then to save the public key to a file referenced by fptr */
    >
    >
    >
    > DSA *dsa_E=NULL;
    >
    >
    >
    > /* Generate your DSA key somewhere in here */
    >
    >
    >
    > i = PEM_write_DSAPublicKey(fptr, dsa_E );
    >
    >
    >
    > /* Transfer the public key file to the remote */
    >
    > /* where the remote does the following assuming that fptr references the
    > public key file */
    >
    >
    >
    > dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );
    >
    >
    >
    >
    >
    > Bill
    > ------------------------------
    >
    > *From:* owner-openssl-users@openssl.org [mailto:
    > owner-openssl-users@openssl.org] *On Behalf Of *Siddhartha Chhabra
    > *Sent:* June 20, 2008 7:37 PM
    > *To:* openssl-users@openssl.org
    > *Subject:* DSA signing and verification
    >
    >
    >
    > Hi all,
    >
    > I am trying to use DSA_sign and DSA_verify functions to generate a
    > signature and verify it. If I do this in the same file, that is signing and
    > then verifying using the public key, things go on smoothly. However, if I
    > try to save the DSA structure, that is by saving each of the values other
    > than the private key, which I can later restore and use as a public key to
    > verify the signature, the verification fails.
    >
    > How can I generate a signature at one place (say the client) and verify it
    > on another process (say a server)? Essentially how can I save the public key
    > counterpart of the private key that was used to sign in the first place.
    >
    > Thanks for the help
    >
    >
    >
    >
    >
    >
    >



  9. Re: DSA signing and verification

    What version of the library are you using ?

    On Fri, Jun 20, 2008 at 9:01 PM, Siddhartha Chhabra <
    siddhartha.chhabra@gmail.com> wrote:

    > I tried that but I think it has to do with the cast applied to the
    > functions as it says
    >
    > cannot convert parameter 1 from 'int (__cdecl *)(void)' to 'i2d_of_void
    > (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style cast or
    > function-style cast
    >
    > cannot convert parameter 1 from 'char *(__cdecl *)(void)' to 'd2i_of_void
    > (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style cast or
    > function-style cast
    >
    > I will try it out and I hope once its typecasted I can use it for my
    > intended purposes. Let me know if you have any more comments.
    >
    > Thanks alot for all the help...I can see some light at the end of the
    > tunnel now
    >
    >
    > On Fri, Jun 20, 2008 at 5:55 PM, Bill Colvin
    > wrote:
    >
    >> Check your include statements. You might need either or both of:
    >>
    >>
    >>
    >> #include
    >>
    >> #include
    >>
    >>
    >>
    >> Bill
    >> ------------------------------
    >>
    >> *From:* owner-openssl-users@openssl.org [mailto:
    >> owner-openssl-users@openssl.org] *On Behalf Of *Siddhartha Chhabra
    >> *Sent:* June 20, 2008 8:39 PM
    >> *To:* openssl-users@openssl.org
    >> *Subject:* Re: DSA signing and verification
    >>
    >>
    >>
    >> On trying the macros, it gives the following errors
    >>
    >> c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(201) :
    >> error C2664: 'PEM_ASN1_write' : cannot convert parameter 1 from 'int
    >> (__cdecl *)(void)' to 'i2d_of_void (__cdecl *)'
    >> This conversion requires a reinterpret_cast, a C-style cast or
    >> function-style cast
    >> c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(264) :
    >> error C2664: 'PEM_ASN1_read' : cannot convert parameter 1 from 'char
    >> *(__cdecl *)(void)' to 'd2i_of_void (__cdecl *)'
    >> This conversion requires a reinterpret_cast, a C-style cast or
    >> function-style cast
    >>
    >> I believe its more of a coding problem now, to typecast the pointers
    >> properly rather than anything else, but still I am wondering if you faced
    >> the same issues or not ?
    >>
    >> On Fri, Jun 20, 2008 at 5:00 PM, Siddhartha Chhabra <
    >> siddhartha.chhabra@gmail.com> wrote:
    >>
    >> I will try the method that Bill just mentioned and hope that it works,
    >> Thanks again, but I would still like to know the problem with the way I am
    >> trying to do stuff.
    >>
    >> Thanks
    >>
    >>
    >>
    >> On Fri, Jun 20, 2008 at 4:58 PM, Siddhartha Chhabra <
    >> siddhartha.chhabra@gmail.com> wrote:
    >>
    >> Thanks for your quick replies, however, I did not understand it clearly, I
    >> am very new to OpenSSL
    >>
    >> Here is what I am doing in my code
    >>
    >> dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    >> DSA_generate_key(dsa)
    >>
    >> Now I have the keys generated. Now if I say
    >> SHA1(sigbuf,11,dgst);
    >> //Generate a signature
    >>
    >> if (1 == DSA_sign(0, dgst, sizeof(dgst), signature, &siglen, dsa))
    >> {
    >> printf("Succeeded\n");
    >> }
    >>
    >>
    >> if( 1 == DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    >> {
    >> printf("Succeeded\n");
    >> }
    >>
    >>
    >> This works fine. But When I try to save everything in structure dsa to
    >> another structure dsa2, barring the private key, to use it at the server for
    >> verification, it fails. I am developing a prototype which has exactly these
    >> requirements, I do not want the public key to be signed by a CA, just a
    >> client signing data X and the server be able to verify it.
    >>
    >> Can you please say whats wrong with the above code?
    >>
    >> Thanks a ton
    >>
    >>
    >>
    >> On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    >> wrote:
    >>
    >> I had a similar problem. I found I had to define my own macros for this
    >> as they were not in the OpenSSL set.
    >>
    >>
    >>
    >> #define PEM_write_DSAPublicKey(fp,x) \
    >>
    >> PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\
    >>
    >> PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
    >>
    >>
    >>
    >> #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
    >>
    >> (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char
    >> **)x,cb,u)
    >>
    >>
    >>
    >>
    >>
    >> /* Then to save the public key to a file referenced by fptr */
    >>
    >>
    >>
    >> DSA *dsa_E=NULL;
    >>
    >>
    >>
    >> /* Generate your DSA key somewhere in here */
    >>
    >>
    >>
    >> i = PEM_write_DSAPublicKey(fptr, dsa_E );
    >>
    >>
    >>
    >> /* Transfer the public key file to the remote */
    >>
    >> /* where the remote does the following assuming that fptr references the
    >> public key file */
    >>
    >>
    >>
    >> dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );
    >>
    >>
    >>
    >>
    >>
    >> Bill
    >> ------------------------------
    >>
    >> *From:* owner-openssl-users@openssl.org [mailto:
    >> owner-openssl-users@openssl.org] *On Behalf Of *Siddhartha Chhabra
    >> *Sent:* June 20, 2008 7:37 PM
    >> *To:* openssl-users@openssl.org
    >> *Subject:* DSA signing and verification
    >>
    >>
    >>
    >> Hi all,
    >>
    >> I am trying to use DSA_sign and DSA_verify functions to generate a
    >> signature and verify it. If I do this in the same file, that is signing and
    >> then verifying using the public key, things go on smoothly. However, if I
    >> try to save the DSA structure, that is by saving each of the values other
    >> than the private key, which I can later restore and use as a public key to
    >> verify the signature, the verification fails.
    >>
    >> How can I generate a signature at one place (say the client) and verify it
    >> on another process (say a server)? Essentially how can I save the public key
    >> counterpart of the private key that was used to sign in the first place.
    >>
    >> Thanks for the help
    >>
    >>
    >>
    >>
    >>
    >>
    >>

    >
    >



  10. RE: DSA signing and verification

    0.9.8 have used it with f, g and h



    Bill



    ________________________________

    From: owner-openssl-users@openssl.org
    [mailtowner-openssl-users@openssl.org] On Behalf Of Siddhartha Chhabra
    Sent: June 20, 2008 10:07 PM
    To: openssl-users@openssl.org
    Subject: Re: DSA signing and verification



    What version of the library are you using ?

    On Fri, Jun 20, 2008 at 9:01 PM, Siddhartha Chhabra
    wrote:

    I tried that but I think it has to do with the cast applied to the
    functions as it says


    cannot convert parameter 1 from 'int (__cdecl *)(void)' to 'i2d_of_void
    (__cdecl *)'
    This conversion requires a reinterpret_cast, a C-style cast or
    function-style cast

    cannot convert parameter 1 from 'char *(__cdecl *)(void)' to
    'd2i_of_void (__cdecl *)'
    This conversion requires a reinterpret_cast, a C-style cast or
    function-style cast

    I will try it out and I hope once its typecasted I can use it for my
    intended purposes. Let me know if you have any more comments.

    Thanks alot for all the help...I can see some light at the end of the
    tunnel now



    On Fri, Jun 20, 2008 at 5:55 PM, Bill Colvin
    wrote:

    Check your include statements. You might need either or both of:



    #include

    #include



    Bill

    ________________________________

    From: owner-openssl-users@openssl.org
    [mailtowner-openssl-users@openssl.org] On Behalf Of Siddhartha Chhabra
    Sent: June 20, 2008 8:39 PM


    To: openssl-users@openssl.org

    Subject: Re: DSA signing and verification



    On trying the macros, it gives the following errors

    c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(201)
    : error C2664: 'PEM_ASN1_write' : cannot convert parameter 1 from 'int
    (__cdecl *)(void)' to 'i2d_of_void (__cdecl *)'
    This conversion requires a reinterpret_cast, a C-style cast or
    function-style cast
    c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(264)
    : error C2664: 'PEM_ASN1_read' : cannot convert parameter 1 from 'char
    *(__cdecl *)(void)' to 'd2i_of_void (__cdecl *)'
    This conversion requires a reinterpret_cast, a C-style cast or
    function-style cast

    I believe its more of a coding problem now, to typecast the pointers
    properly rather than anything else, but still I am wondering if you
    faced the same issues or not ?

    On Fri, Jun 20, 2008 at 5:00 PM, Siddhartha Chhabra
    wrote:

    I will try the method that Bill just mentioned and hope that it works,
    Thanks again, but I would still like to know the problem with the way I
    am trying to do stuff.

    Thanks



    On Fri, Jun 20, 2008 at 4:58 PM, Siddhartha Chhabra
    wrote:

    Thanks for your quick replies, however, I did not understand it clearly,
    I am very new to OpenSSL

    Here is what I am doing in my code

    dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    DSA_generate_key(dsa)

    Now I have the keys generated. Now if I say
    SHA1(sigbuf,11,dgst);
    //Generate a signature

    if (1 == DSA_sign(0, dgst, sizeof(dgst), signature, &siglen, dsa))
    {
    printf("Succeeded\n");
    }


    if( 1 == DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    {
    printf("Succeeded\n");
    }


    This works fine. But When I try to save everything in structure dsa to
    another structure dsa2, barring the private key, to use it at the server
    for verification, it fails. I am developing a prototype which has
    exactly these requirements, I do not want the public key to be signed by
    a CA, just a client signing data X and the server be able to verify it.

    Can you please say whats wrong with the above code?

    Thanks a ton



    On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    wrote:

    I had a similar problem. I found I had to define my own macros for this
    as they were not in the OpenSSL set.



    #define PEM_write_DSAPublicKey(fp,x) \

    PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\

    PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)



    #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \

    (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char
    **)x,cb,u)





    /* Then to save the public key to a file referenced by fptr */



    DSA *dsa_E=NULL;



    /* Generate your DSA key somewhere in here */



    i = PEM_write_DSAPublicKey(fptr, dsa_E );



    /* Transfer the public key file to the remote */

    /* where the remote does the following assuming that fptr references
    the public key file */



    dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );





    Bill

    ________________________________

    From: owner-openssl-users@openssl.org
    [mailtowner-openssl-users@openssl.org] On Behalf Of Siddhartha Chhabra
    Sent: June 20, 2008 7:37 PM
    To: openssl-users@openssl.org
    Subject: DSA signing and verification



    Hi all,

    I am trying to use DSA_sign and DSA_verify functions to generate a
    signature and verify it. If I do this in the same file, that is signing
    and then verifying using the public key, things go on smoothly. However,
    if I try to save the DSA structure, that is by saving each of the values
    other than the private key, which I can later restore and use as a
    public key to verify the signature, the verification fails.

    How can I generate a signature at one place (say the client) and verify
    it on another process (say a server)? Essentially how can I save the
    public key counterpart of the private key that was used to sign in the
    first place.

    Thanks for the help













  11. Re: DSA signing and verification

    Hi,

    After trying to figure out the problem with the macros, I found the
    following two macros already in the OpenSSL set

    PEM_write_PrivateKey and PEM_write_DSA_PUBKEY and their corresponding read
    functions

    Now I do the following in my code

    fptr = fopen("Pub","w");
    fpriv = fopen("Priv","w");
    EVP_PKEY *pkey = EVP_PKEY_new();
    dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    if( DSA_generate_key(dsa) == 1)
    {
    EVP_PKEY_assign_DSA(pkey, dsa);
    }
    i = PEM_write_PrivateKey(fpriv, pkey, NULL, NULL, 0, NULL, NULL);
    j = PEM_write_DSA_PUBKEY(fptr, dsa);

    After this I hoped the files Pub and Priv to have the public and private key
    counterparts of the generated DSA keys. Both functions succeed returning a
    1, however, the files are empty with nothing written to them. Do you see any
    potential problems with the code that I have above?

    Thanks again



    On Sat, Jun 21, 2008 at 8:15 AM, Bill Colvin
    wrote:

    > 0.9.8 have used it with f, g and h
    >
    >
    >
    > Bill
    >
    >
    > ------------------------------
    >
    > *From:* owner-openssl-users@openssl.org [mailto:
    > owner-openssl-users@openssl.org] *On Behalf Of *Siddhartha Chhabra
    > *Sent:* June 20, 2008 10:07 PM
    >
    > *To:* openssl-users@openssl.org
    > *Subject:* Re: DSA signing and verification
    >
    >
    >
    > What version of the library are you using ?
    >
    > On Fri, Jun 20, 2008 at 9:01 PM, Siddhartha Chhabra <
    > siddhartha.chhabra@gmail.com> wrote:
    >
    > I tried that but I think it has to do with the cast applied to the
    > functions as it says
    >
    >
    > cannot convert parameter 1 from 'int (__cdecl *)(void)' to 'i2d_of_void
    > (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style cast or
    > function-style cast
    >
    > cannot convert parameter 1 from 'char *(__cdecl *)(void)' to 'd2i_of_void
    > (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style cast or
    > function-style cast
    >
    > I will try it out and I hope once its typecasted I can use it for my
    > intended purposes. Let me know if you have any more comments.
    >
    > Thanks alot for all the help...I can see some light at the end of the
    > tunnel now
    >
    >
    >
    > On Fri, Jun 20, 2008 at 5:55 PM, Bill Colvin
    > wrote:
    >
    > Check your include statements. You might need either or both of:
    >
    >
    >
    > #include
    >
    > #include
    >
    >
    >
    > Bill
    > ------------------------------
    >
    > *From:* owner-openssl-users@openssl.org [mailto:
    > owner-openssl-users@openssl.org] *On Behalf Of *Siddhartha Chhabra
    > *Sent:* June 20, 2008 8:39 PM
    >
    >
    > *To:* openssl-users@openssl.org
    >
    > *Subject:* Re: DSA signing and verification
    >
    >
    >
    > On trying the macros, it gives the following errors
    >
    > c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(201) :
    > error C2664: 'PEM_ASN1_write' : cannot convert parameter 1 from 'int
    > (__cdecl *)(void)' to 'i2d_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style cast or
    > function-style cast
    > c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(264) :
    > error C2664: 'PEM_ASN1_read' : cannot convert parameter 1 from 'char
    > *(__cdecl *)(void)' to 'd2i_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style cast or
    > function-style cast
    >
    > I believe its more of a coding problem now, to typecast the pointers
    > properly rather than anything else, but still I am wondering if you faced
    > the same issues or not ?
    >
    > On Fri, Jun 20, 2008 at 5:00 PM, Siddhartha Chhabra <
    > siddhartha.chhabra@gmail.com> wrote:
    >
    > I will try the method that Bill just mentioned and hope that it works,
    > Thanks again, but I would still like to know the problem with the way I am
    > trying to do stuff.
    >
    > Thanks
    >
    >
    >
    > On Fri, Jun 20, 2008 at 4:58 PM, Siddhartha Chhabra <
    > siddhartha.chhabra@gmail.com> wrote:
    >
    > Thanks for your quick replies, however, I did not understand it clearly, I
    > am very new to OpenSSL
    >
    > Here is what I am doing in my code
    >
    > dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    > DSA_generate_key(dsa)
    >
    > Now I have the keys generated. Now if I say
    > SHA1(sigbuf,11,dgst);
    > //Generate a signature
    >
    > if (1 == DSA_sign(0, dgst, sizeof(dgst), signature, &siglen, dsa))
    > {
    > printf("Succeeded\n");
    > }
    >
    >
    > if( 1 == DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    > {
    > printf("Succeeded\n");
    > }
    >
    >
    > This works fine. But When I try to save everything in structure dsa to
    > another structure dsa2, barring the private key, to use it at the server for
    > verification, it fails. I am developing a prototype which has exactly these
    > requirements, I do not want the public key to be signed by a CA, just a
    > client signing data X and the server be able to verify it.
    >
    > Can you please say whats wrong with the above code?
    >
    > Thanks a ton
    >
    >
    >
    > On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    > wrote:
    >
    > I had a similar problem. I found I had to define my own macros for this as
    > they were not in the OpenSSL set.
    >
    >
    >
    > #define PEM_write_DSAPublicKey(fp,x) \
    >
    > PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\
    >
    > PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
    >
    >
    >
    > #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
    >
    > (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char **)x,cb,u)
    >
    >
    >
    >
    >
    > /* Then to save the public key to a file referenced by fptr */
    >
    >
    >
    > DSA *dsa_E=NULL;
    >
    >
    >
    > /* Generate your DSA key somewhere in here */
    >
    >
    >
    > i = PEM_write_DSAPublicKey(fptr, dsa_E );
    >
    >
    >
    > /* Transfer the public key file to the remote */
    >
    > /* where the remote does the following assuming that fptr references the
    > public key file */
    >
    >
    >
    > dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );
    >
    >
    >
    >
    >
    > Bill
    > ------------------------------
    >
    > *From:* owner-openssl-users@openssl.org [mailto:
    > owner-openssl-users@openssl.org] *On Behalf Of *Siddhartha Chhabra
    > *Sent:* June 20, 2008 7:37 PM
    > *To:* openssl-users@openssl.org
    > *Subject:* DSA signing and verification
    >
    >
    >
    > Hi all,
    >
    > I am trying to use DSA_sign and DSA_verify functions to generate a
    > signature and verify it. If I do this in the same file, that is signing and
    > then verifying using the public key, things go on smoothly. However, if I
    > try to save the DSA structure, that is by saving each of the values other
    > than the private key, which I can later restore and use as a public key to
    > verify the signature, the verification fails.
    >
    > How can I generate a signature at one place (say the client) and verify it
    > on another process (say a server)? Essentially how can I save the public key
    > counterpart of the private key that was used to sign in the first place.
    >
    > Thanks for the help
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >



  12. Re: DSA signing and verification

    Hi Siddhartha,

    the problem is the line
    EVP_PKEY_assign_DSA(pkey, dsa);
    you should use
    EVP_PKEY_set1_DSA()
    if you want to use the DSA structure later on.
    Why don't you write out the keys directly with
    PEM_write_DSAPrivateKey() and PEM_write_DSA_PUBKEY() ?

    Thomas



    Siddhartha Chhabra wrote:
    > Hi,
    >
    > After trying to figure out the problem with the macros, I found the
    > following two macros already in the OpenSSL set
    >
    > PEM_write_PrivateKey and PEM_write_DSA_PUBKEY and their corresponding
    > read functions
    >
    > Now I do the following in my code
    >
    > fptr = fopen("Pub","w");
    > fpriv = fopen("Priv","w");
    > EVP_PKEY *pkey = EVP_PKEY_new();
    > dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    > if( DSA_generate_key(dsa) == 1)
    > {
    > EVP_PKEY_assign_DSA(pkey, dsa);
    > }
    > i = PEM_write_PrivateKey(fpriv, pkey, NULL, NULL, 0, NULL, NULL);
    > j = PEM_write_DSA_PUBKEY(fptr, dsa);
    >
    > After this I hoped the files Pub and Priv to have the public and
    > private key counterparts of the generated DSA keys. Both functions
    > succeed returning a 1, however, the files are empty with nothing
    > written to them. Do you see any potential problems with the code that
    > I have above?
    >
    > Thanks again
    >
    >
    >
    > On Sat, Jun 21, 2008 at 8:15 AM, Bill Colvin
    > > wrote:
    >
    > 0.9.8 have used it with f, g and h
    >
    >
    >
    > Bill
    >
    >
    >
    > * From: * owner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>
    > [mailtowner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>] *On Behalf Of
    > *Siddhartha Chhabra
    > *Sent:* June 20, 2008 10:07 PM
    >
    > *To:* openssl-users@openssl.org penssl-users@openssl.org>
    > *Subject:* Re: DSA signing and verification
    >
    >
    >
    > What version of the library are you using ?
    >
    > On Fri, Jun 20, 2008 at 9:01 PM, Siddhartha Chhabra
    > > > wrote:
    >
    > I tried that but I think it has to do with the cast applied to the
    > functions as it says
    >
    >
    > cannot convert parameter 1 from 'int (__cdecl *)(void)' to
    > 'i2d_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style
    > cast or function-style cast
    >
    > cannot convert parameter 1 from 'char *(__cdecl *)(void)' to
    > 'd2i_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style
    > cast or function-style cast
    >
    > I will try it out and I hope once its typecasted I can use it for
    > my intended purposes. Let me know if you have any more comments.
    >
    > Thanks alot for all the help...I can see some light at the end of
    > the tunnel now
    >
    >
    >
    > On Fri, Jun 20, 2008 at 5:55 PM, Bill Colvin
    > >
    > wrote:
    >
    > Check your include statements. You might need either or both of:
    >
    >
    >
    > #include
    >
    > #include
    >
    >
    >
    > Bill
    >
    > * From: * owner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>
    > [mailtowner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>] *On Behalf Of
    > *Siddhartha Chhabra
    > *Sent:* June 20, 2008 8:39 PM
    >
    >
    > *To:* openssl-users@openssl.org penssl-users@openssl.org>
    >
    > * Subject: * Re: DSA signing and verification
    >
    >
    >
    > On trying the macros, it gives the following errors
    >
    > c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(201)
    > : error C2664: 'PEM_ASN1_write' : cannot convert parameter 1 from
    > 'int (__cdecl *)(void)' to 'i2d_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style
    > cast or function-style cast
    > c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(264)
    > : error C2664: 'PEM_ASN1_read' : cannot convert parameter 1 from
    > 'char *(__cdecl *)(void)' to 'd2i_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style
    > cast or function-style cast
    >
    > I believe its more of a coding problem now, to typecast the
    > pointers properly rather than anything else, but still I am
    > wondering if you faced the same issues or not ?
    >
    > On Fri, Jun 20, 2008 at 5:00 PM, Siddhartha Chhabra
    > > > wrote:
    >
    > I will try the method that Bill just mentioned and hope that it
    > works, Thanks again, but I would still like to know the problem
    > with the way I am trying to do stuff.
    >
    > Thanks
    >
    >
    >
    > On Fri, Jun 20, 2008 at 4:58 PM, Siddhartha Chhabra
    > > > wrote:
    >
    > Thanks for your quick replies, however, I did not understand it
    > clearly, I am very new to OpenSSL
    >
    > Here is what I am doing in my code
    >
    > dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    > DSA_generate_key(dsa)
    >
    > Now I have the keys generated. Now if I say
    > SHA1(sigbuf,11,dgst);
    > //Generate a signature
    >
    > if (1 == DSA_sign(0, dgst, sizeof(dgst), signature, &siglen, dsa))
    > {
    > printf("Succeeded\n");
    > }
    >
    >
    > if( 1 == DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    > {
    > printf("Succeeded\n");
    > }
    >
    >
    > This works fine. But When I try to save everything in structure
    > dsa to another structure dsa2, barring the private key, to use it
    > at the server for verification, it fails. I am developing a
    > prototype which has exactly these requirements, I do not want the
    > public key to be signed by a CA, just a client signing data X and
    > the server be able to verify it.
    >
    > Can you please say whats wrong with the above code?
    >
    > Thanks a ton
    >
    >
    >
    > On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    > >
    > wrote:
    >
    > I had a similar problem. I found I had to define my own macros
    > for this as they were not in the OpenSSL set.
    >
    >
    >
    > #define PEM_write_DSAPublicKey(fp,x) \
    >
    > PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\
    >
    > PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
    >
    >
    >
    > #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
    >
    > (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char
    > **)x,cb,u)
    >
    >
    >
    >
    >
    > /* Then to save the public key to a file referenced by fptr */
    >
    >
    >
    > DSA *dsa_E=NULL;
    >
    >
    >
    > /* Generate your DSA key somewhere in here */
    >
    >
    >
    > i = PEM_write_DSAPublicKey(fptr, dsa_E );
    >
    >
    >
    > /* Transfer the public key file to the remote */
    >
    > /* where the remote does the following assuming that fptr
    > references the public key file */
    >
    >
    >
    > dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );
    >
    >
    >
    >
    >
    > Bill
    >
    > * From: * owner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>
    > [mailtowner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>] *On Behalf Of
    > *Siddhartha Chhabra
    > *Sent:* June 20, 2008 7:37 PM
    > *To:* openssl-users@openssl.org penssl-users@openssl.org>
    > *Subject:* DSA signing and verification
    >
    >
    >
    > Hi all,
    >
    > I am trying to use DSA_sign and DSA_verify functions to generate a
    > signature and verify it. If I do this in the same file, that is
    > signing and then verifying using the public key, things go on
    > smoothly. However, if I try to save the DSA structure, that is by
    > saving each of the values other than the private key, which I can
    > later restore and use as a public key to verify the signature, the
    > verification fails.
    >
    > How can I generate a signature at one place (say the client) and
    > verify it on another process (say a server)? Essentially how can I
    > save the public key counterpart of the private key that was used
    > to sign in the first place.
    >
    > Thanks for the help
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >
    >

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  13. Re: DSA signing and verification

    Hi Thomas,

    Thanks for your email, I tried using EVP_PKEY_set1_DSA(), that doesnt work
    either. I also tried using thePEM_write_DSAPrivateKey() and
    PEM_write_DSA_PUBKEY() functions, however the files still stay empty. I dont
    know, its seemingly a straightforward thing but it just isnt working,
    between I am using 0.9.8.e, any known bugs there? Anything else that I can
    try to get my private and public keys stored and used later on for
    verification.

    Thanks in advance.

    Regards,
    Sid

    On Sat, Jun 21, 2008 at 1:47 PM, Thomas Mangold wrote:

    > Hi Siddhartha,
    >
    > the problem is the line
    > EVP_PKEY_assign_DSA(pkey, dsa);
    > you should use
    > EVP_PKEY_set1_DSA()
    > if you want to use the DSA structure later on.
    > Why don't you write out the keys directly with
    > PEM_write_DSAPrivateKey() and PEM_write_DSA_PUBKEY() ?
    >
    > Thomas
    >
    >
    >
    > Siddhartha Chhabra wrote:
    >
    >> Hi,
    >>
    >> After trying to figure out the problem with the macros, I found the
    >> following two macros already in the OpenSSL set
    >>
    >> PEM_write_PrivateKey and PEM_write_DSA_PUBKEY and their corresponding read
    >> functions
    >>
    >> Now I do the following in my code
    >>
    >> fptr = fopen("Pub","w");
    >> fpriv = fopen("Priv","w");
    >> EVP_PKEY *pkey = EVP_PKEY_new();
    >> dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    >> if( DSA_generate_key(dsa) == 1)
    >> {
    >> EVP_PKEY_assign_DSA(pkey, dsa); }
    >> i = PEM_write_PrivateKey(fpriv, pkey, NULL, NULL, 0, NULL, NULL);
    >> j = PEM_write_DSA_PUBKEY(fptr, dsa);
    >> After this I hoped the files Pub and Priv to have the public and private
    >> key counterparts of the generated DSA keys. Both functions succeed returning
    >> a 1, however, the files are empty with nothing written to them. Do you see
    >> any potential problems with the code that I have above?
    >>
    >> Thanks again
    >>
    >>
    >>
    >> On Sat, Jun 21, 2008 at 8:15 AM, Bill Colvin >> Bill.Colvin@opticatech.com>> wrote:
    >>
    >> 0.9.8 have used it with f, g and h
    >>
    >>
    >> Bill
    >>
    >>
    >> * From: * owner-openssl-users@openssl.org
    >> wner-openssl-users@openssl.org>
    >> [mailtowner-openssl-users@openssl.org
    >> wner-openssl-users@openssl.org>] *On Behalf Of
    >> *Siddhartha Chhabra
    >> *Sent:* June 20, 2008 10:07 PM
    >>
    >> *To:* openssl-users@openssl.org penssl-users@openssl.org>
    >> *Subject:* Re: DSA signing and verification
    >>
    >>
    >> What version of the library are you using ?
    >>
    >> On Fri, Jun 20, 2008 at 9:01 PM, Siddhartha Chhabra
    >> >> > wrote:
    >>
    >> I tried that but I think it has to do with the cast applied to the
    >> functions as it says
    >>
    >>
    >> cannot convert parameter 1 from 'int (__cdecl *)(void)' to
    >> 'i2d_of_void (__cdecl *)'
    >> This conversion requires a reinterpret_cast, a C-style
    >> cast or function-style cast
    >>
    >> cannot convert parameter 1 from 'char *(__cdecl *)(void)' to
    >> 'd2i_of_void (__cdecl *)'
    >> This conversion requires a reinterpret_cast, a C-style
    >> cast or function-style cast
    >>
    >> I will try it out and I hope once its typecasted I can use it for
    >> my intended purposes. Let me know if you have any more comments.
    >>
    >> Thanks alot for all the help...I can see some light at the end of
    >> the tunnel now
    >>
    >>
    >> On Fri, Jun 20, 2008 at 5:55 PM, Bill Colvin
    >> >
    >> wrote:
    >>
    >> Check your include statements. You might need either or both of:
    >>
    >>
    >> #include
    >>
    >> #include
    >>
    >>
    >> Bill
    >>
    >> * From: * owner-openssl-users@openssl.org
    >> wner-openssl-users@openssl.org>
    >> [mailtowner-openssl-users@openssl.org
    >> wner-openssl-users@openssl.org>] *On Behalf Of
    >> *Siddhartha Chhabra
    >> *Sent:* June 20, 2008 8:39 PM
    >>
    >>
    >> *To:* openssl-users@openssl.org penssl-users@openssl.org>
    >>
    >> * Subject: * Re: DSA signing and verification
    >>
    >>
    >> On trying the macros, it gives the following errors
    >>
    >>
    >> c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(201)
    >> : error C2664: 'PEM_ASN1_write' : cannot convert parameter 1 from
    >> 'int (__cdecl *)(void)' to 'i2d_of_void (__cdecl *)'
    >> This conversion requires a reinterpret_cast, a C-style
    >> cast or function-style cast
    >>
    >> c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(264)
    >> : error C2664: 'PEM_ASN1_read' : cannot convert parameter 1 from
    >> 'char *(__cdecl *)(void)' to 'd2i_of_void (__cdecl *)'
    >> This conversion requires a reinterpret_cast, a C-style
    >> cast or function-style cast
    >>
    >> I believe its more of a coding problem now, to typecast the
    >> pointers properly rather than anything else, but still I am
    >> wondering if you faced the same issues or not ?
    >>
    >> On Fri, Jun 20, 2008 at 5:00 PM, Siddhartha Chhabra
    >> >> > wrote:
    >>
    >> I will try the method that Bill just mentioned and hope that it
    >> works, Thanks again, but I would still like to know the problem
    >> with the way I am trying to do stuff.
    >>
    >> Thanks
    >>
    >>
    >> On Fri, Jun 20, 2008 at 4:58 PM, Siddhartha Chhabra
    >> >> > wrote:
    >>
    >> Thanks for your quick replies, however, I did not understand it
    >> clearly, I am very new to OpenSSL
    >>
    >> Here is what I am doing in my code
    >>
    >> dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    >> DSA_generate_key(dsa)
    >>
    >> Now I have the keys generated. Now if I say
    >> SHA1(sigbuf,11,dgst);
    >> //Generate a signature
    >> if (1 == DSA_sign(0, dgst, sizeof(dgst), signature, &siglen,
    >> dsa))
    >> {
    >> printf("Succeeded\n");
    >> }
    >> if( 1 ==
    >> DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    >> {
    >> printf("Succeeded\n");
    >> }
    >>
    >>
    >> This works fine. But When I try to save everything in structure
    >> dsa to another structure dsa2, barring the private key, to use it
    >> at the server for verification, it fails. I am developing a
    >> prototype which has exactly these requirements, I do not want the
    >> public key to be signed by a CA, just a client signing data X and
    >> the server be able to verify it.
    >>
    >> Can you please say whats wrong with the above code?
    >>
    >> Thanks a ton
    >>
    >>
    >> On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    >> >
    >> wrote:
    >>
    >> I had a similar problem. I found I had to define my own macros
    >> for this as they were not in the OpenSSL set.
    >>
    >>
    >> #define PEM_write_DSAPublicKey(fp,x) \
    >>
    >> PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\
    >>
    >> PEM_STRING_DSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL,NULL)
    >>
    >>
    >> #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA *)PEM_ASN1_read( \
    >>
    >> (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char
    >> **)x,cb,u)
    >>
    >>
    >>
    >> /* Then to save the public key to a file referenced by fptr */
    >>
    >>
    >> DSA *dsa_E=NULL;
    >>
    >>
    >> /* Generate your DSA key somewhere in here */
    >>
    >>
    >> i = PEM_write_DSAPublicKey(fptr, dsa_E );
    >>
    >>
    >> /* Transfer the public key file to the remote */
    >>
    >> /* where the remote does the following assuming that fptr
    >> references the public key file */
    >>
    >>
    >> dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL, NULL );
    >>
    >>
    >>
    >> Bill
    >>
    >> * From: * owner-openssl-users@openssl.org
    >> wner-openssl-users@openssl.org>
    >> [mailtowner-openssl-users@openssl.org
    >> wner-openssl-users@openssl.org>] *On Behalf Of
    >> *Siddhartha Chhabra
    >> *Sent:* June 20, 2008 7:37 PM
    >> *To:* openssl-users@openssl.org penssl-users@openssl.org>
    >> *Subject:* DSA signing and verification
    >>
    >>
    >> Hi all,
    >>
    >> I am trying to use DSA_sign and DSA_verify functions to generate a
    >> signature and verify it. If I do this in the same file, that is
    >> signing and then verifying using the public key, things go on
    >> smoothly. However, if I try to save the DSA structure, that is by
    >> saving each of the values other than the private key, which I can
    >> later restore and use as a public key to verify the signature, the
    >> verification fails.
    >>
    >> How can I generate a signature at one place (say the client) and
    >> verify it on another process (say a server)? Essentially how can I
    >> save the public key counterpart of the private key that was used
    >> to sign in the first place.
    >>
    >> Thanks for the help
    >>
    >>
    >>
    >>
    >>
    >>
    >>
    >> __________________________________________________ ____________________

    > OpenSSL Project http://www.openssl.org
    > User Support Mailing List openssl-users@openssl.org
    > Automated List Manager majordomo@openssl.org
    >



  14. Re: DSA signing and verification

    Hi Siddhartha,

    I had troubles too, with DSA, but not wrtiting the keys but on
    verifying. I switched on RSA. It is nearly the same.
    But be careful with this ssl stuff and check every possible return value.
    Btw have you initialised the library with

    /* begin initiualisation ---*/
    SSL_library_init(); /* initialise SSL-library */
    OpenSSL_add_all_digests(); /* used to sign the key by the EVP_API */

    /* initilise the PRNG */
    if (!RAND_status())
    log(LOG_WARNING, "init_sslLib --> Pseudo random generator not
    propertly initialised\n");

    /* load SSL strings for cryptography and error messages */
    ERR_load_crypto_strings();
    SSL_load_error_strings();
    /* end initiialisation ---*/
    ????????

    Else try RSA:

    if (!(rsa = RSA_generate_key(RSA_KEY_LEN, RSA_EXP,NULL,NULL))) {
    // print error and return
    }

    if (!PEM_write_RSAPrivateKey(fp, pkey->rsa, EVP_des_ede3_cbc(), NULL, 0,
    passwordCallback, puser->password)) {
    // print error and return
    }

    fclose(fp);

    if ((fp = fopen(key_fname, "w")) == NULL) {
    // print error and return
    }

    if (!PEM_write_RSA_PUBKEY(fp, pkey->rsa)) {
    // print error and return
    }


    Siddhartha Chhabra wrote:
    > Hi Thomas,
    >
    > Thanks for your email, I tried using EVP_PKEY_set1_DSA(), that doesnt
    > work either. I also tried using thePEM_write_DSAPrivateKey() and
    > PEM_write_DSA_PUBKEY() functions, however the files still stay empty.
    > I dont know, its seemingly a straightforward thing but it just isnt
    > working, between I am using 0.9.8.e, any known bugs there? Anything
    > else that I can try to get my private and public keys stored and used
    > later on for verification.
    >
    > Thanks in advance.
    >
    > Regards,
    > Sid
    >
    > On Sat, Jun 21, 2008 at 1:47 PM, Thomas Mangold > > wrote:
    >
    > Hi Siddhartha,
    >
    > the problem is the line
    >
    > EVP_PKEY_assign_DSA(pkey, dsa);
    > you should use
    > EVP_PKEY_set1_DSA()
    > if you want to use the DSA structure later on.
    > Why don't you write out the keys directly with
    > PEM_write_DSAPrivateKey() and PEM_write_DSA_PUBKEY() ?
    >
    > Thomas
    >
    >
    >
    > Siddhartha Chhabra wrote:
    >
    > Hi,
    >
    > After trying to figure out the problem with the macros, I
    > found the following two macros already in the OpenSSL set
    >
    > PEM_write_PrivateKey and PEM_write_DSA_PUBKEY and their
    > corresponding read functions
    >
    > Now I do the following in my code
    >
    > fptr = fopen("Pub","w");
    > fpriv = fopen("Priv","w");
    > EVP_PKEY *pkey = EVP_PKEY_new();
    >
    > dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    > if( DSA_generate_key(dsa) == 1)
    > {
    > EVP_PKEY_assign_DSA(pkey, dsa); }
    > i = PEM_write_PrivateKey(fpriv, pkey, NULL, NULL, 0, NULL,
    > NULL); j = PEM_write_DSA_PUBKEY(fptr, dsa);
    > After this I hoped the files Pub and Priv to have the public
    > and private key counterparts of the generated DSA keys. Both
    > functions succeed returning a 1, however, the files are empty
    > with nothing written to them. Do you see any potential
    > problems with the code that I have above?
    >
    > Thanks again
    >
    >
    >
    > On Sat, Jun 21, 2008 at 8:15 AM, Bill Colvin
    > >
    > > >> wrote:
    >
    > 0.9.8 have used it with f, g and h
    >
    >
    > Bill
    >
    >
    > * From: * owner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>
    > wner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>>
    > [mailtowner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>
    > wner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>>] *On Behalf Of
    > *Siddhartha Chhabra
    > *Sent:* June 20, 2008 10:07 PM
    >
    > *To:* openssl-users@openssl.org
    > penssl-users@openssl.org>
    > penssl-users@openssl.org
    > penssl-users@openssl.org>>
    >
    > *Subject:* Re: DSA signing and verification
    >
    >
    > What version of the library are you using ?
    >
    > On Fri, Jun 20, 2008 at 9:01 PM, Siddhartha Chhabra
    > >
    > > >> wrote:
    >
    > I tried that but I think it has to do with the cast applied
    > to the
    > functions as it says
    >
    >
    > cannot convert parameter 1 from 'int (__cdecl *)(void)' to
    > 'i2d_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style
    > cast or function-style cast
    >
    > cannot convert parameter 1 from 'char *(__cdecl *)(void)' to
    > 'd2i_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style
    > cast or function-style cast
    >
    > I will try it out and I hope once its typecasted I can use
    > it for
    > my intended purposes. Let me know if you have any more
    > comments.
    >
    > Thanks alot for all the help...I can see some light at the
    > end of
    > the tunnel now
    >
    >
    > On Fri, Jun 20, 2008 at 5:55 PM, Bill Colvin
    > >
    > > >>
    >
    > wrote:
    >
    > Check your include statements. You might need either or
    > both of:
    >
    >
    > #include
    >
    > #include
    >
    >
    > Bill
    >
    > * From: * owner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>
    > wner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>>
    > [mailtowner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>
    > wner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>>] *On Behalf Of
    > *Siddhartha Chhabra
    > *Sent:* June 20, 2008 8:39 PM
    >
    >
    > *To:* openssl-users@openssl.org
    > penssl-users@openssl.org>
    > penssl-users@openssl.org
    > penssl-users@openssl.org>>
    >
    >
    > * Subject: * Re: DSA signing and verification
    >
    >
    > On trying the macros, it gives the following errors
    >
    >
    > c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(201)
    > : error C2664: 'PEM_ASN1_write' : cannot convert parameter
    > 1 from
    > 'int (__cdecl *)(void)' to 'i2d_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style
    > cast or function-style cast
    >
    > c:\se_simulation2\verificationserver\verifier\veri fier\verifier.cpp(264)
    > : error C2664: 'PEM_ASN1_read' : cannot convert parameter 1
    > from
    > 'char *(__cdecl *)(void)' to 'd2i_of_void (__cdecl *)'
    > This conversion requires a reinterpret_cast, a C-style
    > cast or function-style cast
    >
    > I believe its more of a coding problem now, to typecast the
    > pointers properly rather than anything else, but still I am
    > wondering if you faced the same issues or not ?
    >
    > On Fri, Jun 20, 2008 at 5:00 PM, Siddhartha Chhabra
    > >
    > > >> wrote:
    >
    > I will try the method that Bill just mentioned and hope that it
    > works, Thanks again, but I would still like to know the problem
    > with the way I am trying to do stuff.
    >
    > Thanks
    >
    >
    > On Fri, Jun 20, 2008 at 4:58 PM, Siddhartha Chhabra
    > >
    > > >> wrote:
    >
    > Thanks for your quick replies, however, I did not understand it
    > clearly, I am very new to OpenSSL
    >
    > Here is what I am doing in my code
    >
    >
    > dsa=DSA_generate_parameters(1024,seed,20,&counter,&h,cb,bio_err);
    > DSA_generate_key(dsa)
    >
    > Now I have the keys generated. Now if I say
    > SHA1(sigbuf,11,dgst);
    > //Generate a signature
    > if (1 == DSA_sign(0, dgst, sizeof(dgst), signature,
    > &siglen, dsa))
    > {
    > printf("Succeeded\n");
    > }
    > if( 1 ==
    > DSA_verify(0,dgst,sizeof(dgst),signature,siglen,ds a))
    > {
    > printf("Succeeded\n");
    > }
    >
    >
    > This works fine. But When I try to save everything in structure
    > dsa to another structure dsa2, barring the private key, to
    > use it
    > at the server for verification, it fails. I am developing a
    > prototype which has exactly these requirements, I do not
    > want the
    > public key to be signed by a CA, just a client signing data
    > X and
    > the server be able to verify it.
    >
    > Can you please say whats wrong with the above code?
    >
    > Thanks a ton
    >
    >
    > On Fri, Jun 20, 2008 at 4:50 PM, Bill Colvin
    > >
    > > >>
    >
    > wrote:
    >
    > I had a similar problem. I found I had to define my own macros
    > for this as they were not in the OpenSSL set.
    >
    >
    > #define PEM_write_DSAPublicKey(fp,x) \
    >
    > PEM_ASN1_write((int (*)())i2d_DSAPublicKey,\
    >
    > PEM_STRING_DSA_PUBLIC,fp,(char
    > *)x,NULL,NULL,0,NULL,NULL)
    >
    >
    > #define PEM_read_DSAPublicKey(fp,x,cb,u) (DSA
    > *)PEM_ASN1_read( \
    >
    > (char
    > *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,fp,( char
    > **)x,cb,u)
    >
    >
    >
    > /* Then to save the public key to a file referenced by fptr */
    >
    >
    > DSA *dsa_E=NULL;
    >
    >
    > /* Generate your DSA key somewhere in here */
    >
    >
    > i = PEM_write_DSAPublicKey(fptr, dsa_E );
    >
    >
    > /* Transfer the public key file to the remote */
    >
    > /* where the remote does the following assuming that fptr
    > references the public key file */
    >
    >
    > dsa_E = PEM_read_DSAPublicKey( fptr, NULL, NULL,
    > NULL );
    >
    >
    >
    > Bill
    >
    > * From: * owner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>
    > wner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>>
    > [mailtowner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>
    > wner-openssl-users@openssl.org
    > wner-openssl-users@openssl.org>>] *On Behalf Of
    > *Siddhartha Chhabra
    > *Sent:* June 20, 2008 7:37 PM
    > *To:* openssl-users@openssl.org
    > penssl-users@openssl.org>
    > penssl-users@openssl.org
    > penssl-users@openssl.org>>
    >
    > *Subject:* DSA signing and verification
    >
    >
    > Hi all,
    >
    > I am trying to use DSA_sign and DSA_verify functions to
    > generate a
    > signature and verify it. If I do this in the same file, that is
    > signing and then verifying using the public key, things go on
    > smoothly. However, if I try to save the DSA structure, that
    > is by
    > saving each of the values other than the private key, which
    > I can
    > later restore and use as a public key to verify the
    > signature, the
    > verification fails.
    >
    > How can I generate a signature at one place (say the
    > client) and
    > verify it on another process (say a server)? Essentially
    > how can I
    > save the public key counterpart of the private key that was
    > used
    > to sign in the first place.
    >
    > Thanks for the help
    >
    >
    >
    >
    >
    >
    >
    > __________________________________________________ ____________________
    > OpenSSL Project http://www.openssl.org
    > User Support Mailing List
    > openssl-users@openssl.org penssl-users@openssl.org>
    > Automated List Manager
    > majordomo@openssl.org
    >
    >

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


+ Reply to Thread