[xmlsec] DSA Signatures
aleksey at aleksey.com
Mon Jan 4 11:09:53 PST 2021
Right, I know remember that I had problems with leading zero's
as well :) Take a look at the code for details:
On 1/4/21 11:06 AM, Timothy Legge wrote:
> Thanks. I suspect it is related to the possible leading zeros in the
> I2OSP spec that I may be losing when I concatenate r and s but I have
> not tracked it down yet.
> On Mon, Jan 4, 2021 at 2:25 PM Aleksey Sanin <aleksey at aleksey.com> wrote:
>> On 1/4/21 9:07 AM, Timothy Legge wrote:
>>> This is somewhat off topic as it is related to my maintenance of the
>>> Perl XML::Sig module.
>>> DSA signatures are a base64 encoded concatenation of the r and s octet
>>> streams. I can sign and verify DSA signatures with XML::Sig or xmlsec
>>> but occasionally the DSA signature validation fails (for both XML::Sig
>>> and xmlsec at the same time).
>>> I assume something is getting lost when I concatenate r and s before
>>> it is base64 encoded. Any thoughts based on how xmlsec generates the
>>> base64 encoded DSA signature?
>>> xmlsec mailing list
>>> xmlsec at aleksey.com
More information about the xmlsec