[Botan-devel] DSA signature verification always returns false
Z. S. O.
tiredashell at gmail.com
Fri Apr 17 23:22:02 EDT 2009
While we're still on the topic, I was wondering: does Botan have a standard
way to generate pseudo-random session tokens for data that I digitally sign?
>From what I understand, the only way to avoid a replay attack is to use
sign(data+token) instead of sign(data). I could always generate my own
random token, but I don't like to invent my own standards if I can help it.
Besides, I'm not sure how big the token has to be for it to be considered
On Thu, Apr 16, 2009 at 10:17 PM, Jack Lloyd <lloyd at randombit.net> wrote:
> On Thu, Apr 16, 2009 at 09:40:27PM -0400, Z. S. O. wrote:
> > When I tried that, my compiler complained that Botan::byte has no member
> > called length. After you mentioned it, though, I realized I could just
> > to strings and used the length function from there so it works well,
> > again.
> Erp. I should have written .size(), not .length()
> Clearly my mind is going. :(
> You are correct that if the message is already in a std::string there
> is no reason to copy it to a botan *Vector object.
> botan-devel mailing list
> botan-devel at randombit.net
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the botan-devel