loading cert from memory buffer

2003-12-15 Thread Aleksey Dorosheff 
i got CA cert in header file declarated  like this 

static const unsigned char s_pbCaCertificate[] = {
 0x30, 0x82, 0x03, 0x98, 0x30, 0x82, 0x03, 0x01, ...}; 

how  can i load it to X509Store?  i guess i should use BIO? 
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

set an external callback for encryption

2003-12-15 Thread david jeanneteau 
Hi all,

I want to use openssl with a smartcard containing RSA private key and 
RSA cipher capabilities.

Is there a way to tell SSL that it should use a given callback (from 
smartcard API) for applying private key (the one on the smart card).

Regards,
David Jeanneteau
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: loading cert from memory buffer

2003-12-15 Thread Nils Larsch 
Aleksey Dorosheff wrote:
i got CA cert in header file declarated  like this 

static const unsigned char s_pbCaCertificate[] = {
 0x30, 0x82, 0x03, 0x98, 0x30, 0x82, 0x03, 0x01, ...}; 
try d2i_X509

how  can i load it to X509Store?  i guess i should use BIO? 
look how it's done in, for example, apps/verify.c

Nils

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: set an external callback for encryption

2003-12-15 Thread Nils Larsch 
david jeanneteau wrote:
Hi all,

I want to use openssl with a smartcard containing RSA private key and 
RSA cipher capabilities.

Is there a way to tell SSL that it should use a given callback (from 
smartcard API) for applying private key (the one on the smart card).
You need a openssl engine for this (in case you have a pkcs11 driver
for your smartcard try the pkcs11 engine mentioned some time ago
on openssl-dev, btw: what kind of smartcard do you have (pkcs15 ?,
OS ? ...)).
Nils

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: set an external callback for encryption

2003-12-15 Thread david jeanneteau 
Nils Larsch wrote:

david jeanneteau wrote:

Hi all,

I want to use openssl with a smartcard containing RSA private key and 
RSA cipher capabilities.

Is there a way to tell SSL that it should use a given callback (from 
smartcard API) for applying private key (the one on the smart card).


You need a openssl engine for this (in case you have a pkcs11 driver
for your smartcard try the pkcs11 engine mentioned some time ago
on openssl-dev, btw: what kind of smartcard do you have (pkcs15 ?,
OS ? ...)).
Nils
First, thanks for such fast response.

It is a supplied smarcard and i don't have all docs yet, but is seems 
that an API is supplied to access it.
So it looks like i have to create an engine that bind's on the smartcard 
API.

I'm a bit afraid of developing an openssl engine, could you give me the 
best docs for it ?

David

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]


__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Re: set an external callback for encryption

2003-12-15 Thread Nils Larsch 
david jeanneteau wrote:

It is a supplied smarcard and i don't have all docs yet, but is seems 
that an API is supplied to access it.
What kind of API ? (btw: which OS are you using (on your pc) ?).

So it looks like i have to create an engine that bind's on the smartcard 
API.
probably

I'm a bit afraid of developing an openssl engine, could you give me the 
best docs for it ?
Hmm, try the engine manpage and look at the existing engines in
cryto/engine.
Nils

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

Does openssl supports 256 bit AES and 256 bit SHA1?

2003-12-15 Thread CPRAVEEN 
I know that the latest version of openssl supports AES and SHA1.
Pls let me know if openssl supports 256 bit AES and 256 bit SHA1

TIA.
Rgds Praveen





__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]

loading cert from memory buffer

2003-12-15 Thread Aleksey Dorosheff 
i got CA cert in header file declarated  like this


unsigned char s_pbCaCertificate[] = {
 0x2d, 0x2d, 0x2d, 0x2d, 0x2d, 0x42, 0x45, 0x47, 0x49, 0x4e, 0x20, 0x43,
0x45, 0x52, 0x54, 0x49,
 0x46, 0x49, 0x43, 0x41, 0x54, 0x45, 0x2d...};

(this buffer i`ve  made it form PEM  cert file and from DER, no difference
in my attemps to load it )

i try to load it  like this
#
X509 * p_CACert;
 unsigned char * p_Buf;
 int CertSize=sizeof(s_pbCaCertificate);
 p_Buf=s_pbCaCertificate;
 p_CACert=NULL;

 p_CACert=d2i_X509(NULL,&p_Buf,CertSize);
##
but p_CACert  always remains NULL, according docs that means that some error
occured while attempt to decode s_pbCaCertificate. But i dont know why?
Second time I used such code

X509 * p_CACert;
 unsigned char * p_Buf;
 int CertSize=sizeof(s_pbCaCertificate);
 p_Buf=s_pbCaCertificate;
 p_CACert=NULL;

d2i_X509(& p_CACert,&p_Buf,CertSize);
#
But result was the same,  p_CACert was NULL.
So how can i load it? Where is my error? And what  cert form (PEM or DER)  i
must use?

__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager   [EMAIL PROTECTED]