There is no official specification how compression should
be done. SSL/TLS tells only about the syntax if it's used.
I remember Eric implemented something with zlib but I never
tested it and it will for shure not work with something else.
Oliver Floericke schrieb:
>
> Hi there,
>
> does OpenSS
The signature is as long as the modulus of key is. Thus the
20 bytes contain the (unsigned) hash value only. This field
is just a octett string.
The most important thing of PKCS#1 is the padding. You can
have a look at crypto/rsa/rsa_pk1.c to verify what this
means in actual code.
Normally the
Since you are using SSL together with Apache you should
either use the mailing list for mod_ssl or for Apache_SSL.
Furthermore you should check the FAQ and your logs.
Both will tell you that you used http on the port 443!
See the s_client output as well which clearly indicates
some cleartext ("
jhkwon <[EMAIL PROTECTED]> writes:
> In the following example,
>
> struct {
> uint8 field1;
> uint8 field2;
> digitally-signed opaque hash[20];
> } UserType;
>
> How the hash field is represented?
>
> I've read PKC S#1 sig
Hi there,
does OpenSSL support data compression as mentioned in the Netscape draft?
Does anybody know if this feature is supported by other SSL
implementations??
Thank you,
Oliver
__
OpenSSL Project
In the following example,
struct {
uint8 field1;
uint8 field2;
digitally-signed opaque hash[20];
} UserType;
How the hash field is represented?
I've read PKC S#1 signature algorithms, so I understand what
Hallo.
I've configured and installed on Linux RedHat 5.2 (linux-2.0.36):
- Apache/1.3.6 (Unix)
- OpenSSL 0.9.3a 29 May 1999
- The certificates (key, csr, crt)
- The certificates configuration lines in "httpd.conf"
When I try: "./s_client -connect www.webmood.com:80 -state -debug"
I receive an e
On Wed, 16 Jun 1999, Bodo Moeller wrote:
You are right, my mistake, I was talking about 0.9.1c. The problem still
persists...
Krzysztof
> [EMAIL PROTECTED]:
>
> > I have successfuly installed openssl-0.9.3c
>
> There is no OpenSSL 0.9.3c. Either you mean 0.9.3a (the latest
> release) or 0.9
Theodore Hope <[EMAIL PROTECTED]>:
[...]
> The fields I've marked above (n, e, d, p, q) refer to the similarly-named
> terms in the RSA FAQ description of "how RSA works" (quoted below).
> Can someone tell me what the fields "exponent1", "exponent2" and
> "coefficient" are, and how they fit in to
The fields I've marked above (n, e, d, p, q) refer to the
similarly-named terms in the RSA FAQ description of "how RSA
works" (quoted below). Can someone tell me what the fields
"exponent1", "exponent2" and "coefficient" are, and how they
fit in to the math
James K Hendrix <[EMAIL PROTECTED]>:
> I am fairly new to OpenSSL programming, so let me describe my problem
> in detail first. I have a program which uses OpenSSL 0.9.3a to
> connect to a HTTPS server.
Let me guess, a Netscape server?
[...]
> create SSL session (SSL_new)
> while (not done
[EMAIL PROTECTED]:
> I have successfuly installed openssl-0.9.3c
There is no OpenSSL 0.9.3c. Either you mean 0.9.3a (the latest
release) or 0.9.1c; in the latter case, please get a newer release.
> 'make test' in openssl installation hanhs up after:
[...]
> testing req conversions
> p -> d
> p
Thanks to Chen and Bodo for the help, but I'm still mystified. I'll try
to clarify and reply to the help I received. Actually, openssl seemed to
install ok. What I'm really having trouble with is the last step - the
Perl interface for SSL. I've actually been fighting with
"Crypt-SSLeay-0.07". W
Sorry if this is a bit off-topic. I'm looking at the output
of "rsa -text" for an RSA key, and I can't figure out what all
the different fields are:
"n" = modulus
"e" = publicExponent (65537)
"d" = privateExponent
"p" = prime1
"q" = prime2
exponent1
exponent2
coefficient
The f
Hi,
I have successfuly installed openssl-0.9.3c and Net::SSLeay module on
RedHat 5.2. Then, I switched to RH6 (different machine). Everything was
going fine except testing (make test) in both of them (openssl and
Net:SSLeay). And after I run apache (with ssl module) it goes through all
informati
Hi all,
I had a little problem with the pkcs12 library.
When I added a friendly-name attibute in a PKCS12_SAFEBAG
SafeBag object (for a certificate or a shrouded
PKCS8 key), it works well except that when I imported
the pfx file into IE 5.x, the friendly-name attribute
was displayed wi
Hi.
I am fairly new to OpenSSL programming, so let me describe my problem
in detail first. I have a program which uses OpenSSL 0.9.3a to
connect to a HTTPS server. It uses the following logic:
init SSL libraries
select SSL method (SSLv23_client_method)
create SSL context (SSL_CTX_new)
> I am a newbi in this field who can tell me what's different form ssleay and
> openssl?
(form openssl CHANGES file:)
- renamed the package from SSLeay to OpenSSL
So OpenSSL is the improved SSLeay...
oki,
Steffen
__
jun liu wrote:
>
> hi:
> I am a newbi in this field who can tell me what's different form ssleay and
> openssl?
Non-autoritative answer, or "What I noticed":
OpenSSL includes pkcs12 support, CRL support, is actively developed, and
is the successor to SSLeay which is now used for mod_ssl (and AF
On Wed, Jun 16, 1999 at 01:07:18AM +0200, Bodo Moeller wrote:
> "James H. Cloos Jr." <[EMAIL PROTECTED]>:
>> Using lynx-ssl linked against 0.9.3 I find there are many sites (none
>> using ssleay or openssl, incidently) I cannot connect to. s_client
>> to those sites (again w/ 0.9.3 shows errors
On Wed, Jun 16, 1999 at 10:12:34AM +0200, andy wrote:
> where to get the exactly meaning of the ssl_connect return values.
>
> i guess that zero is for a failed connect to the specified server and
> everything bigger than zero is for a succesfull connect?
0 is always an error (peer closed durin
On Wed, Jun 16, 1999 at 01:07:10AM +, jun liu wrote:
> I am a newbi in this field who can tell me what's different form ssleay and
> openssl?
Eric A. Young, who created SSLeay, now works for RSA Australia and
does not continue development of SSLeay, and because of this no new
SSLeay releas
Hi,
>-Original Message-
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
>Subject: using libeay32.lib in VC6.0?
>
>
> i want to user RSA routine,such as i2dRSAPublickey()in
>my program,but when i linked my code with libeay32.lib
>i got some error in studio enviroment.
> MSVCRT.lib(M
>Does anyone have an updated HP-UX 10.x0 math library with position
>independent code (PIC code, or +z/+Z in HP parlance)?
This should be /usr/lib/libm.sl - are you sure you didn't link with
usr/lib/libm.a? chatr should list this as libM.1 (libm.sl's soname).
On HP-UX 10.20, what gives:
/usr/lib
Michael Stroeder wrote:
>
> Song wrote:
> >
> > Can Openssl be used to support Netscape Form Signing?
>
> IMHO you have to verify the signature of signed PKCS#7 objects (similar
> to verify signatures of S/MIME mails) which was not possible in
> SSLeay/OpenSSL up to now.
> Maybe with the new rud
> > Can Openssl be used to support Netscape Form Signing?
NS form signing is normally done using the NS browsers.
Alternatively with additional MIME handling the form data can be
signed using sign.c in crypto/pkcs7
> P.S.: There's a signver tool available from Netscape which does this
> thing.
Michael Stroeder wrote:
> Hmm, how about subjectAltName for a unique registration number?
We use subjectAltName for subject's e-mail address and I found other
supported types - dNSName, URL, RID and IP in
http://www.pca.dfn.de/dfnpca/certify/ssl/handbuch/ossl092/ossl092-3.html#ss3.7
(BTW, a ver
hi,
How can i use the openssl's crypto lib libeay32.lib
in VC6.0?
i want to user RSA routine,such as i2dRSAPublickey()in
my program,but when i linked my code with libeay32.lib
i got some error in studio enviroment.
MSVCRT.lib(MSVCRT.dll) : error LNK2005: _sprintf already defined in
li
Song wrote:
>
> Can Openssl be used to support Netscape Form Signing?
IMHO you have to verify the signature of signed PKCS#7 objects (similar
to verify signatures of S/MIME mails) which was not possible in
SSLeay/OpenSSL up to now.
Maybe with the new rudimental S/MIME support in 0.9.3?
How is t
HI!
Does anybody know how to calculate the key size of the public key in
Netscapes SPKAC request?
Ciao, Michael.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
>
> I installed and tested the 0.9.3a, everythings work fine.
> But i cant find S/MIME-Support.
> Did i miss something ?
> Can i use openssl to check S/MIME-Signatures, if i provide the
> smime.p7s, and the signed data?
goto crypto/pkcs7/ , compile verify.c
--
David Chia, RMIT University
___
The 3rd parameter, IV, is the initialization vector used in
bloc cipher with chaining mode (e.g. RC2-CBC). Since RC4
is a stream cipher, you can ignore it.
BTW, your certificate and RSA key are not needed for the
use of a symmetric ciphrer. All you have to do is set the secret
key and call the th
hi
where to get the exactly meaning of the ssl_connect return values.
i guess that zero is for a failed connect to the specified server and
everything bigger than zero is for a succesfull connect?
thanks in advance
andy hofmann
___
33 matches
Mail list logo
