Hi,
anyone know how to sign a X.509 cert with the attribute:
extended keyUsage
set to
TLS Web server authentication
with the CA command?
I'm trying to set up an IPsec session between a win2000 and a Cisco
router using IKE with X.509 certs. It seems that win2000 start to look
for a cer
If you do write these docs, please publish them somewhere that others can
get at them.
I'm still a couple of steps behind you with implementation and I expect
there will be many others following again that would appreciate not
re-inventing-the-wheel when it comes to user guidance docs.
-Or
Geoff Thorpe wrote:
> Given the recent wave of threads on the openssl lists, I thought I'd get
> round to doing something I meant to do some time ago - and hack up a quick
> demo. Anyway, I've just committed it into the openssl CVS repository, so
> it should be present in the next nightly snapshot
when I run nmake I get the error
NMAKE:fatal error U1073: don't know how to make '.\crypto\cryptlib.h'
My enviornment is fine.And it does make 3 folders but are empty.
Sanjiv
__
OpenSSL Project htt
> Does anybody know whether fopen(NULL, ...) is allowed at all?
> Otherwise s_server should be fixed...
It's undefined and can certainly coredump. I strongly believe that anything
other than a coredump is an error in that C library.
s_server should be fixed.
Tom,
I tried:
- Get a newer make utility? -> from MS this is the latest
- Use GNU make -> cant install/compile. It needs a file cl, and
only mentions MS C; I have Borland C.
- Get the cygwin package and build under that? ->
tr
Here is one problem. The value coming out of DH_generate_key() is mod p.
This induces the high-order bit to more likely to be a zero than a one. In
an extreme case, if p is a prime of the form 1 + 2^n, then the high-order
bit is almost certainly a zero. If this bit is one of the bits you use to
fo
Hi there,
Given the recent wave of threads on the openssl lists, I thought I'd get
round to doing something I meant to do some time ago - and hack up a quick
demo. Anyway, I've just committed it into the openssl CVS repository, so
it should be present in the next nightly snapshot (downloadable fr
Hello,
I am running the demo client/server implementaation and i am unable to
get the SSL_get_peer_certificate() function working at the server side.
The server program alsways say "Client does not have the certificate."
Eventhough the client.pem file is authenticatedd & the data is
being send &
At 04:23 PM 11/1/00 -0500, JF wrote:
>I cannot install v 9.0.6 on Windows, because make returns an error.
>
>
>The makefile bcb.mak contains a long CFLAG line which, which,
>with some more characters before and after, becomes 168 chars
>and exceeds the length limit, it seems
>
>In detail:
>
>
>
>
On Wed, Nov 01, 2000 at 03:58:29PM -0500, Gregory Nicholls wrote:
> must be NT's bloody runtime then. If I try to fopen a NULL filename it
>blows up. I changed s_server.c so
> that it only calls load_dh_param() if there's a real file. Guess what. Now it works
>.. . .
That makes sense. When lo
On Wed, Nov 01, 2000 at 09:28:55PM +0100, Thomas Geller wrote:
> First of all thank you Lutz for your help.
>
> > The result at depth 0 says, that the certificate at level 0 is
> consistently
> > signed from its CA. The CA itself (at level 1) however failed verification
> > for several reasons.
>
I cannot install v 9.0.6 on Windows, because make returns an error.
The makefile bcb.mak contains a long CFLAG line which, which,
with some more characters before and after, becomes 168 chars
and exceeds the length limit, it seems
In makefile:
CFLAG=-DWIN32_LEAN_AND_MEAN -q -w-aus -w-par -
must be NT's bloody runtime then. If I try to fopen a NULL filename it
blows up. I changed s_server.c so
that it only calls load_dh_param() if there's a real file. Guess what. Now it works ..
. .
Thanks,
G.
Lutz Jaenicke wrote:
> On Wed, Nov 01, 2000 at 02:01:01PM -0500, Gregory
First of all thank you Lutz for your help.
> The result at depth 0 says, that the certificate at level 0 is
consistently
> signed from its CA. The CA itself (at level 1) however failed verification
> for several reasons.
> The preverify_ok state only indicates whether the certificate at the
> act
Hi ,
I have the following problem: BN_generate_prime, BN_rand and RSA_sign
fail on Solaris but
they succeed on Linux. I seeded the PNG before calling the functions,
and BN_generate_prime
succeds now, but BN_rand and RSA_sign are still failling. This happens
only on Solaris, the same
code works f
On Wed, Nov 01, 2000 at 02:01:01PM -0500, Gregory Nicholls wrote:
> Umm no it doesn't. At least not on my system. I get an error while it's trying to
> execute a load_dh_param() function (at line 652 in s_server.c ... trying to fopen()
>a NULL
> file). That's why I put in the no_dhe.
Hmm. Firs
Umm no it doesn't. At least not on my system. I get an error while it's trying to
execute a load_dh_param() function (at line 652 in s_server.c ... trying to fopen() a
NULL
file). That's why I put in the no_dhe.
Is this something to do with what I've forgotten
thanks,
G
On Wed, Nov 01, 2000 at 12:22:29PM -0500, Gregory Nicholls wrote:
> I'm trying to get s_client and s_server working with ADH - again. I _know_ I've had
> it working before but I seem to have forgotten some crucial point. I'm using
> s_server -nocert -no_dhe -cipher ADH-RC4-MD5
> s_client -cipher
Oops, I forgot to send the attachments.
#include "firma.hh"
#include
#include
#include
#include
#include
#include
const int KEY_SIZE = 1024;
Bytes_sha Sha1 (string contr);
Bytes_sha Blow (Bytes_sha data, Bytes_sha key);
void Firma::Generar (string contr, Bytes_sha& pub, Bytes_sha& pr
[EMAIL PROTECTED] wrote:
>
> help!
>
> Im feeling a bit daft,
> but all im looking for is an example on implementing digital signatures,
> and I keep finding myself bogged down with theory!
>
> Can you point ,me in the direction of a coding example?
>
> thanks in anticipation!
>
> Sam Duncan
I'm trying to get s_client and s_server working with ADH - again. I _know_ I've had
it working before but I seem to have forgotten some crucial point. I'm using
s_server -nocert -no_dhe -cipher ADH-RC4-MD5
s_client -cipher ADH-RC4-MD5
Of course it returns no shared cipher. Could some kind so
When I try to create a new CA a get the following error:
root@riemann:/opt->/usr/local/lib/openssl-0.9/misc/CA.pl -newca
CA certificate filename (or enter to create)
Making CA certificate ...
Using configuration from /etc/openssl/openssl.cnf
unable to load 'random state'
This means that the rand
Hello,
Having trouble compiling/testing the CRYPT Perl module Crypt-SSLeay-0.17
with openssl-0.9.6-beta2. The compile, test and install on the openssl went
fine. The compile of the SSLeay module had the following ran fine. The
test of the SSLeay module encountered the following error:
Any sug
I do not think this is a bug. On average with truly random exponents, you
would expect that about 1/2 of the time the result of DH_generate_key() is
less than 1/2 of the modulus, 1/4 of the time it is less than 1/4 of the
modulus, ..., 2^-n of the time it is less than 2^-n * modulus. So if your
mo
I have got openssl 0.9.4 and Net::SSleay 1,05 working on a NT 4.
It seem to be a problem with the RANDFILE and the prefered way to
go is to implement the egd, (if the openssl 0.9.5 is installed) ...
so egd itself is implemented in 0,9,5 so I could change version but
if i would like to save this c
26 matches
Mail list logo
