How can I add fields to X_509 certificates or ...???

Hi: I would like to know how to add special fields to a X_509 certificate. The idea is to be able to assign special permissions to certain certificates in order to verify them during the SSL_verify callback function. Also, how do I extract those fields I add??? Is there some documentatio

Re: win

On Fri, Jul 20, 2001 at 03:29:23PM +0200, Martin wrote: > Is openssl available for windows? I have win2000 with apache 1.3.19. I have a binary package of OpenSSL 0.9.6 on my website: contains openssl.exe and the two DLLs. Plus some "value-added" stuff. See url in .sig. Cheers. -- Ng Pheng Sion

Re: Display of a User Certificate in Netscape Address book

Robert Hannemann wrote: > > i´ve generated a Certificate with DER encoding and add it to an LDAP > Directory User Entry. When i search the LDAPentry with Netscape > Addressbook, the Attributes of the Result looks good, but the > Certificate is displayed as an binary string like : > > use

Re: RSA p and q inverses

--Redirected to -users It's true, either one is sufficient. In fact, the primes are basically interchangeable, so you can label either one as "p" and the other as "q". The place they are not interchangeable is in the PKCS#1 Private Key syntax. In that case, there is a first prime, which is label

How to add fields to X_509 certificates

Hi: I would like to know how to add special fields to a X_509 certificate. The idea is to be able to assign special permissions to certain certificates in order to verify them during the SSL_verify callback function. Also, how do I extract those fields I add??? Is there some documentation on wha

Representation of DN's

I'm still trying to see how X509_NAME_ENTRY objects are used to represent RDN's that contain multiple attribute-value assertions (AVA's). I assume this has something to do with the 'set' variable in the X509_NAME_ENTRY structure. Lutz? Steve? Any help would be seriously appreciated. Thanks,

RE: a question about encrypt and decrypt using EVP interface

> memcpy(iv, "12345678", 8); > EVP_BytesToKey(EVP_idea_cbc(), EVP_md5(), "salt", pw, > strlen(pw), 1, key, > iv); The salt value should be at least 8 bytes long - you're getting 3 random bytes here. You don't need to specify an iv value as this function creates it. - Dale.

win

Hi, I have any question? Is openssl available for windows? I have win2000 with apache 1.3.19. Thx Martin __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMA

Wrong ELF

I just installed ssl, but got wrong ELF msgs. Is this bad? or irrelevant? 699 cc -o rsa_test -I../include -KPIC -DTHREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -xtarget= ultra -xarch=v9 -xO5 -xstrconst -xdepend -Xa -DB_ENDIAN -DULTRASPARC -DMD5_ASM rsa_test.o -L.. -lcry pto -lsocket -ln

openssl 0.9.6/win32 bug (?)

Hi, I've discovered that openssl-0.9.6 and openssl-0.9.6b (I didnt tested other versions) produces broken PEM_read/write functions under WIN32. Under linux works fine. Exception occurs somewhere inside NTDLL.DLL with diagnostics: "The instruction at "0x77f83941" referenced memory at "0x10". The

Re: Reading RSA-keys over network

On Fri, Jul 20, 2001 at 11:05:55AM +0200, Ohrt, Anders wrote: > I'm doing a little hack reading RSA-keys from a network socket. I'm using > openssl, (0.9.6a) and am some problems setting things up. What I want is > just to listen to a port, read a key from it, and play with it then. I'm > using a

Re: Question on remote server certificate verification

Please stay with openssl-users... On Thu, Jul 19, 2001 at 02:03:40PM -0600, Sejin wrote: > One from the SSL server machine(With the CA.pl -newca command) - the > right one, and another one from the different machine(With the same > CA.pl -newca command) - the false on for the testing. > My purpos

RE: OpenSSL and IIS4 - problem

I would suspect that you are using IE, which is extremely fussy about connecting to IP addresses with SSL. Use the full host name (ie host.domain) to connect. You'll need either an entry in a hosts file, or the host name to exist in your DNS.   In the case of the first erro

Reading RSA-keys over network

Hi! I'm doing a little hack reading RSA-keys from a network socket. I'm using openssl, (0.9.6a) and am some problems setting things up. What I want is just to listen to a port, read a key from it, and play with it then. I'm using a BIO, and if I use BIO_read, I get the key, but using PEM_read_RSA

Re: Trying to install it on Mac OS X

On Thu, 19 Jul 2001 [EMAIL PROTECTED] wrote: > >How can I install OpenSSL on Mac OS X ? Running config it tells it does not > >recognize the system ? > > > go here for some hints: > > >http://www.macosxhints.com/search.php?query=openssl&mode=search&datestart=0&dateend=0&topic=0&type=stories&auth

Display of a User Certificate in Netscape Address book

Hello, i´ve generated a Certificate with DER encoding and add it to an LDAP Directory User Entry. When i search the LDAPentry with Netscape Addressbook, the Attributes of the Result looks good, but the Certificate is displayed as an binary string like : userCertificate: 0?í0??0 *?H?÷