SV: Format of RSA public key ?

Hi Vadim I should have been more specific. I know it is modulus and public exponent, but what I'm looking for is some OpenSSL function to load this key into a EVP_PKEY structure. Any ideas? Thanks, Kim -Oprindelig meddelelse- Fra: Vadim Fedukovich [mailto:[EMAIL PROTECTED]] Sendt: 29

Re: help needed

active perl is needed to run the perl scripts that help u build libraries... - Original Message - From: Rajiv Kumar To: [EMAIL PROTECTED] Sent: Wednesday, May 29, 2002 6:01 PM Subject: help needed hi, Iam running a Client/Server application written in C+

Re: rules to limit signing of certificate to a certain domain

In message on Thu, 30 May 2002 10:52:16 +1200, Franck Martin <[EMAIL PROTECTED]> said: Franck> I would like to know if it is possible to issue a certificate that Franck> contains a rule that specify that it can sign other certificates only if Fr

Re: PRNG not seeded

Get EGD or PRNGd from: http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html And call RAND_egd("/var/run/egd-pool"); before you try to use any crypt or ssl routines ... Obviously /var/run/egd-pool may vary depending on where you initialize the egd socket from egd or prngd Pers

RE: Two certs created when signing .CSR with OPENSSL CA.

Hi, I'll add some addition information to my question. On the webpage http://www.openssl.org/docs/apps/ca.html#, there are the following descriptions: -out filename : the output file to output certificates to. The default is standard output. The certif

PRNG not seeded

Dear Sir, I have installed OPENSSL on OSF1 V4.0 (Digital Unix) and I am trying to run the demos/bio programs saccept and sconnect. I run saccept localhost:8900 and all is fine. When I run sconnect localhost:8900, I receive the following message: SSLEAY_RAND_BYTES:PRING not seeded. I have loo

RE: Code that worked now fails; expired certs? Expired signatures? Which is it?

> Your certificate is expired. You're right - it was. I was overlooking this because other testing tools were showing it to be valid. > Your chain is complete... Ok. Now I'm testing with a more recent signature, one whose certificate is not in fact expired. Here's what I see:

rules to limit signing of certificate to a certain domain

I would like to know if it is possible to issue a certificate that contains a rule that specify that it can sign other certificates only if the domain is a sub-domain of a specified domain. For instance A would issue a certificate to B with a critical extention (*.sopac.org|*@sopac.org) that woul

Which ports used by Apache2/SSL (RMI)

I am trying to make a RMISSL server on Linux/Java. My question involves the ports used. What is wrong with my explanation below? I set Apache to listen on 8080 for HTTP (http.conf)and 8443 for HTTPS(SSL conf). I ask for an RMIregistry, which comes up on 1099. I initialize my server with my imple

Re: Code that worked now fails; expired certs? Expired signatures? Which is it?

On Wed, May 29, 2002 at 12:57:20PM -0700, Bob Steele wrote: > So, with the callback in place, I do indeed get more detailed errors. > I've added the lines of dashes for clarity, and numbered each block of > the verify debug so I can refer to them below: > > [1] > depth=2 /C=US/O=VeriSign, Inc./OU

RE: Code that worked now fails; expired certs? Expired signatures? Which is it?

> > 696:error:2106B00B:PKCS7 routines:PKCS7_dataVerify:X509 > > lib:.\crypto\pkcs7\pk7_doit.c:684: > > > Obviously, X509_verify_cert() failed this time, probably there was no > callback function installed catching the verification failures. > You must use a verify_callback to learn about the de

Re: Queries

On Wed, May 29, 2002 at 04:21:42PM -, Shalendra Chhabra wrote: > Will someone tell me > 1. what is an engine for? WHy we have an Engine also on the > openssl site for download? This question is answered in the FAQ. > 2. I want to try something like this: > > I have two computers one client

linker problems

Hello, This is only a small annoyance but I figured I would ask to see if anyone out there has any clues on how to fix it. I am using Linux Red Hat 7.1 with kernel 2.4.9-31. I have glibc 2.2.4-24, ld 2.10.91, gcc 2.96, and Postgres 7.2. My problem is when I am compiling programs I have written

REMOVE

__ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]

Re: Attempting to use EVP Context initialisation functions under 0.9.6d

On Wed, May 29, 2002 at 05:15:24PM +0100, Tim Gillott wrote: > I am having trouble initialising both Digest Contexts and Digests using > the EVP wrappers. I am using 0.9.6d under Windows XP Pro. I can't seem > to find the functions EVP_MD_CTX_init, EVP_MD_CTX_create or > EVP_DigestInit_ex in any o

Re: Attempting to use EVP Context initialisation functions under 0.9.6d

REMOVE > Tim Gillott wrote: > > Greetings. > > I am having trouble initialising both Digest Contexts and Digests > using the EVP wrappers. I am using 0.9.6d under Windows XP Pro. I > can't seem to find the functions EVP_MD_CTX_init, EVP_MD_CTX_create > or EVP_DigestInit_ex in any of the includ

Attempting to use EVP Context initialisation functions under 0.9.6d

Title: Attempting to use EVP Context initialisation functions under 0.9.6d Greetings. I am having trouble initialising both Digest Contexts and Digests using the EVP wrappers. I am using 0.9.6d under Windows XP Pro. I can't seem to find the functions EVP_MD_CTX_init, EVP_MD_CTX_create or  E

Queries

Will someone tell me 1. what is an engine for? WHy we have an Engine also on the openssl site for download? 2. I want to try something like this: I have two computers one client and a server and I enable communication between them using openssl I am confused: a)-How will I know which version

REMOVE

remove -- !==! ! Ur Efforts may FAIL! but Don't fail to MAKE EFFORTS ! ! o0 O o0 O ! ! (_) (-) {~}(_) (-) {~}! ! // // \\// // \\! ==

Re: Code that worked now fails; expired certs? Expired signatures? Which is it?

On Tue, May 28, 2002 at 11:15:47PM -0700, Bob Steele wrote: > A year ago I wrote some code to verify a PKCS7 signature. At the time > that > I wrote it, I believe it worked - the signature would verify. But when I > run it now, it fails. A newer (current) version of this code, using a > newer > ve

Examples of using Java Crypto Extention...

Hi there, Could anyone point me to simple examples of how to use the JCE ? Regards, Leendert __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTEC

Re: SSL_do_hadshake and timeout

On Wed, May 29, 2002 at 04:22:36PM +1000, Alex Cosic wrote: > What has happened is that the programs hang on SSL_get_error (sslx->ssl, > SSL_do_handshake (sslx->ssl))), or effectively on > SSL_do_hadshake(sslx->ssl). This instruction does not give the output > argument ( I expected a sort of in

RE: Dumber stuff

libcrypto.a is "libcrypto". If openssh is linking with "-lcrypto", ld will automatically search for libcrypto.a. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Phil Wenzel Sent: Wednesday, 29 May 2002 9:25 AM To: [EMAIL PROTECTED] Subject: Dumber stuff