On Thu, Mar 27, 2003, marek cervenka wrote:
> > > > > i have a single file in PKCS#7 format
> > > > > can i decrypt this file with openssl?
> > > > >
> > > > > i try this
> > > > > [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc
> > > > > -recip test.pem -inkey key.pem
>
Hello,
I am trying to write a client application which downloads a CRL,
automatically and programatically, via http and ldap.
Has there been effort to do this?
Or do I have to write that code using libwww and OpenLDAP?
Thank you.
__
> > > > i have a single file in PKCS#7 format
> > > > can i decrypt this file with openssl?
> > > >
> > > > i try this
> > > > [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip
> > > > test.pem -inkey key.pem
> > > > Enter PEM pass phrase:
> > > > Error decrypting PKC
On Wed, Mar 26, 2003, marek cervenka wrote:
> > > i have a single file in PKCS#7 format
> > > can i decrypt this file with openssl?
> > >
> > > i try this
> > > [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip
> > > test.pem -inkey key.pem
> > > Enter PEM pass phras
> > i have a single file in PKCS#7 format
> > can i decrypt this file with openssl?
> >
> > i try this
> > [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip
> > test.pem -inkey key.pem
> > Enter PEM pass phrase:
> > Error decrypting PKCS#7 structure
> > 3428:error:210
On Wed, Mar 26, 2003, Asad Ali wrote:
>
> Does TLS support any "non-static" RSA ciphersuites. For example is
> it possible to use a 128 bit key to encrypt the pre-master secret
> in chunks of 16 bytes (including the padding), or use a 256 bit
> key to encrypt it in 32 byte chunks.
>
No, the sta
On Wed, Mar 26, 2003, marek cervenka wrote:
> hi,
>
> i have a single file in PKCS#7 format
> can i decrypt this file with openssl?
>
> i try this
> [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip
> test.pem -inkey key.pem
> Enter PEM pass phrase:
> Error decrypti
* Nadav Har'El ([EMAIL PROTECTED]) wrote:
> > The ideal thing for openssl would be to wait until we have a good
> > opportunity to well and truly ignore backwards compatibility and then
> > just uproot the entire caching interface and replace it with something
>
> I understand that backward compat
hi,
i have a single file in PKCS#7 format
can i decrypt this file with openssl?
i try this
[EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip
test.pem -inkey key.pem
Enter PEM pass phrase:
Error decrypting PKCS#7 structure
3428:error:21070073:PKCS7 routines:PKCS7_data
Does TLS support any "non-static" RSA ciphersuites. For example is
it possible to use a 128 bit key to encrypt the pre-master secret
in chunks of 16 bytes (including the padding), or use a 256 bit
key to encrypt it in 32 byte chunks.
regards,
--- asad
-Original Message-
From: [EMAIL PRO
Hi,
I have a client and a server using SSL to communicate. the crypto is
3DES-CBC-SHA
When the client send message with length < 1989 bytes, the SSL_read on
server spend about 10 ms.
When the client send message with length > 1989 bytes, the SSL_read on
server spend about 200 ms.
This is a big
On Wed, Mar 26, 2003, Geoff Thorpe wrote about "Re: SSL_CTX_free messes with external
session cache":
> IMHO, you're probably better off in the mean time disabling the internal
> caching altogether and implement a coherent model entirely from the
> external callbacks - this way the SSL_CTX_free()
Hi,
* Nadav Har'El ([EMAIL PROTECTED]) wrote:
> Hi,
>
> I noticed that SSL_CTX_free() takes all the sessions in the given CTX's
> internal session cache, and also removes them from the external session cache
> (i.e., calls the delete-session callback).
>
> Why was this done? I can't think of a s
On Wed, Mar 26, 2003, Lutz Jaenicke wrote about "Re: SSL_CTX_free messes with external
session cache":
> Hmm. I extensively use external session caching. But I never call
> SSL_CTX_free(), as my application will terminate in this moment anyway,
> so this oddity went by unnoted...
This is the bane
On Wed, Mar 26, 2003 at 08:25:10PM +0200, Nadav Har'El wrote:
> I noticed that SSL_CTX_free() takes all the sessions in the given CTX's
> internal session cache, and also removes them from the external session cache
> (i.e., calls the delete-session callback).
[Analysis deleted.]
Obviously this b
Hi,
I noticed that SSL_CTX_free() takes all the sessions in the given CTX's
internal session cache, and also removes them from the external session cache
(i.e., calls the delete-session callback).
Why was this done? I can't think of a security or a logical explanation to
this, because these sessi
On Wed, Mar 26, 2003, rajagopalan ramanujam wrote:
> hi,
>
> I have tested the SSL handshake but failing when
> verifying server certificate
> X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY. I
> generated the self signed CA and used the same CAcert
> to verify using openssl verify and also using op
On Wed, Mar 26, 2003, Asad Ali wrote:
>
> Hi,
>
> I am experimenting with the minumum RSA key lenght allowed
> by TLS 1.0. What I gather from reading the specification is
> that it is left to applications to enforce minimum/maximum
> lenghts - please correct me if this is not the case.
>
Ther
hi,
I have tested the SSL handshake but failing when
verifying server certificate
X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY. I
generated the self signed CA and used the same CAcert
to verify using openssl verify and also using openssl
s_client -verify 1 -CAfile and it seems to be working
perfec
Hi,
I am experimenting with the minumum RSA key lenght allowed
by TLS 1.0. What I gather from reading the specification is
that it is left to applications to enforce minimum/maximum
lenghts - please correct me if this is not the case.
Assuming that TLS 1.0 spec does not place any restriction on
In message <[EMAIL PROTECTED]> on Wed, 26 Mar 2003 08:35:43 -0500, "Prashant Kumar"
<[EMAIL PROTECTED]> said:
prkumar> Thank you so much for your help. When will OpenSsl 9.8 be released ?
0.9.8 doesn't have a schedule yet.
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
[EMAIL PRO
Title: RE: Elliptic curve in 9.7a
Hello Nils Larsch,
Thank you so much for your help. When will OpenSsl 9.8 be released ?
Thanks,
Prashant Kumar.
-Original Message-
From: Nils Larsch [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, March 26, 2003 4:00 AM
To: [EMAIL PROTECTED]
Subject
Hi, we are using SSL_read in a loop to read all the bytes being sent from a
server.
We use SSL_peek to know when there's no more data.
Problem is SSL_read always sleeps for about one minute when reading the last
set of bytes.
We are asking it to read the exact number of bytes already returned
Prashant Kumar wrote:
Hello Group,
Hi Prashant,
Do we support curves K-163 (Group 7) and B-283 (Group 8) in the Elliptic
curve implementation
in 9.7a ? .
No, OpenSSL 0.9.7 supports only the basic arihtmetic for curves over
GF(p). For support of binary curves you must wait for 0.9.8
(try the curr
24 matches
Mail list logo
