Hi,
I've a little problem with the function CRYPTO_add. Actually, when I use the function OCSP_basic_add1_cert, I know that in that function the CRYPTO_add is called. My problem is, I use the function OCSP_basic_add1_cert to add the certificate chain to my ocsp response and even after the memmr
On Mon, Sep 22, 2003, Markus Lorch wrote:
> Hi,
>
> I was under the impression that the following two code fragments are
> equivalent. But the first can successfully decode a BER encoded
> certificate (in "value"), while the second fails - data too long. When should
> ASN1_item_d2i_bio be used?
On Mon, 22 Sep 2003, Wayne Rasmussen wrote:
> Is there some legal responsibility of mailing lists owner to prevent this?
I have not received a single of these via the OpenSSL mailinglist server.
I do receive tons of them from other sources however.
Why is this discussion at all on this list? Is
On September 22, 2003 02:44 pm, Frank wrote:
> Finally somebody with a clue!!!
Whatever the quality of the entries in this philosophical discussion, it
is totally off-topic for this list. It seems that very few viral emails,
if any, have turned up through the list server.
OTOH: wha
Then I guess that moves it firmly outside the purview of this list and into
your ISP's hands. Good luck.
On 9/22/03 1:44 PM, "Frank" <[EMAIL PROTECTED]> wrote:
> Finally somebody with a clue!!! I can't effetely stop this crap
> unless my ISP gives my root/admin on the mail server!!!
Steve,
That did it!! Thanks a bunch
Frank
Dr. Stephen Henson wrote:
On Mon, Sep 22, 2003, Frank wrote:
Nils,
Humm I tried this and got a error during signing
1436:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public
key typ
e:p_sign.c:101:
The p
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dr.
> Stephen Henson
> Sent: Monday, September 22, 2003 2:47 PM
> To: [EMAIL PROTECTED]
> Subject: Re: d2i_X509 vs. ASN1_item_d2i
>
>
> On Mon, Sep 22, 2003, Markus Lorch wrote:
>
> > Hi,
> >
> >
Finally somebody with a clue!!! I can't effetely stop this
crap unless my ISP gives my root/admin on the mail server Even
with cable modem It takes a few minuets to down load all these
virus!!! The ISP's/mail server admin's need to stand up and so there
job's!!!
Cory C. Al
On Mon, Sep 22, 2003, Markus Lorch wrote:
> Hi,
>
> I was under the impression that the following two code fragments are
> equivalent. But the first can successfully decode a BER encoded
> certificate (in "value"), while the second fails - data too long. When should
> ASN1_item_d2i_bio be used?
On Mon, Sep 22, 2003, Frank wrote:
> Nils,
>Humm I tried this and got a error during signing
>
> 1436:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public
> key typ
> e:p_sign.c:101:
>
> The private key I used was one read in when I generated a DSA
> certficate. the header
From: andy <[EMAIL PROTECTED]>
> On Mon, Sep 22, 2003 at 08:51:43AM -0700, Wayne Rasmussen wrote:
> > You are correct on this one. It is a matter of responsibility. If the only
> > answer is to drop from the list, then I think I will be forced to do so as
> > well.
> > The othe
Rich Salz wrote:
It doesn't matter if I have it or not. You are missing the point. The
list
is a source of spreading the virus and therefore has a responsibility to
take care of it.
You're new to this internet thing, aren't you.
So are the lawyers -- but they'll catch on as soon as they see
tho
Hi,
I was under the impression that the following two code fragments are
equivalent. But the first can successfully decode a BER encoded
certificate (in "value"), while the second fails - data too long. When should
ASN1_item_d2i_bio be used?
cert = d2i_X509(NULL,(unsigned char **) &value, value
I have a DSA key. No I havn't. Thought the same ones worked forboth,
but I guess not.
Thanks,
Frank
Dr. Stephen Henson wrote:
On Mon, Sep 22, 2003, Frank wrote:
Any one have an example on how to DER encode a public key and then
convert it back again? I believe you use :
i2d_Pu
On the other hand a checksum in cryptography is used quite liberally,
and can be used interchangeably with one-way-hash/message digest/digital
fingerprint etc.
Unh, no. Those three terms you separated by a slash are used
interchangeably, but while you might rarely see "cryptographic
checksum",
Nils,
Humm I tried this and got a error during signing
1436:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong
public key typ
e:p_sign.c:101:
The private key I used was one read in when I generated a DSA
certficate. the headers say DSA
Any thoughts? Same routine I used for
Here are some diagrams in a document I wrote what seems like
a century ago (before I started actually writing PKI code):
http://www.oit.umd.edu/middleware/pki.html
Have been somewhat distracted the last few days by a hurricane.
Refugee house guests from the unempowered areas etc.
--
Charles B (Ben
On Mon, Sep 22, 2003, Frank wrote:
> Any one have an example on how to DER encode a public key and then
> convert it back again? I believe you use :
> i2d_PulicKey() & d2i_PublicKey(). I seem to be able to convert to DER
> (at least the func doe snot fail). But converting it back it does not
Quoting the GNU Emacs manual as an authority on cryptographic terms isn't
particularly useful.
Okay. Here is a link to some of the documents that refer to SHA1 as a
checksum.
http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=%22SHA1+checksum%22&btnG=Google+Search
For the same reason you do
At 8:51 -0700 9/22/03, Wayne Rasmussen wrote:
The other thing that concerns me amongst the computer professional who just
shout out "get anti-spam/anti-virus software". Is this the kind of right
thinking going on in computer science these days?
Pretty much, yes, that's the right answer.
Assuming
Isn't MD5 a Message Digest?
Yes, hence the initials MD.
Quoting the GNU Emacs manual as an authority on cryptographic terms
isn't particularly useful.
Is there any reason why we can not use word "checksum" with SHA1?
For the same reason you don't call it a CRC -- because that's not what
it is.
Kids:
If you weren't around for the transition from NCP, you're newbies. :)
Anyway, for some silly reason I decided to save all of the bogus mail that
I received purporting to be from Microsoft. I have, as yet, not received
any messages that were relayed through openssl.org or even any that make
SHA1 isn't a checksum, it's a Message Digest.
I am sorry I am confused
Isn't MD5 a Message Digest? However people use the phrase "MD5 Checksum".
For e.g.
http://www.gnu.org/manual/elisp-manual-21-2.8/html_node/elisp_539.html on
the GNU website.
To quote:
"MD5 cryptographic "checksums", or
Note: Attached is the updated diagram, I tried to include all the
suggestion I received.
The arrow that says "Encryt(sic) Using Sender's Private Key" and the box
it points into that is labelled "Data encrypted using sender's private
key" are nonsensical.
SHA1 isn't a checksum, it's a Message Di
These spammers harvest email addresses from many public newsgroups
and forums. The problem is also with all the archives that don't take out
the email addresses from the posts. For example,
http://groups.google.com/groups?group=mailing.openssl.users
etc etc
I'm not picking on any archive in particu
Andy, this is for a mail server right, not an end user.
andy wrote:
Perhaps you should think about some form of spam prevention software.
I got none of these mails, filtered with spamassassin.
SpamAssassin is free btw-
On Mon, Sep 22, 2003 at 08:28:36AM -0700, Wayne Rasmussen wrote:
Plain text please...
You are not getting these emails through the list. What has happened is
that your email address has been harvested by spammer-robot which has
simply gone through the archives of the list (you have posted to this
list - e.g.
http://www.mail-archive.com/[EMAIL PROTECTED]/msg2908
Let's see, I got out of the Navy in 1985 and went to work for Symbolics Inc.
If you look at Hobbes' Internet Timeline:
1985
Symbolics.com is assigned on 15 March to become the first registered domain.
Other firsts: cmu.edu, purdue.edu, rice.edu, berkeley.edu, ucla.edu,
rutgers.edu, bbn.com (24 Ap
It doesn't matter if I have it or not. You are missing the point. The list
is a source of spreading the virus and therefore has a responsibility to
take care of it.
You're new to this internet thing, aren't you.
--
Rich Salz, Chief Security Architect
DataPower Technology
You
are correct on this one. It is a matter of responsibility. If the
only answer is to drop from the list, then I think I will be forced to do so as
well.
The
other thing that concerns me amongst the computer professional who just shout
out "get anti-spam/anti-virus software". Is thi
It doesn't matter if I have it or not. You are missing the point. The list
is a source of spreading the virus and therefore has a responsibility to
take care of it. Think of it this way. At the list is one point that stops
the spread. If you have 1000 members on the list, they need 1000 anti-sp
Any one have an example on how to DER encode a public key and then
convert it back again? I believe you use :
i2d_PulicKey() & d2i_PublicKey(). I seem to be able to convert to DER
(at least the func doe snot fail). But converting it back it does not
seem to, or at least totally. I run the EV
To stop getting all these is it as simple as unregistering from the
openssl mailing list? If that's so then I will do it. And the owner of
this list IMHO without filtering these might as well just shut it down
if they can't do anything about it given their OS limitations. Because
this is total
Is there some legal responsibility of mailing lists owner to prevent this?
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] Behalf Of Michael Sierchio
> Sent: Sunday, September 21, 2003 11:39 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Dodgy "Microsoft fix" emails
>
Hello,
I tried the following OpenSSl command
/usr/local/openssl/bin/openssl ca -revoke
\/usr\/local\/openca\.0\.9\.2\/openca\/var\/tmp\/29573_3_cert\.pem
-config /usr/local/openca.0.9.2/openca/etc/openssl/openssl.cnf -passin
env:pwd
and I get the following Error Message
Using configuration f
On Mon, Sep 22, 2003, BP wrote:
> Well, sorry, the RFC fragment was uncomplete, so my understanding.
>
> My only question is then :
> What stands OCTET STRING (16 bits long) for, when cont[0] really
> contains the encrypted bytes ?
>
> SEQUENCE
> OBJECT : pkcs7-data
> SEQUENCE
> OBJECT :
> Signing does not have to be an application of hashing and encryption. Take
> a look at DSA.
Yes, of course. I simplified for the audience. I should have made that
explicit.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS
Rich Salz <[EMAIL PROTECTED]> writes:
> You missed the point of what Michael said. First, when someone says "xxx
> is signed" they mean hash(xxx) is encrypted with private key. It's
> basically the definition of a signature. Only if you look closely, do you
> see that signing is an application
38 matches
Mail list logo
