Your right, there is another length there which was not shown in the SSL/TLS
specs... how strange. I took these out and it worked fine now. Thanks for
the clue... The problem then was that the data I was trying to decrypt was
larger than the MOD... by 2 bytes.
Thanks again!
Will
-Original M
The length of 258 bytes is very curious. If the server's key length is 2048
bits, then this length should be 256 bytes.
Is it possible your code left in a two byte length field before the
encrypted pre-master secret?
- Ken
On Fri, Oct 31, 2003 at 03:59:01PM -0800, Willia
Hello,
I have been trying to decrypt the "client pre master secret" sent in a SSL
handshake using the server's private key with OpenSSL's Crypto library. But
RSA_private_decrypt() always returns -1!
I have set up a test apache2 server with modssl and have generated the
server's private key and ce
Best guess is that you are confusing a client cert, which is used
(optionally) to identify yourself to the server, and a root cert,
which you use to validate the cert that the server returns to you.
Your "group" may be telling you that you don't need a client cert
for them to accept a connection fr
The code below is for GENERALIZED_TIME, and doesn't handle seconds yet.
But I think you get the idea. (adopted from the perl).
time_t ASN1_GENERALIZEDTIME_2ilb(BIO *bp, ASN1_GENERALIZEDTIME *tm, int showgmt) {
unsigned char strtime[30] ;
time_t test = (time_t) 0; int i ;
By chance, does anyone have a utility or example to get a time_t value
from an ASN1_TIME? Something like;
time_t getTimeFromASN1(const ASN1_TIME *);
Thanks - Jay
__
OpenSSL Project http://www.open
Hello,
I need to add the attribute SMIMEEncryptionKeyPreference in a
certificate.
It is defined in S/MIME V3 but seem not implemented in OpenSSL.
Is anyone already made this ?
I don't know how create this ASN.1 object. If you have an idea...
Thanks.
_
Guys,
I would like to make an enhancement request for the script mkdir-p.pl.
The project I am on is using openssl and for reasons that I won't go
into the projects checkout procedure results in the creation of
certain sub-directories that mkdir-p.pl is called upon to create.
I would like to see m
