Only for example:
You must open a session first. If certificate are stored in private space
you must also login.
int scan_PKCS11_cert() {
X509 *crt=NULL;
CK_BYTE *p=NULL;
CK_RV rv;
CK_OBJECT_HANDLE hCert = CK_INVALID_HANDLE;
int ret=0;
CK_ULONG Matches;
CK_ULONG ulCe
In message <[EMAIL PROTECTED]> on Wed, 24 Mar 2004 13:37:06 +0800, "linux guy" <[EMAIL
PROTECTED]> said:
linuxguy> thx,I am sorry for that i misdescribe my problem,the
linuxguy> fact is that I can generate 256 RSA key,but I can't create
linuxguy> certificate with this key,the wrong mesg is as bel
thx,I am sorry for that i misdescribe my problem,the
fact is that I can generate 256 RSA key,but I can't create
certificate with this key,the wrong mesg is as below:
20239:error:04075070:rsa routines:RSA_sign:digest too big for rsa key:rsa_sign.c:116:
20239:error:0D072006:asn1 encoding routines:ASN
On Wed, Mar 24, 2004 at 11:35:34AM +0800, linux guy wrote:
> openssl's genrsa can't do this work,any other tool to do this work?
If you must,
Python 2.3.3 (#2, Mar 7 2004, 15:57:59)
[GCC 2.95.4 20020320 [FreeBSD]] on freebsd4
Type "help", "copyright", "credits" or "license" for more information
> Hi Andrew,
> > How unique is it? Is it statistically improbable that I could
> > generate the
> > same key twice?
> If you have properly seeded your random generator, generated
> (RSA) keys should
> be quite unique.
It doesn't matter. Breaking an RSA key basically involves factoring a
> yes,I am sure,can you give me any advice?:)
Drop SSL.
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
XML Security Overview http://www.datapower.com/xmldev/xml
yes,I am sure,can you give me any advice?:)
- Original Message -
From: Rich Salz <[EMAIL PROTECTED]>
Date: Tue, 23 Mar 2004 22:47:40 -0500 (EST)
To: linux guy <[EMAIL PROTECTED]>
Subject: Re: how to generate one rsa key which size is 256 or less than 256
> > openssl's genrsa can't do this
> openssl's genrsa can't do this work,any other tool to do this work?
Are you really sure that the RSA work is so great that you need such a
ridiculously small key size? The security is so weak perhaps you should
just drop SSL altogether.
/r$
--
Rich Salz Chief Security
openssl's genrsa can't do this work,any other tool to do this work?
thx
--
__
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.
Powered by Outblaze
__
our our webserver is using openSSL to provide HTTPS service,
we create a self-singed certificates with one 1024 bits private key,
so the server will be slow to handle the communication
I wanna decrease the size of the private key,but openssl can't generate
the key which size is less than 256?
s
our our webserver is using openSSL to provide HTTPS service,
we create a self-singed certificates with one 1024 bits private key,
so the server will be slow to handle the communication
I wanna decrease the size of the private key,but openssl can't generate
the key which size is less than 256?
s
> Well, what I meant by anonymous was that they're connection-less, and
> with the nature of UDP, the tracker can't be quite sure that they are
> who they claim to be.
Anonymous has nothing to do with connection-less or not.
If the server is going to decode the packets that the client encrypts,
t
GoochRules! wrote:
[...]
After reading up on PKI, I'm concerned that OpenSSL is not a solution
to my problem. I suppose all I really need is a mechanism to
encrypt/decrypt messages based upon public/private keys. Does OpenSSL
do anything like this?
To realize this with OpenSSL I'd set up my o
On Mar 23, 2004, at 16:10, Rich Salz wrote:
how can I properly secure small anonymous UDP transmissions?
I don't know what you mean by this. Are you sure you mean anonymous?
Well, what I meant by anonymous was that they're connection-less, and
with the nature of UDP, the tracker can't be quite s
On Mar 22, 2004, at 2:36 PM, Bernhard Froehlich wrote:
GoochRules! schrieb:
Greetings,
I'm a newbie with this ssl stuff, what I know I learned from using
ssh, so please correct me where my assumptions are wrong.
I'm attempting to create a client/server environment where the
identity of the ser
hello,
according to the following asn.1 structure, a time string storing validity
information in a x509 certificate can be given in two ways:
[snip]
Validity ::= SEQUENCE {
notBefore Time,
notAfterTime
}
Time ::= CHOICE {
utcTime
Hi there,
On March 22, 2004 11:02 am, Nelson Gamazo Sánchez wrote:
> I'm trying to code my own engine but I have some questions after
> reading the .pod, samples (demos and built-in) and openssl code. If any
> of these questions have already answered please send reference.
>
> 1-Could anybody
Hi,
probably I'm overlooking something obvious: I have a smart card that can be
accessed through a suitable PKCS#11 library and I have a working sort-of-CA
using openssl. I know how to generate key pairs on the smart card and
(hopefully) how to read the public key off the card. But how do I get
You can use PKCS12.
Using libeay you can create:
PKCS12 *PKCS12_create(char *pass, char *name, EVP_PKEY *pkey, X509 *cert,
STACK_OF(X509) *ca, int nid_key, int nid_cert, int iter,
int mac_iter, int keytype);
save:
int i2d_PKCS12_fp(FILE *fp, PKCS12 *p12);
read:
PKCS12 *d2i_PKCS12_
I need a simpel keystore, maybe containing a users private key, users certificate and
4-5 public certificates.
I'm looking for some standard format for saving these keys/certificates to a single
password protected file.
At the moment I need it for a Windows environment, but I don't want to use
W
20 matches
Mail list logo
