Please, help..
For example I want to generate ASN1 type of
UTF8String by this call
ASN1_generate_v3(p,
ctx)
I pass to this subrouting such string
"UTF8:йцукенг". But no correct effect..
I 'tried to pass for the value the correct
UTF8 data,previously had converted it from
Hello All,
i. The following program prints the hexadecimal and
decimal encoding of a big number
***#include
#include int main() { RSA
*public; unsigned int bits, len; char *buf, *uu;
unsigned char *blob; public = RSA_generate_key(1024
Title: What does the "subject name's hash" mean?
Sorry for all the questions today. But I'm looking at the SSL_CTX_load_verify_locations() API and the 3rd arg. This specifies, "The name of a directory containing CA certificates. Each file in the directory must contain only a single CA certi
I see. So current OpenSSL users on Windows either have to convert all the
certs to the correct format and store than in a directly accessible by
OpenSSL, or they have to go with the Microsoft Cert* API's. Is that a
correct statement?
There is no way I can use the certs that come pre-installed w
Edward Chan wrote:
I understand the usage of the API. What I mean is, how do you know what
directory or file to specify, if this is not easily known? Dr. Henson said
that the certs are stored in the Windows registry but that the location is
retrievable using certain Cert* Win32 API's.
No, not t
Oh man. So what do people do for Windows? Is there an example out there to
follow? Or does everyone just write their own stuff using the MS
CryptoAPI's?
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Jim Adams
> Sent: Friday, March 04, 2005 12
Abhinav Gupta wrote:
Hi,
I am a newbie to the OpenSSL world. I am trying to use the Safenet
SafeXcel 1141 card for encryption. I have been provided a patched
version of the OpenSSL which has support for the card in the form of a
'safenet' engine. The card seems to work (the code for the engine
Look at mttest.c in OpenSSL source. It has an example on how to
initialize your locking call back functions( you might have already seen
this).
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Aniruddha
Chiplunkar
Sent: Friday, March 04, 2005 2:25 PM
To:
SSL_CTX_load_verify_locations() is called to tell Openssl where your
application has stored your .0 root cert files. Windows does not keep
its root certs in a directory, or in .0 format. So Openssl cannot verify
directly against Windows' certs. You can retrieve Windows' certs using
the Crypto
Hi Sunil,
I am not having two threads working on the same SSL
connection at the same time. I have one thread which
does the handshake (SSL_accept) and AFTER the
SSL_accept is finished successfully, I transfer the
ownership of the connection (ssl and fd) to the second
thread. The second thread does
Hi all!!!
Thanks a lot Dr Henson .. you really point me in the right way .
My last question posted was based in certs and keys separated and we want build them in a PKCS12 file for exchange it... I have another question . what about the case if we want generate RSA private keys, to crea
Hi,
I am a newbie to the OpenSSL world. I am trying to use the Safenet
SafeXcel 1141 card for encryption. I have been provided a patched
version of the OpenSSL which has support for the card in the form of a
'safenet' engine. The card seems to work (the code for the engine
support gets called)
If I understand right. You very to check the cert via the Windows store. OK.
This is what I did in fe-secure.c in Postgresql libpq client library
conn->peer holds the server cert.
I used MS Visual Studio 7.0,
wincrypt.h is required for the API.
CA cert is installed in the windows stores
This cod
The implication is posted in an earlier message here.
http://www.mail-archive.com/openssl-users@openssl.org/msg38752.html
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Aniruddha
Chiplunkar
Sent: Friday, March 04, 2005 1:47 PM
To: openssl-users@openss
I understand the usage of the API. What I mean is, how do you know what
directory or file to specify, if this is not easily known? Dr. Henson said
that the certs are stored in the Windows registry but that the location is
retrievable using certain Cert* Win32 API's. Just wondering if anybody kne
Hi All,
I have an issue with my muti-threaded server
application using openSSL.
Many of my threads are indefinitely blocked on the
CRYPTO_LOCK_ERR in locking_callback().
GDB shows that the mutex (type=1) itslef is not owned
by any thread but has the mutex's status value
negative.
Here is what my
You would call SSL_CTX_load_verify_locations(SSL_CTX*, , ) with either the 2nd
or 3rd param optionally NULL, but not both.
The file would contain one or more CA public keys and the directory is
ca public keys with the name of the file being a hash of the ca name
with a .0 extension.
Darya
-O
Does anybody know off hand what the API is to call to find the location?
How are people calling SSL_CTX_load_verify_locations() on Windows?
Thanks,
Ed
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dr.
> Stephen Henson
> Sent: Thursday, March
Hi,
Some newbie questions...
If the server uses SSLv23_method, and
the client only supports SSLv2, does the server allow SSLv2?
If the server uses SSLv23_method, and
the client can support SSLv2 or SSLv3, does the server automatically choose
SSLv3?
Does setting SSL_OP_NO_SSLv2 change
the behav
Title: Command failed for target 'do_solaris-shared'
I am getting this error Command failed for target 'do_solaris-shared' when I do a build shared fro openssl. I am using the stable version openssl-0.9.7-stable-SNAP-20050214. I just tried doing a ./config no-asm and still no luck. Any help w
Edward Chan wrote:
Thanks for the info. I think I understand now. A plain old digital
signature will not have the cert info, but a PKCS7 container does. I think
that is what I have, if I followed the example correctly. Am I correct in
saying that a PKCS7 container contains a digital signature +
Thanks for the info. I think I understand now. A plain old digital
signature will not have the cert info, but a PKCS7 container does. I think
that is what I have, if I followed the example correctly. Am I correct in
saying that a PKCS7 container contains a digital signature + certificate
inform
Hi,all.
For example I want to generate ASN1 type of
UTF8String by this call
ASN1_generate_v3(p,
ctx)
I pass to this subrouting such string
"UTF8:йцукенг". But no correct effect..
I 'tried to pass for the value the correct
UTF8 data,previously had converted it from CP1251 to UTF8...
But thi
Title: issue with PEM_read_bio_X509() and 9.9.7e
i've developed an encryption library with openssl 0.9.7b and have run into
an issue when upgrading to the 0.9.7e version. i've generated an rsa keypair
using the following commands:
genrsa -aes256 -out 1.pem -passout file:PrivateKeyPW.txt
Steve, sorry forget to include the asn1parse output ...
I've X'd out sensitive stuff:
0:d=0 hl=4 l=57226 cons: SEQUENCE 4:d=1 hl=2 l= 9 prim: OBJECT :pkcs7-envelopedData 15:d=1 hl=4 l=57211 cons: cont [ 0 ] 19:d=2 hl=4 l=57207 cons: SEQUENCE
On Fri, Mar 04, 2005, Peter Cope wrote:
> Firstly I've searched the FAQ's and Google'd and not found an answer. I'll
> describe the scenario and hope someone can shed some light!
>
> Machine-1: Generates keys/certs (Self Cert CA). This is a UNIX (well AIX)
> box, and runs openssl (latest rel
Firstly I've searched the FAQ's and Google'd and not found an answer. I'll describe the scenario and hope someone can shed some light!
Machine-1: Generates keys/certs (Self Cert CA). This is a UNIX (well AIX) box, and runs openssl (latest release). Keys/Certs are distributed to a number of PC
On Fri, Mar 04, 2005, Bernhard Froehlich wrote:
> Hi list-admin / Bert Koster,
>
> I keep receiving NDRs like the one attached for every mail I send to
> this list. Looks like someone using the email [EMAIL PROTECTED] or
> [EMAIL PROTECTED] has an invalid forward on his account.
> If you are using
Hi list-admin / Bert Koster,
I keep receiving NDRs like the one attached for every mail I send to
this list. Looks like someone using the email [EMAIL PROTECTED] or
[EMAIL PROTECTED] has an invalid forward on his account.
If you are using this eMail maybe you should check your settings.
Otherwis
Edward Chan wrote:
I've been trying to follow the examples in "Network Security with
OpenSSL". But I just don't get it. I know, I'm an idiot. Can
somebody point me in the right direction with the appropriate API's to
use for doing the following:
I have a digital signature that I want to veri
30 matches
Mail list logo
