Bonjour,
Hodie IV Kal. Apr. MMV est, Calista scripsit:
> Is there a function in OpenSSL to retrieve the CRL?
No, AFAIK. Depending on the retrieval method (ldap, http, ftp, X.500,
...), you have to write your own handler.
> If not, can anyone explain how to do this?
wget will work for http and f
Turns out there is wrong information in "Network Security
with OpenSSL" about using EVP_SealInit. It indicates
that you are to pass in an init vector, but EVP_SealInit
generates one and passes it back to the caller. Once I
figured this out, I got everything to work.
Mike
_
I forgot to mention that this happens with CBC and CFB
modes; OFB gives all garbage, but I'm hopeful that
fixing CBC and CFB modes will also fix OFB mode.
I am using OpenSSL 0.9.7f on mingw.
Mike
Michael D'Errico wrote:
I'm having a problem where after encrypting data and
then decrypting it, the re
I'm having a problem where after encrypting data and
then decrypting it, the result is a few bytes of
garbage (probably one block), and then the rest of
the data is the same as the original. I'm using
EVP_Seal* and EVP_Open* to perform the encryption.
I tested with AES, DESX, and blowfish, and all
I am using mpack to create the mime message, it looks like openssl is
putting S/MIME around the entire MIME message as if it were text...used
this command:
openssl smime -sign -inkey private/mykey.pem -signer mycert.pem -in
mimemessage -out new.mail
maybe the syntax is wrong?
Or is it supposed to
Given the "Next update" date of the CRL and the CA
certificate how can I get the CRL?
Is there a function in OpenSSL to retrieve the CRL?
If not, can anyone explain how to do this? My
application has a list of CA certificates, initially
I have the CRLs too but depending on "next update"
date t
On 2005-03-29, at 21:15, [EMAIL PROTECTED] wrote:
On Solaris, truss shows this:
18416: poll(0xFEE219D0, 2, 4320) = 1
18416: write(13, "150301\018 3F1DBCCCBCAE3".., 29) Err#32 EPIPE
What is your configuration?
The stunnel source implies that it will retry the shutdown whe
stunnel implements openssl, and there is a case where it loops hard on
retrying SSSL_shutdown.
Basically I am wondering if this is a known (fixed?) problem.
On Solaris, truss shows this:
18416: lwp_sigredirect(0, SIGPIPE, 0x) = 0
18416: write(13, "150301\018 3F1DBCCCBCAE3".
Tyler Durden wrote:
Hello, I write the next c programming code that allow to do a test of
encryption and decryption.
I understand that I do bad, because the EVP_DecryptionFinal return 0
therefore the decrypted data are not match that the original data.
Please help me. Thaks very much
The code is th
Rafael Cividanes wrote:
I was studing the EVP interface for public key to use RSA. I'd like
to know if the low level interface using /openssl/rsa.h/ is better than
EVP (hight level) solution. In symetric encryption the list told me that
EVP interface was the best solution.
unless you need fe
Aftab Alam wrote:
Hi All,
I am using the following code to create TS response object from DER encoded
data,
bool CreateResponseFromFile(const char * pszTSResponsePath)
{
char * buffer;
long size;
//"C:\\ts\\TstResponse.tsr"
ifstream file (pszTSResponsePath, ios::in|
I was studing the EVP interface for public key to use RSA. I'd like
to know if the low level interface using /openssl/rsa.h/ is better than
EVP (hight level) solution. In symetric encryption the list told me that
EVP interface was the best solution.
Thanks in advance,
Rafael Cividane
On Tue, Mar 29, 2005, Chevalier, Victor T. wrote:
> Does openssl support taking a mime message and doing this? Or is there
> something else I will need to convert a mime message to smime?
>
The input to the smime command is expected to be in MIME format unless you
specify -text in which case it
Does openssl support taking a mime message and doing this? Or is there
something else I will need to convert a mime message to smime?
Thank you,
Victor
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Monday, March 28, 2005 6:22 P
Greetings, I am bit new to this. So if someone can help, I will be
grateful.
I
downloaded because OpenSSL because I am trying to get define a htttp port on
Tomcat. To do so I seem to need a keystore file. Searching on
keystore led me to OpenSSL. Following some instructions I found,
I
Here are answer's to some of your questions:
1. OpenSsl supports the X509 v3 certificate format which is used by IPSEC. So certificates generated by OpenSsl can be used for IPSEC.
2. OpenSsl has support for cut and paste mechanism (you mean PKCS10/PKCS7!). Look at apps/req.c (generation of PKCS
Hi All,
I am using the following code to create TS response object from DER encoded
data,
bool CreateResponseFromFile(const char * pszTSResponsePath)
{
char * buffer;
long size;
//"C:\\ts\\TstResponse.tsr"
ifstream file (pszTSResponsePath, ios::in|ios::binary|ios
I have a question regarding the openssl TLS API. My application has thousands
of peer to peer TLS connections, where each peer has a X509.v3 certificate with
extensions that allow the end point to be both a client and server.
I would like to maintain only a single TLS connection between both p
Hello, I write the next c programming code that allow to do a test of
encryption and decryption.
I understand that I do bad, because the EVP_DecryptionFinal return 0
therefore the decrypted data are not match that the original data.
Please help me. Thaks very much
The code is this. I am using Mic
On Mon, Mar 28, 2005, Michael D'Errico wrote:
> Is there any way to specify the key length to use
> in EVP_SealInit? (Besides AES where the EVP_CIPHER
> specifies the length.) If not, how do you figure
> out how long a key was used?
>
Depends on how its used. In some cases the context implies
Hello,
I'm new to the OpenSSL community. Please help to clarify my following questions.
1) Can OpneSSL be used for IPsec certificate?
2) Does OpenSSL provide APIs to support the Cut-and-Paste certificate enrollment
for the IPsec certificate with the non-OpenSSL CAs/PKIs, e.g. VeriSign
Hi All,
I am trying to connect to a SSL server from behind proxy and using the
following code.
SS_library_init();
SSL_load_error_strings();
BIO*Socket= BIO_new_connect(proxy::port);
If(BIO_do_connect(Socket))
{
Char*Data = CONNECT abc.com:80 HTTP/1.0\r\n\r\n;
BytesS
22 matches
Mail list logo
