Re: Batch mode for ENGINE_load_private_key

Bartek Palak wrote: Hi All, Hello Bartek, Does anybody know how to make function ENGINE_load_private_key working in batch (not interactive) mode? You can implement an own UI_METHOD doesn't ask for the pass phrase. Bye Goetz -- DMCA: The greed of the few outweighs the freedom of the many

Problem with AES_cbc_encrypt

Hello,   Can anyone help me with finding the length of encrypted and decrypted data via AES_cbc_encrypt? or else send me some test programs which have used AES_cbc_encrypt.   Bhupendra Sell on Yahoo! Auctions - No fees. Bid on great items.

Re[2]: openssl-0.9.8 will not compile on MinGW

Hello, Alex! AY> Then I just ran the rest of the mingw32.bat file You need only this part, not all the bat file. Sorry. AY> echo Building the libraries AY> mingw32-make -f ms/mingw32a.mak AY> if errorlevel 1 goto end AY> echo Generating the DLLs and input libraries AY> dllwrap --dllname libeay3

Re: openssl-0.9.8 will not compile on MinGW

Hello, Frank! FB> Hello, i have tryed to compile openssl but it stops with the error: FB> gcc -o out\md2test tmp\md2test.o out\libssl.a out\libcrypto.a -lwsock32 FB> -lgdi32 FB> out\libcrypto.a(cryptlib.o)(.text+0x2b9):cryptlib.c: undefined reference to FB> `OPENSSL_ia32_cpuid' Yeah, I got that e

Re: Loading a PKCS7 SignedData structure with d2i_PKCS7_fp

On Thu, Jul 07, 2005, Fred Anderson wrote: > Steve, > > Thanks for the reply. I was able to verify the signature using > "openssl smime" like you suggested, and the d2i_PKCS7_fp function is > returning a non-null value. > > I'm thinking now that the problem may be in the BIO structures I'm > cre

Re: ECC & EVP Interface Broken?

On Thu, Jul 07, 2005, Ladar Levison wrote: > Dr. Stephen Henson wrote: > >On Thu, Jul 07, 2005, Ladar Levison wrote: > > > > > >> > >>The code below works when I use the RSA key generation functions, but > >>when I try > >>to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 > >

0.9.8 on OS X (Tiger) (10.4.1)

One last update on getting 0.9.8 to build on OS X. As long as I do NOT try to build "shared" then everything builds okay. Now if only I could get Xcode to actually use the static libraries... -Joe __ OpenSSL Project

Re: Apache 2.0 + ssl + client cert + server cert

Hello, I already solve the problem, seems that de message debug: error:140890B2:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:no certificate > returned is false or incorrect, the correct debug message could be: :sorry I can't verify the client certificate, I do not know the CA. Thanks a lot. Fran O

Re: ECC & EVP Interface Broken?

Dr. Stephen Henson wrote: On Thu, Jul 07, 2005, Ladar Levison wrote: The code below works when I use the RSA key generation functions, but when I try to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 beta 6. EVP_SealInit(&ctx, EVP_aes_256_cbc(), ek, &out_len, &iv[0],

Re: Loading a PKCS7 SignedData structure with d2i_PKCS7_fp

Steve, Thanks for the reply. I was able to verify the signature using "openssl smime" like you suggested, and the d2i_PKCS7_fp function is returning a non-null value. I'm thinking now that the problem may be in the BIO structures I'm creating and passing to the verify function. Here's what I have

Re: ECC & EVP Interface Broken?

On Thu, Jul 07, 2005, Ladar Levison wrote: > > > The code below works when I use the RSA key generation functions, but when > I try > to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 beta > 6. > > EVP_SealInit(&ctx, EVP_aes_256_cbc(), ek, &out_len, &iv[0], &pkey, >

ECC & EVP Interface Broken?

The code below works when I use the RSA key generation functions, but when I try to generate an ECC key, and use it, it doesn't work. I am using 0.9.8 beta 6. I'm not sure if this is a result of my lack of understanding about ECC, or the implementation is broken, hence my post to `users` and no

Re: Loading a PKCS7 SignedData structure with d2i_PKCS7_fp

On Thu, Jul 07, 2005, Fred Anderson wrote: > I have a binary file with a DER-encoded SignedData structure in it. I > can use the following command: > > $ openssl pkcs7 -inform DER -in pt2.out -print_certs -text > > and I get all sorts of expected information about the certificate in > the struct

Loading a PKCS7 SignedData structure with d2i_PKCS7_fp

I have a binary file with a DER-encoded SignedData structure in it. I can use the following command: $ openssl pkcs7 -inform DER -in pt2.out -print_certs -text and I get all sorts of expected information about the certificate in the structure, which indicates to me that the file's in the right fo

0.9.8 on OS X (Tiger) (10.4.1)

I think I found the problem installing on OS X. In the ./engines/Makefile, in the "install" target, the script makes the assumption that shared library files are named *.so, whereas they are named *.dylib on Darwin. There is even a comment to that effect in the Makefile: # X This currently

How to convert a pfx (pkcs12) file into pkcs7?

Hi, I have a pfx (pkcs12) file from a browser with a key but need a pkcs7 file to use it for Java. How can I convert the key? Thanks, Reiner Nix __ OpenSSL Project http://www.openssl.org User Su

Expire time of session resumption...

Hi, I'm testing a SSL client with the server of openssl command line tool. I want to test the comportement of my client for the session resumption. How can I change the expire time (of the session resumption) of the openssl server ? Thanks a lot, Céline __

Re: Capturing X509 certificate and storing them using the Windows Certificates API

On Thu, Jul 07, 2005, Pj wrote: > Hi all, > > My application needs to support Non-repudiation using X509 certificates ala > AS2. > > Has anyone had the pleasure of storing X509 client and server certificates > in the windows certificate registry / database? And if so, whats the best > place to s

Re: question about ssl

amineh salehi <[EMAIL PROTECTED]> writes: > in the ciphersuites defined for it in "rfc2246"( TLS1.0), there isn't > diffi-helman key exchange, why? RFC 2246 specifies many DH key exchange cipher suites. Have a look at page 61. > What is the soulotion for vulnerability in anonymous key exchange

Batch mode for ENGINE_load_private_key

Hi All, Does anybody know how to make function ENGINE_load_private_key working in batch (not interactive) mode? I am using nCipher hardware module and CHIL engine library. Unfortunately standard "hwcrhk_get_pass" and " hwcrhk_insert_card" functions use "ui methods" for interacting with u

Re: Capturing X509 certificate and storing them using the Windows Certificates API

Hi Just try this. Generating Certificates for Windows Clients When generating certicates forWindows clients you have to make sure that the lifetime of the certicate lies within the lifetime of the CA. If the lifetime of the certicate exceeds the lifetime of the CA, the windows client will not ac