Hmm, well, I guess I assumed i2d_RSAPublicKey() was ok since the RSA key
seems fine (I ran RSA_check_key() on it and it says it is ok). Is there
any reason why i2d_RSAPublicKey() would not be returning me valid data?
int len = i2d_RSAPublicKey(rsa, 0);
returns me something > 0, so I assumed that
On Tue, Jul 19, 2005, Edward Chan wrote:
> That part of the code remains the same, and continues to work fine. By
> the way, my last code snippet should have been:
>
> U8* tmp = buf;
> RSA* pub = d2i_RSAPublicKey(0, (const U8**)&tmp, len);
>
> I mistakenly typed *len instead of len.
>
> Anywa
On Wed, Jul 20, 2005, Thomas J. Hruska wrote:
>
> As I said, their solution to the "problem" seemed hack'ish. As to the
> signing time, I just tried rolling my system clock back to the timeframe
> where I was having problems and it still works fine. Again, I seriously
> doubted this would af
Dr. Stephen Henson wrote:
On Wed, Jul 20, 2005, Thomas J. Hruska wrote:
Dr. Stephen Henson wrote:
On Wed, Jul 20, 2005, Thomas J. Hruska wrote:
Well an indication of the error codes would help. Something just "not
working" doesn't help much...
I don't have access to PayPal's internal sy
On Tue, Jul 19, 2005, Milan Tomic wrote:
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Milan Tomic
> Sent: Monday, July 18, 2005 1:20 PM
> To: openssl-users@openssl.org
> Subject: PKCS12_parse() fails (0.9.8.)
>
>
>
>
> PKCS12_parse() fails
On Wed, Jul 20, 2005, Thomas J. Hruska wrote:
> Dr. Stephen Henson wrote:
> >On Wed, Jul 20, 2005, Thomas J. Hruska wrote:
> >
> >
> >Well an indication of the error codes would help. Something just "not
> >working" doesn't help much...
> >
>
> I don't have access to PayPal's internal systems and
Dr. Stephen Henson wrote:
On Wed, Jul 20, 2005, Thomas J. Hruska wrote:
Suggestions? I could try hammering PayPal's service with an automated
script that generates an encrypted and signed block and then submits it
until I get one that is deemed bogus, but I don't think they would
appreciate
On Wed, Jul 20, 2005, Thomas J. Hruska wrote:
>
> Suggestions? I could try hammering PayPal's service with an automated
> script that generates an encrypted and signed block and then submits it
> until I get one that is deemed bogus, but I don't think they would
> appreciate that.
>
Well an
I just had the weirdest day ever. At first I thought PayPal's EWP
system decided to flake out. From staring at the problem all day, and
talking to PayPal support for a couple hours, and then having the
problem fix itself (without either PayPal or myself doing anything!)
makes it appear to me
I have developed a CGI that uses OpenSSL and it is building fine using
0.9.7e. Following the release of 0.9.8 I tried rebuilding with the new
release. However, I am getting the following link errors:
libeay32.lib(cryptlib.obj) : error LNK2001: unresolved external symbol
[EMAIL PROTECTED]
libeay
I am going to put my /very/ unknowledgeable foot forward, to the effect
that with aix4.3.3 and the IBM supplied openssl binaries, IBM supplied a
PRNG in rpm format that you had to install first. That may still be
around...I still have it as
prngd-0.9.23-3.aix4.3,ppc.rpm
would this help?
[EMAI
/dev/random was not officially added to the OS until
5.2.
See the following from the AIX 5.2 Differences
Guide:
Lamar
Quoted...
9.20 Cryptographically secure pseudo-random numbers
AIX 5L Version 5.2 now supports a cryptographically secure
pseudo-random number generator (PRNG). Rand
On Wed, Jul 20, 2005, Hagai Yaffe wrote:
> I am not familiar with the term "IDP partitioning" (does IDP stands for
> "Issuing Distribution Point"?).
>
Yes IDP is Issuing Distribution Point.
> The partitioning is not by reason codes, Every X certificates are
> pointed to a certain CDP to reduce
Yes you are right but in my office, they said "NO EGD"... So they prefer to use /dev/random and /dev/urandom by IBM... I have no idea how I get this one into AIX server...
Tom[EMAIL PROTECTED] wrote:
Use EGD ( Entropy Gathering Daemon ) on AIX 5.1 and below...
http://egd.sourceforge.net/
I am not familiar with the term "IDP partitioning" (does IDP stands for
"Issuing Distribution Point"?).
The partitioning is not by reason codes, Every X certificates are
pointed to a certain CDP to reduce CRL's size, CRL's are separated by
the Issuing Distribution Point extension.
I am sorry but
On Wed, Jul 20, 2005, Hagai Yaffe wrote:
> Hello,
>
>
> I am using openssl (version 0.9.7) to support PKI authentication to my
> product and I would like to implement revocation support, I have
> successfully implemented support for a CA that publish a full CRL but I
> have a problem working wi
Hello,
I am using openssl (version 0.9.7) to support PKI
authentication to my product and I would like to implement revocation support, I
have successfully implemented support for a CA that publish a full CRL but I have
a problem working with CA’s that publishes partitioned CRL’s.
Use EGD ( Entropy Gathering Daemon ) on AIX 5.1 and
below...
http://egd.sourceforge.net/
HTH,
Lamar
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Tom
SpenceSent: Wednesday, July 20, 2005 10:42 AMTo:
openssl-users@openssl.orgSubject: Re: OpenSSL 0.9.8 with AIX
5.2
I k
On Tue, Jul 19, 2005, Thomas George wrote:
> Hi,
>
> I'm new to OpenSSL, and I'm hoping someone can tell me the easiest/best way
> to parse an email address from a X.509 V3 client email cert.
>
> Any suggestions would be appreciated.
>
The -email option of the x509 utility will do that.
Steve
Hi,
I don't know how I can set the issuer value which will appear in the
certificate after I signed it.
Someone can help me?
bye
pana
__
OpenSSL Project http://www.openssl.org
User Support Mailing
I kept researched why it stopped at aix_ppc32.o aix_ppc32.s...
Now I found the problem...
My AIX 5.1 doesn't have /dev/random and /dev/urandom!!! So where can I get /dev/random and /dev/urandom? Or How can I install them?
I appreciate your help. Thanks.
TomTom Spence <[EMAIL PROTECTED]>
I am developing an application that uses libcurl for online support.
The application is linux based. The windows counterparts of the app
are using WinInet to do the same jobs. The problem I am facing is as
under.
When the app has to access an https based url and the host server
presents a self sig
Hi,
I'm currently testing an OCSP Responder and need to include the following test
cases:
1. Sending an OCSP request with an invalid protocol version
2. Sending an OCSP request with the CRL Reference extension
3. Sending an OCSP request with the Archive Cutoff extension
4. Sending an OCSP req
Do you have an example of a openssl.cnf file.
Do i have to consider something else instead of the openssl.cnf file
Marcel
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Babak Nasri
Gesendet: Mittwoch, 20. Juli 2005 11:49
An: openssl-users@openss
Yes you should edit the x509_extensions in the openssl.cnf
I think the following will be minimal set for a ssl server host cert:
basicConstraints = CA:FALSE
keyUsage = digitalSignature, keyEncipherment
nsCertType= server
extendedKeyUsage= serverAuth,msSGC, nsSGC
On 7/20/05,
Hi
I just started to try gererating certificates for machine authentication
with openssl.
But im not so successful. I can generate client certificates but im not
sure about the difference between client and machine certificates.
Do i have to change the x509_extensions in the openssl.cnf file? How
26 matches
Mail list logo
