Using Open SSL with Pegasus - Problem generating certificate

Hi , I am working on Openpegasus 2.5.1 on Windows and trying integrate Open SSL for HTTPS support. I want to connect to Pegasus server using HTTPS protocol on port 5989. I am using SNIA JavaClient for connecting server on port 5989. As specified, I have Open pegasus complied with PEGASUS_HAS_S

RE: Is connection active

> Hi I have problem, > > Is there any function in Openssl, that says me, that connection > is active?? I create a new TCP connection with BIO_do_connect, it > returns me, that connection was established. Than I make some > another things in my program, after a while a send through this > connectio

RE: OpenSSL newbie

> I'm quite aware that that high goal is quite hard to reach, but > still it's my > goal. Aim for the star and you'll reach the top of trees. That make sense. > Yeah, I have been reading up a lot on select and poll, etc. > It seems epoll is the way to go. Yes, 'epoll' is the most efficient mech

Re: Sign using RSA-SHA1

WCR wrote: Hi All I need to sign a text using RSA-SHA1. ( http://www.w3.org/2000/09/xmldsig#rsa-sha1 as per XML-Signature specification http://www.w3.org/TR/xmldsig-core/) I'm a newbie and want to sign a RSA-SHA1 from the command line? I've tried:

Re: Load key from char[] into RSA structure

On Wed, Feb 14, 2007, Thomas Hecker wrote: > Hi, > > No, the key from my previous mail was just a demonstration..bad idea. > My original key is like this: > > char test_public_key_b64[] = > "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfwqtxpIfOjFgs6Y1G..." > > and I think it is base64 encoded. I gen

Re: Load key from char[] into RSA structure

Hi, No, the key from my previous mail was just a demonstration..bad idea. My original key is like this: char test_public_key_b64[] = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfwqtxpIfOjFgs6Y1G..." and I think it is base64 encoded. I generated the key with $ openssl rsa -in rsa.private -out rsa.pu

Weird OpenSSL behaviour on connecting to W2k3-LDAPS [LONG]

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello, In http://marc.theaimsgroup.com/?l=openssl-users&m=116111352610602&w=2 Geert Van Muylem reports a similar problem but didn't get a response, so I just repost this issue along with my findings. = = Short form: = I can't

Re: Load key from char[] into RSA structure

On Wednesday 14 February 2007 12:30:00 you wrote: > Hi, > > how can I load a public key from a char array into an RSA* stucture? > > char pubkey[] = "Xajztuaewfbfsg765tewaufe78..."; > The key does not have any PEM headers. > That all depends on what format the string is... if it is base64 encoded

Load key from char[] into RSA structure

Hi, how can I load a public key from a char array into an RSA* stucture? char pubkey[] = "Xajztuaewfbfsg765tewaufe78..."; The key does not have any PEM headers. Thank you for advice! Thomas Hecker __ OpenSSL Project

RE: SSL Scaling Question

It really depends on the server. 50,000 simultaneous connections is a hefty load. 5 _concurrent_ connections (where you have 5 entries in the SSL accelerator state table, but not all of them are active at the same instant) may not be so bad. If you have a multiprocessor server with plent

Re: Questions about Certificate Verification

I fully understand your arguments about the "magic crypto fairy dust", and thankfully I won't be the sole person dealing with this if we decide to actually implement it. One of the advantages of working for the DOD is there are plenty of security people to go around :) Right now I'm just trying

Re: building openssl

[EMAIL PROTECTED] wrote: I am trying to port openssl to ecos. I have downloaded openssl and trying to build. I get #error not defined. What do I need to do in order to configure and build open ssl? Also what is the fips download? I did a port of OpenSSL 0.9.7g to our eCos implementation; we ha

Re: Questions about Certificate Verification

On Wednesday 14 February 2007 09:37:07 you wrote: > I do need authentication, probably on both sides. Our problem is that the > Server & Client are both started by the user, and only for 1-connection. > There's a risk that once they start the server, tho, someone else could > "usurp" their connect

Openssl root and subordinate, CA creation problem

I've setup an openssl root and a subordinate CA. I have successfully signed CA certificate for the subordinate from the root (used the -newreq option), however when I execute the 'ca.pl -newca' it doesn't set up the subordinate authority at all. When it asks for the CA certificate filename, I poi

RE: SSL Scaling Question

Hi Tim. Thanks for the response. I would be fetching static content so hopefully that should make things easier. I know the number of connections that "should" be supported. I just need to make sure that the SSL Accelerator can achieve the intended target. I have two issues that I am faced wi

Re: Questions about Certificate Verification

I do need authentication, probably on both sides. Our problem is that the Server & Client are both started by the user, and only for 1-connection. There's a risk that once they start the server, tho, someone else could "usurp" their connection as their is no validation or security. Also, all inf

building openssl

I am trying to port openssl to ecos. I have downloaded openssl and trying to build. I get #error not defined. What do I need to do in order to configure and build open ssl? Also what is the fips download? __ OpenSSL Project

building oipenssl

I am trying to port openssl to ecos. I have downloaded openssl and trying to build. I get #error not defined. What do I need to do in order to configure and build open ssl? Also what is the fips download? Steve __ OpenSSL Projec

Re: RSA encryption and decryption performance difference between pkcs11 engine and default engine on windows and solaris

durgaprasad jammula, thank you for your help, I do think T2000 (sun sparc machine) has the hardware accelerator for RSA encryption, but I also test the performance on an amd64 machine (dell optiplex 745, a desktop pc), I think there should not be hardware accelerator in the dell amd64 machine, but

RE: Sign using RSA-SHA1

Hi All > >>I need to sign a text using RSA-SHA1. ( > >>http://www.w3.org/2000/09/xmldsig#rsa-sha1 > >> as per XML-Signature > >>specification http://www.w3.org/TR/xmldsig-core/) I'm a newbie and want to sign a RSA-SHA1 from the command line? I've tried:

Re: Sign using RSA-SHA1

On Wed, Feb 14, 2007 at 02:59:23PM +0530, Kaushalye Kapuruge wrote: > Nils Larsch wrote: > >Kaushalye Kapuruge wrote: > >>Hi List, > >>I need to sign a text using RSA-SHA1. ( > >>http://www.w3.org/2000/09/xmldsig#rsa-sha1 > >> as per XML-Signature > >>

Re: Sign using RSA-SHA1

Nils Larsch wrote: Kaushalye Kapuruge wrote: Hi List, I need to sign a text using RSA-SHA1. ( http://www.w3.org/2000/09/xmldsig#rsa-sha1 as per XML-Signature specification http://www.w3.org/TR/xmldsig-core/) I found a set of EVP_ functions to do

Re: RSA encryption and decryption performance difference between pkcs11 engine and default engine on windows and solaris

PKCS11 is interface to hardware cryptographic accelators. If you use PKCS11 engine, instead of software doing the encryption/decryption, hardware does it. To use, PKCS11, you need to have cryptographic hardware accelator. This comes by default with Sun Fire T2000. If you encrypt the data with P

Re: Is connection active

Maybe you could do with a select(). You test the return of select and you will know if conection has been closed ;) Milan Křápek a écrit : Hi I have problem, Is there any function in Openssl, that says me, that connection is active?? I create a new TCP connection with BIO_do_connect, it retur

Is connection active

Hi I have problem, Is there any function in Openssl, that says me, that connection is active?? I create a new TCP connection with BIO_do_connect, it returns me, that connection was established. Than I make some another things in my program, after a while a send through this connection some dat