Thanks !
Currently, I've know abit about RSA API from man pages and having another
project, so I'll find that book later !
Thanks again !
Helios Nguyen <[EMAIL PROTECTED]> wrote: Hi Trung,
all about cryptography of openssl are in openssl/crypto/... directory (rsa:
openssl/crypto/rsa)
I think i
I'm running freeradius and have EAP-TLS configured. Occasionally I
get this error after the process has been running fine for a while:
SSL error error:04077068:rsa routines:RSA_verify:bad signature
>From that point on, all certificate auth fails. Has anyone seen this
before? It's difficult
Am I reading the 0.9.8 documentation correctly, that there is no way
to get 'openssl req' to read in a CSR, generate a new keypair, and
write out a new CSR and private key? Because that would be mighty
handy for ordering renewals while not allowing the private key to go
stale. Like:
openssl re
On Tue, Mar 25, 2008, learning openssl wrote:
>
> Hello,
>
> I created a private key with password. But I can not read that key again. And
> the callback function "pass_cb" was not called at all.
>
Add a call to OpenSSL_add_all_algorithms(). See the FAQ for the reason.
Steve.
--
Dr Stephen N
Hi all,
I have my own CA tree, with the relevant part being:
root CA {1}
\- VPN CA {2}
\- server CA {3}
|- server certificate {4}
\- client certificate {5}
I put 1 & 2 into /etc/ssl/certs/ of the server and 3 into
/etc/openvpn/default/default-ca.pem . The server does, of cour
On Thu, Mar 20, 2008 at 05:10:57PM -0700, Jeff Andrews wrote:
> Hey i was wondering how i enable ssl to cover all my ports and such. I
> downloaded and installed but i want to cover all my ports with it and
> i dont know how to enable it. Is there a GUI i can use?
OpenSSL is a toolkit for applica
Helios Nguyen wrote:
Hi everyone,
i have problem with ECDSA_do_sign() and ECDSA_do_verify().
After sign with ECDSA_do_sign() i got signatur. I used d2i_ECDSA_SIG()
to decode this signature and verify it. is that true?
But there is a error: Segmentation fault (core dumped) when i do
d2i_ECDS
Thank You! That is exactly what I needed.
-Original Message-
From: Geoff Thorpe [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 25, 2008 10:02 AM
To: openssl-users@openssl.org
Cc: Amit Sharma
Subject: Re: Question regarding use of SSL_get_ex_new_index
On Mon, 2008-03-24 at 17:38 -0400, A
Hi everyone,
i have problem with ECDSA_do_sign() and ECDSA_do_verify().
After sign with ECDSA_do_sign() i got signatur. I used d2i_ECDSA_SIG() to
decode this signature and verify it. is that true?
But there is a error: Segmentation fault (core dumped) when i do
d2i_ECDSA_SIG() . I have no ideal
Hi Trung,
all about cryptography of openssl are in openssl/crypto/... directory (rsa:
openssl/crypto/rsa)
I think if you want to use openssl library you should find documents or
books to read. This library is not simple. One book i would be recommended
with you is "Network security with openssl".
Hi,
I'm trying to build OpenSSL FIPS 1.1.2 on Windows following the user guide
also but gt follwing errors.
Please suggest the solution.
DL_ENDIAN -DDSO_WIN32 -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE
/Fd
out32 -DOPENSSL_NO_KRB5 -DOPENSSL_FIPS -c
SET PREMAIN_DSO_EXE=
On Mon, 2008-03-24 at 17:38 -0400, Amit Sharma wrote:
> I have an application that creates a bunch of SSL connections during
> its life. For each of these connections, I have to store “application
> data” in an SSL object (in my case this is SSL_client object). The
> trouble is that the memory all
Hello,
I created a private key with password. But I can not read that key again. And
the callback function "pass_cb" was not called at all.
FILE *privateKeyFilePW;
RSA *keyReading=NULL;
privateKeyFilePW =fopen("PrivatekeyPW.pem", "w");
PEM_write_RSAPrivateKey(privateKeyFilePW, r,EVP_des_ede3_c
陳秀虹 wrote:
Hi,
I have ported openssl 0.9.8g to our platform in linux.
When I tried to connect to a server with SSL enabled, it always give me
"Handshake Failure".
I checked the packet when "Client Hello" was sent. The session ID
length is 0.
I traced the source code in ssl3_get_client_method
Hi,
in short I think in your -signkey command you need to add
-enddate.
* Andreas Grimmel wrote on Mon, Mar 24, 2008 at 17:28 +0100:
> > That depends on what you need to do by policy for renewal.
> > There is no such thing as "technical renewal" - there is only
> > policy based. Since this sounds
Hello,
I am trying to configure openldap 2.2.13.2 on Red Hat Enterprise Linux ES
release 4 (Nahant) to work with TLS, so that my client machine can
authenticate using credentials stored on server.
Everything works fine without TLS, but if i try using TLS i get using
ssh "Permission denied" and
Hi,
I have an application that creates a bunch of SSL connections during its
life. For each of these connections, I have to store "application data" in
an SSL object (in my case this is SSL_client object). The trouble is that
the memory allocated in the SSL_get_ex_new_index is never freed unti
I am getting an odd error when trying to create the shared libraries under SPARC
Solaris 8. If I leave off the "shared" it all seems to build fine, but I need
the shared libraries (for ssh).
Here is my config command.:
./config --prefix=/usr/local/openssl.0.9.8g
--openssldir=/usr/local/openssl.0
I just compiled it for SPARC Solaris and it reports the correct version.:
# ./openssl version
OpenSSL 0.9.8g 19 Oct 2007
But I have to go back and redo it because it dumped the binary in /usr/local/bin
and I want it self contained in its own tree so it doesn't conflict with earlier
versions.
Quo
Hi !
I'm new to OpenSSL.
I need to write a program that generate RSA key pairs, but i don't know much
about openssl and it's API. So can any one give me an outline for that program
and which functions to use.
Thanks !
trungnt
-
Looking for last minute s
Hi Dmitry and all,
i found your post "ECC signature validation failure" in mail-archive. You
solved your problem with ECDSA_verify(). Here is your code:
So I try to do:
ERR_load_EC_strings();
X509 *x = NULL; int type = 0; EVP_PKEY *key = NULL; int len = 0; EC_KEY *ec
= NULL; int ret = 0; char *e
Hi all,
Have to use ECDSA_sign and ECDSA_verify() with EC_privatekey and certificate
in DER format ? There are some has experience with ECDSA can tell this
stuff?
Many thanks for reply.
Nguyen.
/** ECDSA_sign
* computes ECDSA signature of a given hash value using the supplied
* private key (n
Hi all,
does anyone have ideal about following error?
error:0D0680A8:asn1 encoding routines:func(104):reason(168)
This error appear when i use function ECDSA_verify() to decryp a
digets-string after i use ECDSA_sign().
Many thanks for any reply.
Nguyen.
Hi,
I have ported openssl 0.9.8g to our platform in linux.
When I tried to connect to a server with SSL enabled, it always give me
"Handshake Failure".
I checked the packet when "Client Hello" was sent. The session ID length is
0.
I traced the source code in ssl3_get_client_method(), but I reall
Hey i was wondering how i enable ssl to cover all my ports and such. I
downloaded and installed but i want to cover all my ports with it and i dont
know how to enable it. Is there a GUI i can use?
Thanks,
Jeff
-
Be a better friend, newshound, and know-
Hi,
I can't find any related document about this particular algorithm in
OpenSSL?
And is there anyway I can verify in the binary?
Please reply to my own email
Thanks a lot.
--
Qing Li
__
OpenSSL Project
Well again folks, thanks once more for your comprehensive help.
Larry Bugbee schrieb:
On Mar 24, 2008, at 9:28 AM, Andreas Grimmel wrote:
I found this command somewhere in a forum:
openssl x509 -in cacert-old.pem -days 1460 -out cacert-new.pem
-signkey private/cakey.pem
- in my understandin
27 matches
Mail list logo
