RE: Trying to encrypt with openssl commandline and decrypt using aes or evp

2009-09-07 Thread Dave Thompson
> From: owner-openssl-us...@openssl.org On Behalf Of Hazel John > Sent: Friday, 04 September, 2009 11:40 > On Thu, Sep 3, 2009 at 6:36 PM, Dave > Thompson wrote: > > commandline enc does PKCS5 block padding (at least for block modes) > > unless you specify -nopad (and then you can only do full

Re: smime -content option and detached signatures

2009-09-07 Thread Dr. Stephen Henson
On Mon, Sep 07, 2009, Keith Hellman wrote: > I'm unable to verify detached PEM signatures with the -content option > to 'openssl smime'. I've weaseled what I'm trying to do to a simple > script (see attached). > > The script first uses an smime inline signature ... > > openssl smime -sign

smime -content option and detached signatures

2009-09-07 Thread Keith Hellman
I'm unable to verify detached PEM signatures with the -content option to 'openssl smime'. I've weaseled what I'm trying to do to a simple script (see attached). The script first uses an smime inline signature ... openssl smime -sign -in ${FILE} -signer ${CERT} -inkey ${KEY} -out ${FILE}.si

Re: Openssl Configuration File

2009-09-07 Thread Marcus Carey
In a command window type: set OPENSSL_CONF=c:\openssl\openssl.conf change "c:\openssl\openssl.conf" to the path of your configuration file. Or open up the control panel and open the system dialog. Click on the environment button and add new system variable. Reboot the computer and run your op

Re: Filling a RSA *key variable with a public key from a Hex string

2009-09-07 Thread Dr. Stephen Henson
On Mon, Sep 07, 2009, Einar Thorsrud wrote: > Hi all, > > I am having some trouble finding a library/API function which makes it > possible to specify the public (or private) encryption key as a Hex > string. > > PEM_read_bio_RSA_PUBKEY will not do it for me, as I do not have a > PEM-file. My al

Filling a RSA *key variable with a public key from a Hex string

2009-09-07 Thread Einar Thorsrud
Hi all, I am having some trouble finding a library/API function which makes it possible to specify the public (or private) encryption key as a Hex string. PEM_read_bio_RSA_PUBKEY will not do it for me, as I do not have a PEM-file. My alternative is to insert the data directly into the rsa_st stru

Re: standard process to validate a certificate chain ?

2009-09-07 Thread Patrick Patterson
Hello Jehan: In answer to your question on certificate path construction, there is, in fact, a standard - first of all, this is now collectively known as Path Discovery and Validation, and the canonical algorithm for a PKIX compliant PKI is in RFC5280 (a previous, and slightly more ambiguous algor