Plot Lost writes:
[...]
> For this particular project I'm required to check each step
> individually, not the entire chain at once.
That's what verifying the chain does (see the implementation of
X509_verify_cert()). You could add a callback using
X509_STORE_CTX_set_verify_cb(). That doesn't
On Tue October 26 2010, Leandro Santiago wrote:
> Sorry. I don't understand everything. Do you have any code example?
> I've tried to read the source code of these functions, but
> PEM_read_PrivateKey is a macro (and I hate read big macros) :-(
>
gcc -E ... >output.txt
Is your answer to that comp
Hi,
Thus wrote Plot Lost (plot.l...@gmail.com):
> > Stick them in an X509_STORE_CTX and call X509_verify_cert(). ?See
> > apps/verify.c for an example.
> I'm using verify_cert, and whilst that works to allow me to check that
> inter_cert is ok according to root_cert (result = 1) I can't check
>
>> Hi, I'm trying to figure out how to check a certificate is valid
>> according to a chain of certificates.
>>
>> There are 3 certs in all, and they are all held as X509 data in memory, e.g.
>>
>> X509 *server_cert;
>> X509 *inter_cert;
>> X509 *root_cert;
>>
>> How can I check that 'server_cert'
Plot Lost writes:
> Hi, I'm trying to figure out how to check a certificate is valid
> according to a chain of certificates.
>
> There are 3 certs in all, and they are all held as X509 data in memory, e.g.
>
> X509 *server_cert;
> X509 *inter_cert;
> X509 *root_cert;
>
> How can I check that 'ser
Hi Jeff,
first of all a big thanks for reply ...
i am trying to build it on Windows using VS2005.
as suggested by Dr. Stephen and others on OpenSSL threads, i have build FIPS
on FIPS 1.2 Module and then linking it against OpenSSL Build 0.9.8l to build
FIPS Capable OpenSSL
- cd C:\OPENSSL_BUILD\
Hi, I'm trying to figure out how to check a certificate is valid
according to a chain of certificates.
There are 3 certs in all, and they are all held as X509 data in memory, e.g.
X509 *server_cert;
X509 *inter_cert;
X509 *root_cert;
How can I check that 'server_cert' is authenticated by 'inter_
Hi Rajesh,
I've had success with integrity checking using MACs and signatures for
both PE/PE+ and Elf32/64 executables and dynamic libraries on their
respective platforms (not limited to a OpenSSL dll). If I recall,
OpenSSL is only trying to embed a MAC.
>> 5292:error:2507606A:DSO support routine
