Hi,
In the case of RSA_METHOD, it is working because the underlying type
rsa_meth_st is defined in rsa.h, whereas for ECDSA_METHOD, the
underlying type ecdsa_method is not exported by the public headers: it
is defined in the internal OpenSSL header ecs_locl.h found in the source
distribution.
The SSL will abort the handshake automatically when something was wrong such as
the authentication failure,no shared cipher list,verify callback failure and so
on.So i think you shall call the shutdown and free the object when the
handshake functions(SSL_do_handshake,SSL_accept,SSL_connect...) f
Hi,
Are you sure you have the same error description
(lib(47):func(131):reason(117):ts_rsp_sign.c:206:)? I have tested here
with a certificate containing "Digital Signature, Non Repudiation" key
usage and OpenSSL doesn't complain.
I'm attaching the timestamp certificate (with its key and its C
Hello Dragan,
there is currently no way to display information you require with openssl's
TS command. However it is pretty easy to write custom application and use
openssl library to parse time-stamp response.
OpenSSL's TS module currently signs timestamps only with "sha1-rsa"
algorithm, but few
Hello Yessica,
you are almost there :)
Try only "Non Repudiation" as key usage:
X509v3 Key Usage:
Non Repudiation
X509v3 Extended Key Usage: critical
Time Stamping
--
Kind Regards / S pozdravom
Jaroslav Imrich
http://www.jariq.sk
On T
Is openssl cms the now recommended way to handle data which used to be
handled using openssl smime?
I keep some files encrypted on disk using the smime utility, but if cms
is recommended I will start using that.
--
Leonard F. Elia III, CISSP
Sr. System Administrator
LITES - NASA Langley Research
Hi,
The following RSA code compiles:
#include
main() { RSA_METHOD rsa = { "test" }; }
but this ECDSA code doesn't:
#include
main() { ECDSA_METHOD ecdsa = { "test" }; }
Am I missing a declaration, or is this perhaps a bug?
Thanks,
Kent
Hello,
I would like to know at what time have I to call shutdown ? is there a case
I have no choice ( and so I have to shutdown ).
In fact, I develop a secure stack between TCP and an application. . So in
appli_connect( ), appli_read( ), ... appli_accept( ) are defined like these
:
appli_connect(a
Hi Mounir IDRASSI!
I generated the certificate with ONLY Digital Signature, Non Repudiation but
I still have the same problem.
Thanks!
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d8:e6:a3:f6:22:c7:a4:0c
Signature Algorithm: sha1WithRSAEncryption
Hi Patrick!
The certificate has all permissions, and the tutorial does not specify a
location for its storage.
Thanks!
2011/2/22 Patrick Patterson
> Hi Yessica:
>
> That error is fairly straightforward - it's can't load the cert (meaning,
> it can't even load the file).
>
> Have you made sure th
Hi,
I don't agree : from the error description
(lib(47):func(131):reason(117):ts_rsp_sign.c:206) it is clear that
OpenSSL loaded the certificate but the X509_check_purpose(signer,
X509_PURPOSE_TIMESTAMP_SIGN, 0) call in ts_rsp_sign failed.
Actaully, reading the certificate dump shows that th
Hi Yessica:
That error is fairly straightforward - it's can't load the cert (meaning, it
can't even load the file).
Have you made sure that the permissions are correct? Are you absolutely sure
that you have the right cert in the right location?
Have fun.
Patrick.
On 2011-02-22, at 8:37 AM,
Hi!
This is the new certificate:
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
d8:e6:a3:f6:22:c7:a4:0b
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=ve, ST=distrito capital, O=suscerte, OU=acraiz,
CN=ac/emailAddress=a...@suscerte.gob.ve
Dear all
I have two questions:
1. How can I extract TSA certificate and CA certificate(s) from a time stamp
response, using OpenSSL TSA Tool?
2. How can I print signature algorithm (SHA1-RSA, SHA256-RSA,
SHA512-RSA,...) from the time stamp response/token in human-readable format?
Thanks in
Hello, I using gcc with codeblocks and I tried to compile the code below and
got the undefined reference error on lines 57 and 70. Am I supposed to use a
library to link with, I just gave the compiler to directory for the include
files in the crypto folder and the include folder.
/* crypto/sha/
Hello Yessica,
please post new certificate and exact error you're getting.
--
Kind Regards / S pozdravom
Jaroslav Imrich
http://www.jariq.sk
On Mon, Feb 21, 2011 at 4:41 PM, Yessica De Ascencao
wrote:
> hello!!!
> Thanks for the response!
>
> Yes I needed the extension to Time Stamping, how
16 matches
Mail list logo
