Hi All,
I have enable SSL_OP_NO_TICKET options so ssl send only change cipher spec,
encrypted message handshake.
But when i receive the same message the client SSL CTX doesn't return STATE_OK
it stays in read finished state only, hence when i have a check
ssl_in_init_finished() doesnt return
> From: owner-openssl-us...@openssl.org On Behalf Of Jaquez Jr, Hector L.
> Sent: Monday, 07 March, 2011 20:07
> To: openssl-users@openssl.org
> Subject: RE: Installing a .cer file in IE
>
> Yes created a CSR file using openssl. If I recall I did
> create a key as well. However, when I received
> From: owner-openssl-us...@openssl.org On Behalf Of ikuzar
> Sent: Tuesday, 08 March, 2011 13:02
> I am going to explain below what I HAVE TO do :
> a) I have to store certificates in a map which is a shared memory.
> ( I have to do this, I have no choice, because
Hello,
I'm working on a software that uses libcrypto and the OpenSSL engine
interface for a HSM.
We developed an OpenSSL engine that was working fine until we try it on a 64
bit operational system. For some reason, the function BN_copy isn't working
in a 64 bits environment.
The code is running
Hello,
My company recently decided to upgrade to the latest FIPS release
1.2.2. I've read the Security and User Manual. According to them, the
only command we can give is ms\do_fips no-asm.
While this runs, I see several problems.
1) The build now builds dlls. In the past we did not use
Ok, things are more clear now.
I am going to explain below what I HAVE TO do :
a) I have to store certificates in a map which is a shared memory. ( I have
to do this, I have no choice, because I have to continue what guy before me
had started ). So I think it's better to store x509 structure which
I checked this function, its for installing Certificate without User
Interaction. But my problem starts after Certificate Installation, that
certificate installed by one user is not accessible to another user.
Thanks.
On Tue, Mar 8, 2011 at 10:06 AM, wrote:
> I used PKCS#12 files and CryptUIWizIm
I used PKCS#12 files and CryptUIWizImport with these flags:
DWORD flags =
CRYPTUI_WIZ_NO_UI |
CRYPTUI_WIZ_IMPORT_TO_LOCALMACHINE |
CRYPTUI_WIZ_IMPORT_ALLOW_CERT |
CRYPTUI_WIZ_IMPORT_NO_CHANGE_DEST_STOR
Hey there:
On 2011-03-08, at 10:03 AM, ikuzar wrote:
> my questions :
> 1) What does DER format means ? is it equivalent to a string format ?
> In the following function, we have a parameter named "out" : int
> i2d_X509(X509 *x, unsigned char **out); this function convert X509 internal
> data i
ikuzar writes:
[...]
> my questions :
> 1) What does DER format means ?
Distinguished Encoding Rules. It's an encoding for ASN.1. See X.690.
> is it equivalent to a string format ?
It's a binary serialisation. So it's a string in the sense that it
can be sent over protocols, saved in files
Hello,
I have to work with a pre-existing code which simulated handshake, data
encryption etc ...
certificate struct is defined like in the source code I reuse :
template struct certificate : shared {
StrType uri;
StrType sn;
StrType data;
certificate(const char *str, size_t clen=0
Hi,
I am trying to retrieve the PKCS7 record from bio with d2i_PKCS7_bio
(void)BIO_flush(membio);
PKCS7 *p7rec;
p7rec = d2i_PKCS7_bio(membio, NULL);
Following is the back trace:
*** glibc detected *** ./scep_client: free(): invalid next size (fast):
0x08065768 ***
=== Backtrace: =
/
Hi,
I dont think this question is related to openssl, but just checking if
someone has done something like this.
I have a service that runs under UserA, and my desktop user is UserB.
When I install certificates using UserB, then i am not able to access
them in UserA, for the obvious reason
On Mon, Mar 07, 2011, Kyle Hamilton wrote:
> In order to achieve compliance, you must follow the instructions in the
> Security Policy to the letter.
>
> This means that you must:
> - download and read the security policy
> - download the openssl-fips-1.2.0.tar.gz
> - verify its integrity accord
Kyle Hamilton wrote:
...
Note that compliance cannot be truly determined programmatically.
So, it's also a good idea to generate multiple hashes (sha-1,
sha-256, ripemd160, etc) over the fipscanister and associated files,
print them out, and commit to them (physically sign them) as a
state
15 matches
Mail list logo
