I've been completely stymied on a problem connecting to a HTTPS site via our
proxy server. I've tried dozens of different work arounds I found on the
web and none seem to work and I think I've localized the problem down to an
environment variable not loading.
Here's the small script I'm running t
Yes, you can verify 'by hand' by doing the raw public key operation,
stripping off the padding and OID (what you call the asn1 formatting),
and then comparing the hashes.
When you say "this is what I got from the PIC controller, I assume you
mean the result of applying the public key to the signa
Hi,
Is there any material available that shows flows of
one-way/two-ssl and different types of CA architectures ? We use two-way
SSL and generate CSR's and update expired certificates and we are aware
of the basic points.
I have browsed the NIST website.
Thanks,
Mohan
DISCLAIMER
On Tue, Oct 18, 2011 at 04:08:17PM -0400, Jorge Medina wrote:
> I don't have much information, but maybe someone has had a similar problem.
>
> I am building my distribution of Apache Web Server (and Tomcat). I
> include in my tarball a compiled version of openssl, apr, apr-util and
> apache with
> From: owner-openssl-us...@openssl.org On Behalf Of TSCOconan
> Sent: Tuesday, 18 October, 2011 14:57
>I'm trying to implement certificate signature verification
> on a Microchip pic controller.
>After reading PKCS#1 V2.1
> I realized that encryption is essentially the same as
> si
I don't have much information, but maybe someone has had a similar problem.
I am building my distribution of Apache Web Server (and Tomcat). I
include in my tarball a compiled version of openssl, apr, apr-util and
apache with several modules including mod_jk
I build the components above in a phys
On Tue, Oct 18, 2011 at 6:47 AM, Nico Flink wrote:
>
> I have a question concerning the size of the out buffer filled by
> EVP_CipherUpdate() and EVP_CipherFinal().
>
> The evp man page gives the following description:
>
> EVP_EncryptUpdate() encrypts inl bytes from the buffer in and writes the
>
Hi,
I'm trying to implement certificate signature verification (certificates
are generated and signed using OpenSSL) on a Microchip pic controller. The
Microchip PIC controller doesn't support OpenSSL libraries, but it does have
an encryption/decryption function. I was successful in getting
Jakob Bohm writes:
[...]
> I did mention that in passing under my item 2 (where I mentioned use
> of 192-bit-truncated-SHA-224 as one allowed 192 bit hash algorithm for
> use with ECDSA-192).
OK, sorry, I missed that.
> I don't remember if the current FIPS-180 actually allows truncating to
> (
RSA_size(RSA *) told you the max length of every RSA encryption needed.
RSA encryption is not designed to encrypt the large files because of its high
cost.It is common to use a symmetric algorithm to encrypt the large data and
the RSA algorithm is used to encrypt the key that the symmetric algori
On 10/18/2011 2:18 PM, Bruce Stephens wrote:
Jakob Bohm writes:
[...]
As explained above, 192 bit DSA and ECDSA only works with 192 bit
hashes (and only one hash algorithm is allowed for each private/public
key pair).
You can use larger digests (SHA-512, for example), but the digest will
be
Jakob Bohm writes:
[...]
> As explained above, 192 bit DSA and ECDSA only works with 192 bit
> hashes (and only one hash algorithm is allowed for each private/public
> key pair).
You can use larger digests (SHA-512, for example), but the digest will
be truncated before processing with ECDSA (or
Hi
I search the mailarchives as well as stackoverflow for a answer. No success.
I just want to know how large my out-buffer must be when doing a
RSA_public_encrypt.
In the docs i read the size must be RSA_size(RSA *).
In my case i'd like to encrypt files. So i read the whole file into a
mem-buf
> > - U1, U2, U3 are end-user certificates, issued by CA1
> > - U1 is revoked, and the CRL is published (lets call it CRLg1)
>
> The problem here is that you can't trust a CRL when its
> signature key is compromised.
I think that this is not the reason.
If a signature key is compromised but
Hello,
I have a question concerning the size of the out buffer filled by
EVP_CipherUpdate() and EVP_CipherFinal().
The evp man page gives the following description:
EVP_EncryptUpdate() encrypts inl bytes from the buffer in and writes the
encrypted version to out. [...] The amount of dat
Dave Thompson writes:
>
> > From: owner-openssl-users@... On Behalf Of Johnson, Chris E
> (OGA)
> > Sent: Wednesday, 10 August, 2011 11:45
>
> > I typed in a term window in a linux machine the following command.
>
> > $ openssl s_client -connect rsa6.fema.gov:7004
>
> > W
16 matches
Mail list logo
