Hello,
I am an user of openssl library.
I am seeking for a method to get the "Extended Key Usage" field from the
X509 certificate .
I will be grateful if you can provide me a sample code in c.
Thanks
Puneet K.
Hello,
I am trying to cross compile openssh to use the newest
openssl+fips. I get a number of errors saying that md5 & rc4 are
disabled. (eg: "error RC4 is disabled") I've tried patching out the parts
that use those two algorithms, but I think some of it may be important,
does anyone
Hey,
I'm trying to get a FIPS certified openssl, and after
When I compile normally ("./config"), I get an error saying that
"libcrypo.so.1.0.0 is not cross-compiler aware"
However, if I run config for the FIPS module like so:
./config -DFIPS_REF_POINT_IS_CROSS_COMPILER_AWARE
Everythi
Hi,
I will try to answer your question from the second email.
Whenever DSA method is used for authentication, it works the pretty much
same way it works during the RSA authentication.
However, DSA can not be used for key establishment. Unlike in RSA method,
RSA is commonly used for dual purpose:
I'm going to back up and ask an even more basic question which appears to be
surprisingly elusive - how is a DSA key/certificate used in establishing an ssl
connection?
I understand how an RSA key/cert ssl handshake proceeds but if the DSA key is
used only for signatures, how is a secure ssl tu
Hey folks,
I recently added a facility to our code base to retrieve a certificate and
private key from a windows certificate store (using the windows crypto api) and
converted it to a form usable by openssl. The certificate part was easy, the
key a little trickier, involving the creation of a n
Hi,
I am working with the CAPI engine and the machine keystore where I do
have keys and certificates.
To find my key, the engine will execute `capi_open_store()` which works
just fine and pays respect to the store_flags set.
I set these flags with `ENGINE_ctrl(e, ENGINE_CMD_BASE + 13, 1, NULL,
NUL
Hi,
Could someone please confirm the points I mentioned in the previous email?
Also wanted to understand on how to identify cross certificates using
openSSL. I understand that the AKI checks are not sufficient when cross
certificates are present in my certificate chain.
--
Ashok
On Mon, Jul 23,
Hi
It seams that the web holds no example / help for creating PKCS12 blobs with
openssl. :)
What I'm done so far:
//sync_handle->rsa_key_0 keeps a valid RSA key read in with
PEM_read_RSAPrivateKey
EVP_PKEY *pkey = EVP_PKEY_new();
EVP_PKEY_set1_RSA(pkey, sync_handle->rs
