Re: p2q RSA key augmentation

2012-08-09 Thread David Madden
On 8/9/2012 14:54, Erik Tkal wrote: > I don't believe OpenSSL has any mechanism to directly calculate P and > Q; this requires an iterative process. Once you have those, however, > calculating the rest are simple calculations using the BN library. Thanks, Erik. I wrote the following code to calc

RE: Meanings of various return codes with non-blocking I/O?

2012-08-09 Thread Dave Thompson
>From: owner-openssl-us...@openssl.org On Behalf Of James Marshall >Sent: Thursday, 09 August, 2012 19:41 >I'm trying to write a secure embedded HTTP server using OpenSSL. >I'm using non-blocking I/O, and the main functions I'm using are >SSL_accept(), SSL_read(), SSL_write(), and SSL_shutdown(

Meanings of various return codes with non-blocking I/O?

2012-08-09 Thread James Marshall
I'm trying to write a secure embedded HTTP server using OpenSSL. I'm using non-blocking I/O, and the main functions I'm using are SSL_accept(), SSL_read(), SSL_write(), and SSL_shutdown(). After each one, I want to handle all possible return codes, but I can't find docs that describe the meaning

RE: p2q RSA key augmentation

2012-08-09 Thread Erik Tkal
I don't believe OpenSSL has any mechanism to directly calculate P and Q; this requires an iterative process. Once you have those, however, calculating the rest are simple calculations using the BN library. Erik Tkal Juniper OAC/UAC/Pulse Development

p2q RSA key augmentation

2012-08-09 Thread David Madden
Hi, I have an RSA key { D, E, N } generated by another library. I can use OpenSSL to encrypt & decrypt interoperably, but I would like to extend the key with the other factors OpenSSL uses to work faster (factors P, Q, DMP1, DMQ1, IQMP). Is there a library function that computes these other facto

Re: Missing entries in index.txt database - Generating CRL

2012-08-09 Thread Peter Sylvester
On 08/09/2012 12:57 PM, int0...@safe-mail.net wrote: Hi ... After that I generated a CRL (I own the CA) which then contained the certificate with the serial 0x06. My question now is, would that be a proper workaround or is there a better solution? Since the CRL only contains the serial numb

Missing entries in index.txt database - Generating CRL

2012-08-09 Thread int0x80
Hi, I have a index.txt database where all the "R" (revoked) and "E" (expired) lines were removed, only the "V" (valid) entries are left. When I generate a new CRL it doesn't contain any certificates since this process parses the database and can't find any revoked certificates. The problem now

Compiling openssl 1.0.1c with fips 2.0.1

2012-08-09 Thread Ruiyuan Jiang
Hi, I am trying to compile openssl 1.0.1c with fips 2.0.1 enabled on Redhat RHEL 6.3 64bit server. I first compiled fips 2.0.1 in the source tree directory: # config # make # make install I then tried to compile openssl 1.0.1c in the source tree directory per FIPS user guide: # ./config fips