Hi All:
I use SSL_get_peer_certificate(), X509_get_pubkey() API to get web
site https certificate public key, when I dump public key, I find
which is not same as I see in browser (In Chrome, click padlock in URL
address bar, -> Connection -> Certificate information ->
Certificate->Details -> Publi
Hi All,
I am using openssl-0.9.9za and I came to know EVP_PKEY_CTX is available
from 1.0.0.
Please let me know which API i can use in FIPS context instead of
RSA_public_decrypt().
Thanks,
Gayathri
On Tue, Oct 28, 2014 at 10:45 AM, Gayathri Manoj
wrote:
> Hi All,
>
> Thank you all for your de
Hi All,
Thank you all for your detailed update. Now I understood my mistake. I
haven't copied the original message in dBuffer while calling
EVP_VerifyUpdate(). Actually my aim is to make my system FIPs complaint.
RSA_public_decrypt() is not FIPS complaint. hence I tried to replace this
with EVP_Ve
Now we’re talking.Thank you Jay Foster.SSL_get_version() call does show
what I expect given a variety of combinations of capabilities of the peers
communicating. Examples:
Ø It shows “TLSv1” where the server has disabled SSLv3, and the client is
too old to support TLSv1.2, using,
> On Oct 27, 2014, at 4:33 AM, Gayathri Manoj wrote:
>
> Hi All,
>
> How can I replace RSA_public_decrypt() with EVP_Verify*().
>
> I wanted to replace the below api with EVP_verify*()
>
> RSA_public_decrypt(Len, SgnData, dBuffer, rsa_pub_key, RSA_PKCS1_PADDING);
>
You’d need to share mor
On 27/10/14 08:33, Gayathri Manoj wrote:
> Hi All,
>
> How can I replace RSA_public_decrypt() with EVP_Verify*().
These two functions do not do the same thing. A simple one for one
replacement is not possible.
RSA_public_decrypt just decrypts a ciphertext encrypted with a private
RSA key. It c
Hi all,
I have a need to parse the first incoming hello packet on an incoming TLS
connection and based on the presence (or absence) of the SNI header, choose to
pass the connection through to another server.
What openssl functions should I be looking at to do this?
Regards,
Graham
—
_
Am 24.10.2014 23:16, schrieb David Li:
On Fri, Oct 24, 2014 at 1:28 PM, Richard Könning
mailto:richard.koenn...@ts.fujitsu.com>> wrote:
Am 24.10.2014 20:47, schrieb David Li:
On Fri, Oct 24, 2014 at 11:18 AM, Richard Könning
mailto:richard.koenn...@ts.fujitsu.com>
I have written my own X509_LOOKUP_METHOD to pull cert data from a database.
When I make an ssl connection, X509_STORE_get_by_subject calls my
get_cert_by_subject function, which returns a certificate allocated by
d2i_X509.
When I run this program under valgrind, that certificate data is leaked
ver
On 27 October 2014 14:03, Gayathri Manoj wrote:
> Hi All,
>
> How can I replace RSA_public_decrypt() with EVP_Verify*().
>
> I wanted to replace the below api with EVP_verify*()
>
> RSA_public_decrypt(Len, SgnData, dBuffer, rsa_pub_key, RSA_PKCS1_PADDING);
>
> I have tried with
>
> EVP_MD_CTX
Hi All,
How can I replace RSA_public_decrypt() with EVP_Verify*().
I wanted to replace the below api with EVP_verify*()
RSA_public_decrypt(Len, SgnData, dBuffer, rsa_pub_key, RSA_PKCS1_PADDING);
I have tried with
EVP_MD_CTX md_ctx;
unsigned char *decryptBuffer = NULL;
EVP_PKEY *pubKey =
11 matches
Mail list logo
