Re: [openssl-users] X509_STORE_free() and X509_LOOKUP_free() also frees the X509 certificates inside it

Thanks Jacob, So, does that API do not increment reference count internally itself. I mean if I have to explicitly do that, what is the API for that ? Thanks & Regards, Nayna Jain From: Jakob Bohm To: openssl-users@openssl.org Date: 06/10/2015 09:49 AM Subject:Re: [openssl-us

Re: [openssl-users] Is there openssl API to verify certificate content is DER or PEM format ?

On Wed, Jun 10, 2015 at 08:48:41AM +0530, Nayna Jain wrote: > I think I will try with PEM_read_xxx and d2i_, then probably do not have > to read throu first character as 0x30. That works, provided you rewind or re-open the file. > Are all d2i_xxx type of APIs for DER format. Yes, they decode bi

Re: [openssl-users] X509_STORE_free() and X509_LOOKUP_free() also frees the X509 certificates inside it

On 10/06/2015 05:22, Nayna Jain wrote: Hi all, I am using X509_STORE and X509_LOOKUP to verify the certificate and its chain. But at the end when I do X509_STORE_free(store) and X509_LOOKUP_free(lookup), it is also doing free of the X509* certificate which I added. But I don't want that,

[openssl-users] X509_STORE_free() and X509_LOOKUP_free() also frees the X509 certificates inside it

Hi all, I am using X509_STORE and X509_LOOKUP to verify the certificate and its chain. But at the end when I do X509_STORE_free(store) and X509_LOOKUP_free (lookup), it is also doing free of the X509* certificate which I added. But I don't want that, because after that when I immediately try to

Re: [openssl-users] Is there openssl API to verify certificate content is DER or PEM format ?

Thanks.. I think I will try with X509_read_xxx and d2i_, then probably do not have to read throu first character as 0x30. I had few more questions. Are all d2i_xxx type of APIs for DER format. And if I have to operate on DER formatted certs, do I need to first convert it to PEM and then user P

Re: [openssl-users] Building OpenSSL with FIPS crypto Module Linker forking too many processes

Thanks for the reply and I may be getting closer to the answer. One of the steps you listed was to do a "make depend" usually did a "make clean" but, i suppose, i should get the "make depend" working. Using the commands you have posted the make depend fails to find the "fips.h" file. I see it in th

Re: [openssl-users] Compiling openssl fips for iOS 7.1 on Yosemite

> The problem is: > ld: building for iOS Simulator, but linking against dylib built for MacOSX > file '/usr/lib/libSystem.dylib' for architecture i386 > clang: error: linker command failed with exit code 1 (use -v to see > invocation) There's no reason to build the Simulator as FIPS. Its not distr

[openssl-users] Compiling openssl fips for iOS 7.1 on Yosemite

Hello, I have problems with compiling Openssl FIPS library for iOS 7.1 (openssl-fips 2.0.9) on Yosemite (using Xcode 6.2). After checking few build scripts available on net (mainly for older versions of openssl-fips library) I came across the testing instructions ( http://opensslfoundation.c