RE: Openssl signature verification

[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson Sent: Saturday, January 31, 2009 8:11 AM To: openssl-users@openssl.org Subject: RE: Openssl signature verification > From: owner-openssl-us...@openssl.org On Behalf Of Ajeet kumar.S > Sent: Friday, 30 January, 2009 00:07

Issue related to Finger print

Dear All, In Openssl for signature verification we are using API ASN1_item_verify(). Let me know the data which is used for finger print (signature) creation is the CA public key or some thing else data . Please clarify this doubt. How we are verifying the signature? Thank

Openssl signature verification

Dear All, In openssl API X509_verify(X509 *a, EVP_PKEY *r) is used to verify the signature of certificate. I have some doubt please help me. 1. Is in this API we are passing the CA certificate and public key of CA certificate? 2. What is data over SSL compute the HASH? 3. SSL w

How to verify sever signatureusing openssl API

Dear all, I want to verify server certificate signature. So please tell me how to verify server certificate signature using Openssl API. What API I need to use for signature verification? Thank you. Regards, --Ajeet Kumar Singh

RE: How to check Server certificate and signature?

Dear All, Thank you Ger Hobbelt for your help. I want to validate only the signature of the server certificate. For example in peer verification, ssl will check time of client system(6:28PM 23 Jan 2009) to Ca root certificate validity time after client hello process. Validity N

How to check Server certificate and signature?

Dear All, I have one doubt how to check the signature. And I saw server is sending the server certificate, can we check this certificate or what is use of this(certificate come from server side) certificate. In peer verification, at client side checking the system time, which is lying in the ran

RE: reducing the size of openssl package

U should enable require Preprocessor for Encryption and Auth. Algorithm. Thank you. Regards, --Ajeet Kumar Singh Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve Bhadrani Pashyantu , Maa Kaschit Dukha Bhagh Bhavet -Original Message- From: owner-openssl-us...@openssl.org [m

RE: About OPENSSL platform

Hi Wang, It will support AMD also. Openssl only depends upon OS like window, unix etc. Please check what OS you are using. Regards, --Ajeet Kumar Singh _ From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Leo, Liangyou Wang (liangw

RE: openssl 0.9.4

Yes. Thank you. Regards, --Ajeet Kumar Singh _ From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Leo, Liangyou Wang (liangwan) Sent: Monday, January 19, 2009 7:40 AM To: openssl-users@openssl.org Subject: openssl 0.9.4 Importance

How can I select selected cipher suites...

Dear All, Thank you Dr. Stephen Henson for your Help. I want to enable some selected cipher suite like TLS_RSA_WITH_AES_256_CBC_SHA. Can it is possible. I selected some specific Algorithm RSA, 3DES, AES,DES, SHA and MD5. So I want to enable cipher suite which support to above algorithms only. C

Re: how to enable ony AES,DES/3DES, RSA algorithm by using MACRO

Dear All, Thank you Ger Hobbelt for your help. Actually I tried using your suggestion. I have doubt it is necessary to use HASH Algorithm(SHA and MD5) for SSL connection. We can not use only DES, 3DES and AES, RSA Algorithms. Please clarify doubt. Thanks allot. Thank you. Regards, --Ajeet K

how to enable ony AES,DES/3DES, RSA algorithm by using MACRO

Dear All, I want to enable only DES/3DES, AES and RSA Algorithm.So please tell me any preprocessor definition by using which we can enable only DES/3DES, AES and RSA algorithm. I don't want to use other algorithm except above three. Is any macro kind of thing is there by which we can enable only

Please tell me how to enable ony AES,DES/3DES, RSA algorithm by using MACRO

Hi All, I want to enable only DES/3DES, AES and RSA Algorithm.So please tell me any preprocessor definition by using which we can enable only DES/3DES, AES and RSA algorithm. I don't want to use other algorithm except above three. Thank you. Regards, --Ajeet Kumar Singh <>

RE: help

Please take refrence file s_client.c and s_server.c from openssl project in folder apps. Thank you. Regards, --Ajeet Kumar Singh _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of vinni rathore Sent: Monday, November 17, 2008 2:10 PM To: openssl-users@openss

Reading CA Certificate using memory instead of File to verify the peer..

Hi All, I want to read CA certificate from certificate bundle to verify the peer. So I dumped the CA certificate bundle in memory instead of reading from file. BIO *in; STACK_OF(X509_INFO) *inf; in = BIO_new_mem_buf(file, -1); if(!in) { X509err(X509_F_X509_LOAD_CERT_CRL_FI

RE: Key.pem expiration problem

Please check time function gtime()or gtime_r() return some time that is going to compare certificate time before and after time. Then it will return expire or going to expire. Please check it. Thank you. Regards, --Ajeet Kumar Singh Thank you. Regards, --Ajeet Kumar Singh Sarve

RE: Key.pme expiration problem

Please check time function gtime()or gtime_r() return some time that is going to compare certificate time before and after time. Then it will return expire or going to expire. Please check it. Thank you. Regards, --Ajeet Kumar Singh Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve Bha

Problem related to Peer Certificate verification....

Hi all, Actually we have one CA certificate is provided by service server (That is root certificate in .pem format and .crt format). I used that certicate to verify the peer. I got unknown CA. I saw that certificate was coming from service server having thawte CA and having issuer and subject i

Problem related to self signed certificate peer verification

Dear All, I have self signed root certificate. I want to verify the peer certificate. In API static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer). I saw function calling X509_check_issued(issuer, x); where they are matching issuer and subject. But I saw server is sending the T

How to verify peer certificate using self signed root CA certificate.

Dear All, I have self signed root certificate I want to verify the peer certificate. Please tell me how to verifying. What API I need to call. Thank you. Regards, --Ajeet Kumar Singh

RE: non-blocking version of SSL_peek

I think it is depend upon how you configured. Thank you. Regards, --Ajeet Kumar Singh Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve Bhadrani Pashyantu , Maa Kaschit Dukha Bhagh Bhavet -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of vne

How to verify peer certificate

Dear All; Thank you all of you for your support. When I called SSL_CTX_load_verify_locations() and SSL_CTX_set_verify() to verify the peer certificate but I got fetal error unkown certificate authority. Please let me know what is reason behind it. But I have CA certificate, client certificat

Problem Regarding of CA certification peer verification..

Dear All; Thank you all of you for your support. When I called SSL_CTX_load_verify_locations() and SSL_CTX_set_verify() to verify the peer certificate but I got fetal error unkown certificate authority. Please let me know what is reason behind it. But I have CA certificate, client certificate and

RE: Reading certificate and public key from memory

ode key pointer and key pointer from file.Beasause it is working. Thank you. Regards, --Ajeet Kumar Singh _ From: Dan Ribe [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 01, 2008 5:41 PM To: Ajeet kumar.S Subject: Re: Reading certificate and public key from memory Hey, H

RE: .der to .crt file conversion

Dear All; Thank you Marek Marcola for your help.I tried your suggestion. I got out put but it displayed in command window. But I want to save it in form of file .crt. Please advice me on that also. Thank you. Regards, --Ajeet Kumar Singh Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve

RE: .der to .crt file conversion

k fine.. On Wed, Sep 24, 2008 at 3:12 PM, Ajeet kumar.S <[EMAIL PROTECTED]> wrote: > Hi All, > >Can we convert .der to .crt file? Please suggest me. How we can > convert it using open ssl? > > > > > > Thank you. > > Regards, > > --Ajeet K

Problem Related to Peer cetificate verification.

Dear All, I want to verify the peer certificate (server certificate). For that we need CA Certificate, Let me know we required ROOT CA certificate in PEM format or in any other format, open ssl will support. Actually I called SSL_CTX_load_verify_locations() after that I called SSL_CTX

.der to .crt file conversion

Hi All, Can we convert .der to .crt file? Please suggest me. How we can convert it using open ssl? Thank you. Regards, --Ajeet Kumar Singh <>

RE: How to convert .der file to .pem

: How to convert .der file to .pem Hi, Try out this: openssl x509 -in cert.der -inform DER -out cert.pem -outform PEM Regards, Shivakumar - Original Message - From: Ajeet kumar.S <mailto:[EMAIL PROTECTED]> To: openssl-users@openssl.org Sent: Monday, Sep

RE: How to convert .der file to .pem

x509 -inform DER -in -outform PEM -out or look at www.openssl.org LQ Ajeet kumar.S ha scritto: > Hi all; > > Thanks all of you for your support. I have cert.der file and I want to > convert it cert.pem file using open ssl. How I can convert it. Please > Tell me. >

How to convert .der file to .pem

Hi all; Thanks all of you for your support. I have cert.der file and I want to convert it cert.pem file using open ssl. How I can convert it. Please Tell me. Thank you. Regards, --Ajeet Kumar Singh <>

RE: openssl 0.8.9h sha256

Dear All, I tried to connect to stream server through using https (using open ssl).But I got response from server nothing means only zero content length of data and headers. Let me know why server was not sending data. Is any problem related to ssl due to delay time out happen towards server side

Problem in openssl Master key Generation

Dear All; When I compiled openssl-0.9.8g on VDSP and run \demos\ssl\cli.cpp .And I tried to connect https://www.gmail.com using sslv2.0 .At that time I saw client sent client hello and server sent server hello successfully. But After that Client was not sending MAST

[no subject]

Dear All; When I compiled openssl-0.9.8g on VDSP and run \demos\ssl\cli.cpp .And I tried to connect https://www.gmail.com .At that time I saw client sent client hello and server sent server hello successfully. But After that Client is not sending MASTER_KEY message.

Problem on compilation of Openssl

Dear All; I am compiling the openssl that time I got some function and mapping of function which is not in openssl source. This is as follows: PKCS8_PRIV_KEY_INFO_it() // This function is not available in openssl ; PKCS8_PRIV_KEY_INFO_new () // this function is not going to map

About OpenSSL_free()

Dear All; Please tell me how COMP_CTX_free(COMP_CTX *ctx) will work. Actually I saw in function COMP_CTX_free(COMP_CTX *ctx) we are using function OpenSSL_free().But I saw no definitions of OpenSSL_free(). Then how this function is working.How UNIX and Window Platform taking(Mapping) this

Problem in porting open ssl library

Hi all; I want to port open ssl on VDK(VDSP compiler, BF533 Processor).For that purpose I down load Open ssl from openssl.org (openssl-0.9.8g). Actually above project having so man folder like crypto, apps, cert, engine, demo, etc. Let me know which folder I will port in VDK(RTO

Problem porting SSL on VDK OS

Hi All; Thanks to you for your suggestions. I followed your suggestion and removed "ssl/ssl_task.c" and compiled it but I got one problem which is as follows: /*** ***/ "crypto\sha\sha1s.cpp", line 72: cc0020: error: id

Which folder and source files required to port for work on SSL

Dear All; I am new user of open ssl.I am trying to port open ssl on VDK RTOS (Which is not VMS OS, Which is RTOS developed by Analog Devices).For porting OPEN SSL I got openssl-0.9.8g from http://www.openssl.org/. I am trying port whole project openssl-0.9.8g but this project having s

How i can bypass SYS$QIOW()

Hi all; I am working on BF-533 Processor(Blackfin Processor, VDK rtos,VDSP4.5 compiler). I am trying to port openssl-0.9.8g on VDK(BF-533,VDSP4.5).but this is giving some error. It is not able to open #include and #include in ssl_task.c. If I comment it this both i

Problem on porting OpenSSL on VDSP4.5(VDK RTOS)

Hi All; I am trying to port Open SSL on VDSP4.5 (VDK RTOS).But open ssl having 5 types of terminal interface supported, * TERMIO, TERMIOS, VMS, MSDOS and SGTTY */ But VDK is not supporting it. So please tell me how to bypass it. here sgtty.h header is not in open ssl project