Hi All,
Is there any guideline for upgrading openssl version from 1.0.2 to 1.1.1?
Thanks
Bob
ec_pmeth.c:331:
-Original Message-
From: Michael Richardson
Sent: Tuesday, September 22, 2020 4:36 PM
To: Yan, Bob
Cc: openssl-users@openssl.org
Subject: Re: ECDSA certificate question
Yan, Bob via openssl-users wrote:
> Is there a way to generate a ECDSA certificate with SM2
Hello everybody,
Is there a way to generate a ECDSA certificate with SM2 typed public key and
ecdsa-with-SM3 as the signature algorithm in openssl 1.1.1x version?
Thank you very much!
Bob
= SSL_accept(SslSessionObject);
mutex.unlock();
Thank you very much!
Bob
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Thanks Scott, it can be done. I am also looking for some functions which can
compare the fingerprint of certificates
-Original Message-
From: Scott Neugroschl [mailto:scot...@xypro.com]
Sent: Tuesday, September 19, 2017 11:30 AM
To: Yan, Bob ; openssl-users@openssl.org
Subject: RE
Hi All,
I need to compare a received certificate object with a PEM-formatted
certificate stored at local file system. Is there any openssl library functions
or an easy way to compare these two certificates?
Thank you very much!
Bob
--
openssl-users mailing list
To unsubscribe: https
-users] SSL_accept error code
On 08/03/16 01:04, Yan, Bob wrote:
> Hi All,
>
> I have a SSL server application which use SSL_accept to accept the
> connections from client, see the code below:
>
> int retcode = SSL_accept(mSsl);
> unsigned long error = SSL_ge
went wrong, for example Client connect server with ssl3 protocol
(disabled), I get the error like this
"error:0001:lib(0):func(0):reason(1)". Could somebody tell me that is there
any way to have more detailed debug messages from openssl?
Thanks
Bob
--
openssl-users maili
hanks
Bob
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
n
running openssl command
On Thu, Feb 04, 2016, Yan, Bob wrote:
> Hi Rich,
>
> It works, thank you for your suggestions! I am just wondering is there any
> other options, for example eliminate the WARNING message while building the
> openssl libraries and executables?
>
Thanks again, Rich!
-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Salz, Rich
Sent: Thursday, February 04, 2016 10:57 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] WARNING message "can't open config file” when
running openss
Hi Rich,
It works, thank you for your suggestions! I am just wondering is there any
other options, for example eliminate the WARNING message while building the
openssl libraries and executables?
Thank you very much!
Bob
-Original Message-
From: openssl-users [mailto:openssl-users
-text
$ WARNING: can't open config file: /usr/local/ssl/openssl.cnf
How can I eliminate this WARNING message even though the
“/usr/local/ssl/openssl.cnf” file does not exist?
Thanks
Bob
___
openssl-users mailing list
To unsubscribe: https://mta.o
Hi Jan,
The problem is due to the mis-matched version between openssl library (used by
application) and openssl executable. Basically the CA/Intermediate CA
certificate hash is calculated different between two versions.
Thank you for your help!
Bob
-Original Message-
From: openssl
to:openssl-users-boun...@openssl.org] On Behalf Of Jan
Just Keijser
Sent: Monday, February 01, 2016 1:04 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Certificate verification failure
Yan, Bob wrote:
>
> Dear Sir/Madam,
>
> I have an application which acting as SSL server
epths);
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
callback);
SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_SSLv2);
Thank you very much!
Bob
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/lis
certificate has expired" does that imply that
everything else is OK?
Bob
Bob Bell, CISSP, CSSLP
Senior Security Architect
Trusted Systems Architectures Group
Cisco Systems, Inc.
972-813-5104(w)
801-971-4200(c)
Telepresence rtb...@cisco.com
"May God grant us the strength to correct what we
initialization but I haven't seen
any dynamic mutex lock been created and invoked by openssl functions.
Thanks
Bob
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Le Huang
Sent: Wednesday, March 13, 2013 8:21 PM
To: openssl-users@openssl.org
Subject: Re: S
ption, the
coredump was gone. Could somebody explain to me why this happens?
Thanks
Bob
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
con); Failed:
error:0001:lib(0):func(0):reason(1).
Could somebody please show me how to resolve this issue?
Thank you very much in advance!
Bob
__
OpenSSL Project http://www.openssl.org
U
didn't use the "X509_OBJECT_free_contents()" to free the contents of the
returned object "obj". It seems this is the cause of the memory leak. By adding
"X509_OBJECT_free_contents(&obj)" function, the Purify does not report any
memory leaks.
Thanks
Bob
-Original Message
Thank you and Eric for the inputs. I will look at them and see what I should do
with this.
Have a nice weekend.
Bob
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of t...@terralogic.net
Sent: Friday, June 24, 2011 4:52 PM
Hi,
I have used IBM purify to check my test program which invokes openssl library.
There are some memory leaks reported by Purify, please see below. Could
somebody point to me from which function those leaks were generated, and how to
avoid those leaks? Thanks, Bob
MLK: 1104 bytes
load all trusted CA certificates from CApath before
performing the verification of a peer certificate?
Thanks
Bob
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopens
callback?
CRYPTO_set_id_callback((unsigned long (*)())pthreads_thread_id);
CRYPTO_set_locking_callback((void (*)())pthreads_locking_callback);
Thanks
Bob
__
OpenSSL Project http
]
Could someone give me some suggestions about this issue? By the way, in my
application, all these 100 SSL client threads share the same SSL_CTX object and
the application runs under RedHat Linux.
Thanks
Bob
Hi Akash,
I have encountered the same issue as you mentioned in your email but I still
haven't figured out the cause of the failure. However, after I replaced "d2i(0,
&data, ext->value->length)" function with X509V3_EXT_d2i(ext), the proble
error code SSL_ERROR_SSL.
Is this is right behavior of ssl session? Or did I make something wrong?
Thanks
Bob
question is that if the underline socket is non-blocking and
the application is using select/poll to check the readable of SSL connection
and then invoke the SSL_write/SSL_read call, can this deadlock still happen?
Thanks
Bob
-Original Message-
From: David Schwartz [mailto:dav...@webmaste
appen automatically on a SSL connection?
2) Can the SSL/TLS Renegotiation be disabled? Such as if the peer requests the
SSL/TLS renegotiation, the SSL_read or SSL_write will return an error but not
SSL_ERROR_WANT_READ/WRITE?
Thanks
Bob
ion by two different threads regardless
the returning error code?
Thank you for your time!
Bob
with information on how to do this? Sorry
for the relatively newby question, but I have tried to dig it out of the
documentation without success.
Bob
<>
smime.p7s
Description: S/MIME cryptographic signature
Steve,
Your advice is very much appreciated.
Thanks again for resolving this issue for me so quickly.
Kind regards,
Bob D.
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Dr. Stephen Henson
Sent: donderdag 28 oktober 2010
Thank you, Steve, for the swift reply.
Can I use i2d_X509_SIG to perform to encapsulation step (supposing I have to
use RSA_private_encrypt)?
Best regards,
Bob D.
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Dr
g?
Thanks.
Regards,
Bob D.
This e-mail and any attachments contain material that is confidential for the
sole use of the intended recipient. Any review, reliance or distribution by
others or forwarding without express permission is strictly prohibited. If you
are not the intended recipie
>
> On Wed, Jul 28, 2010, Bob Smith wrote:
>
> >
> > Hello,
> >
> > I'm working on some code that uses the PKCS7 routines to sign some data.
> > The code so far is (lots of return values cut out for brevity)...
> >
> > int flags = 0x00
Hello,
I'm working on some code that uses the PKCS7 routines to sign some data. The
code so far is (lots of return values cut out for brevity)...
int flags = 0x00 | PKCS7_NOSMIMECAP | PKCS7_BINARY;
p7 = PKCS7_sign( cert, pkey, NULL, datain, flags );
PKCS7_final( p7, datain, flags );
dataout = B
Hello,
I'm working on an application that generates PKCS#7 SignedData structures, but
with a slightly different format to S/MIME. We're using a version 3 SignedData
structure, and minor changes such as no signingTime in the Authenticated
Attributes. As such, I'm working at the level using func
Aravind
Actually, there is more than one key that is derived from the pre-master key.
There is both an encryption and HMAC keys for both transmission and reception.
That translates to 4 separate keys.
Bob
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org
Thanks to all for the information that was exchanged. It did help me
understand.
Bob Bell
On Thu, May 28, 2009 at 2:05 PM, Bob Bell wrote:
> Folks -
>
> I have a basic question relative to the FIPS openSSL lib and US export
> control law. As I understand it, in order for the openSS
of
less than RESTRICTED since the library contains strong crypto, and the lib
could be used to encrypt user data at rates which exceed the positive list
restrictions?
Bob Bell
Is there an OpenSSL command that can decrypt/decode pkcs12 files into their
ASN.1 form or even their ASN.1 form DER encoded?
Bob
V2, but does cite PFX,
which I thought was generally considered to be V1, so the question arises
are the PKCS#12 produced by OpenSSL V2?
Bob
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Wednesd
t;No Octet..." error and is OpenSSL capable of correcting the original
encoding problem either during the original decryption or at some other
point in the process or is that simply not possible.
thanks,
Bob
Good thought, but both nt.mak & ntdll.mak have the '/Od' argument set on the
'CFLAG'. I've found that I can debug the assembler code, but needless to say
that's not really ideal.
Bob
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:o
Carter,
That's exactly where I've tried to put the breakpoint, but I never hit it
and as I indicated earlier, the breakpoint symbol indicates that symbols
weren't loaded even though other information, like the Module list and the
debug output window, indicate that symbols we
show the "Symbol Status" as "Symbols loaded." and the correct path to
the .pdb appears in the "Symbol File" column.
If anyone has any experience getting this to work I would greatly
appreciate any help you could offer? Feel free to contact me off-list if you
prefer.
tia,
Bob
Dave,
Thanks for the reply. How exactly do you debug OpenSSL? Do you use Visual
Studio or some other tool? As I mentioned earlier I'm not Windows savy, I'm
primarily a Java and/or Mac person so I'm quite at home with Eclipse,
NetBeans, Xcode, etc., but not Microsof
t serious, but can someone explain what's going on here?. Also,
if possible I'd like to build some of the apps in the apps directory, pkcs8
and pkcs12, for debug. Is that possible?
thanks,
Bob
k into trying to create a key sans encryption.
Bob
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Wednesday, February 11, 2009 3:55 PM
To: openssl-users@openssl.org
Subject: Re: Generating a PKCS#12 f
:
MIICmDAaBgkqhkiG9w0BBQMwDQQIgeyJNiNcE90CAQUEggJ4arTMz0VmFuBiCw3P
5LHhLjmOKpdTdby6Dy9BP34zrwL/7yKR+lt3cor+SzhH4vGedhD4SQafw4iM7+1j
Can you confirm that my basic understanding as described in my first email
is essentially correct or am I out in left field someplace?
Bob
-Original Message
7;ve
never come across anything that's closer to black magic than this stuff.
Bob
hi
im quite new to this to bare with me.
i am trying to create a certificate with OpenSSL 0.9.8g 19 Oct 2007.
i create a private key via
c:\progra~1\apache~1\apache2.2\bin>openssl genrsa -out private.key 1024.
this works fine.
when i try create a certificate(acording to the tutorial searched w
that might be fine or it might be a very slippery slope to a
serious legal hassle.
Bob
_
From: Anilkumar Bollineni [mailto:[EMAIL PROTECTED]
Sent: Friday, 11 January, 2008 13:03
To: openssl-users@openssl.org; Bob Bell (rtbell)
Subject: RE: About ECC patent and OpenSSL ECC code
Hi B
involved (for
instance Certicom has a patent on having an ECC public key in an X.509 cert
signed using RSA) in your product. While ECC is a marvelous technology,
there is a large minefield that still needs to be mapped.
Bob Bell
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf
Folks -
Is the 0.9.7m release the final release of the .7 train? I am trying to
determine when to change to a later train.
Bob
Bob Bell
IPCBU Chief Security Architect
Cisco Systems, Inc.
576 S. Brentwood Ln.
Bountiful, UT 84010
801-294-3034 (v)
801-294-3023 (f)
801-971-4200 (c)
[EMAIL
ver
>enough time to get everything done). but you can see it at work
>in my application: RetroShare available at http://www.lunamutt.com.
>
>Looking forward to any comments.
>
>Thanks.
>
> Dr Bob.
__
OpenSSL Project
>> In my application there's a tradeoff between
>> sig length and security and in some instances a short sig
>> length, at the risk of some insecurity, will be the right answer.
>
>Who is the signer and who is the verifier. Can the signer and verifier
>engage in an on-line protocol? Are you signin
A while back I posted asking if it was possible to generate
shorter than normal digital signatures with OpenSSL. The
response I got was that signatures as short as I was talking
about (192 bits or less) would be insecure. I'm just now back to
working on this, so I'd like to ask again - accepting
I have code which successfully signs
and verifies documents on Redhat9, but
fails on Solaris 8. Specifically, the failure
is reported in DSA_verify(). Errors strings
are as follows:
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
wrong tag
error:0D07803A:asn1 encoding routines:A
>> I'm looking to generate a short digital signature, perhaps 192
>> bits or so, using an asymmetrical algorithm. DSA seems to
>> have 320 bit signatures regardless of the key size used. Is
>> this really the case, or am I missing something? Ignoring for
>> the moment the wisdom of using signat
this short, is there
a way I can accomplish my goal of ~192 bit signatures?
Thanks in advance,
Bob
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-
Hi Ted,
Thanks for the info!
<*BobL*>
| -Original Message-
| From: [EMAIL PROTECTED]
| [mailto:[EMAIL PROTECTED] Behalf Of
| Bernhard Froehlich
| Sent: Thursday, November 17, 2005 12:51 PM
| To: openssl-users@openssl.org
| Subject: Re: Disabling Weak Encryption
|
|
lt;*BobL*>
Bob Lester
Sr. SysProg - CICS/TCPIP/VTAM/USS
OppenheimerFunds
Centennial, Colorado, USA
[EMAIL PROTECTED]
--
This e-mail transmission may contain information that is proprietary, privileged and/or confi
lt;*BobL*>
Bob Lester
Sr. SysProg - CICS/TCPIP/VTAM/USS
OppenheimerFunds
Centennial, Colorado, USA
[EMAIL PROTECTED]
--
This e-mail transmission may contain information that is proprietary, privileged and/or confi
Hi Victor,
I'm new at this so please bear with me. Since the build fails, there's
no sendmail executable to run ldd on. Is there something else I should be
checking with ldd?
Thanks!
<*BobL*>
|
| Check the runpath of the resulting object, run ldd, ... Perhaps your
| libraries ar
---
| From: [EMAIL PROTECTED]
| [mailto:[EMAIL PROTECTED] Behalf Of Victor Duchovni
| Sent: Thursday, September 22, 2005 9:50 AM
| To: openssl-users@openssl.org
| Subject: Re: OpenSSL 0.9.8 w/ sendmail 8.13.4 (Sorry, last
| one was HTML)
|
|
| On Thu, Sep 22, 2005 at 09:30:08AM -060
Hi All,
I've cross-posted this on comp.mail.sendmail. Maybe folks here have an
idea?
I'm running into a compile problem when trying to add TLS support to
sendmail. This is on a SunOS 5.9 box, GCC 3.3.2 (existing), with OpenSSL 0.9.8
(new install - seemed to install fine) and sendma
Title: OpenSSL 0.9.8 w/ sendmail 8.13.4
Hi All,
I've cross-posted this on comp.mail.sendmail. Maybe folks here have an idea?
I'm running into a compile problem when trying to add TLS support to sendmail. This is on a SunOS 5.9 box, GCC 3.3.2 (existing), with OpenSSL 0.9.8 (new
...1 = Acknowledgment: Set
0... = Push: Not set
.0.. = Reset: Not set
..0. = Syn: Not set
...0 = Fin: Not set
Window size: 7728
Checksum: 0x7bd1 (correct)
Options: (12 bytes)
NOP
NOP
Time stamp: tsval 113
Aha! One I hadn't come across. Thank you. I will read it tonight and maybe
tomorrow I can make some progress.
Cheers,
Bob.
Dr. Stephen Henson wrote:
On Mon, May 02, 2005, Bob Bramwell wrote:
I am trying to add two new OIDs to my configuration, and then specify that
a certif
routines:X509V3_EXT_conf:error in
extension:v3_conf.c:92:name=msOID2, value=V0.0
Is there any more complete documentation on the config file format? I have not
yet found any "formal" explanation of constructs like:
certificatePolicies = ia5org,@policy
What else are we not being told? :-)
Thanks,
On 4/21/05 6:17 AM, "Christian Beaulieu" <[EMAIL PROTECTED]> wrote:
> I¹ve need getting a strange out of my application when generating
> Diffie-Hellman keys. I am using OAKLEY primes for key generation and the
> strange thing is that sometimes my key length ends up one byte short of the
> expecte
On 4/2/05 12:51 AM, "Nils Larsch" <[EMAIL PROTECTED]> wrote:
> ... BN_bin2bn should correctly handle leading zeros in binary input
Okay, great. Thanks for all the help.
__
OpenSSL Project http://
On 4/1/05 8:20 AM, "Nils Larsch" <[EMAIL PROTECTED]> wrote:
> this of course reduces the key space for the private key, but if you
> really need a fixed size public key you need to do it.
Would it reduce security or be unsafe to simply prepend zero bytes after
calling BN_bn2bin to make it fill 12
On 4/1/05 1:57 AM, "Nils Larsch" <[EMAIL PROTECTED]> wrote:
> the dh public key is the result of g**k mod p (k is the private key)
> operation and hence may have less than BN_num_bytes(p) bytes (approx.
> every 256 key should have <= 127 bytes).
I didn't realize that. Thanks for the explanation.
I'm seeing DH_generate_key generate a public key that is 1 byte less than
expected (127 instead of 128 bytes for a 1024-bit key), but only
sporadically (about every 200-300 tries). I've written the following test
case that always fails for me in less than 300 iterations. I've only
included error ch
Anyone know why I would get a "No shared cipher" error from the SSL
handshake?
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List
execute openssl with a
sub-command such as -verify or -x509, etc.
Can someone PLEASE point me in the right direction to obtain the cert's
full parameters?
Thanks in advance.
Bob
__
OpenSSL Project
On 9/26/03 12:28 PM, "Jeff Liesmaki" <[EMAIL PROTECTED]> wrote:
> I am trying to build the openssl libraries for VxWorks. My host computer is a
> pc running Windows 2000 and my target is a pentium pc. I have Vxworks 5.4 and
> Tornado 2.02. I downloaded cygwin and when I type ./configure to lis
I'm trying to build OpenSSL 0.9.7b for VxWorks (Tornado 2.0.2 for PowerPC
860) on a Windows XP host and I ran into some problems. I did the following:
0) Installed Tornado 2.0.2 (a while ago, but noted just to be thorough).
1) Installed cygwin.
2) Launched cygwin.
3) Un-targz'd OpenSSL 0.9.7b into
id anyone else also found this observation ? Is there
> a remedy for this
> problem.
Is there a reason you are running mod_ssl and openssl.
One is a complete replacement for the other
Bob D
__
OpenSSL Project
ooking for more money.
>
Isn't capitalism wonderful?
Bob D
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
nnot find the file specified.
mingw32-make: *** [banner] Error 2
Any hints on this ?
Bob
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated
sl>mingw32-make -f ms/mingw32a.mak
process_begin: CreateProcess((null), echo Building OpenSSL, ...) failed.
make (e=2): The system cannot find the file specified.
mingw32-make: *** [banner] Error 2
Thanks in advance for any
of the PKCS7
structure - if I use the PCKS7 again after doing this, various calls
fail. Should the verify.c example be doing what it is doing - if so,
why?
Thanks for checking into this.
- Bob
__
Op
e fix it.
- If it is not wrong, a note about what is
going on in the code would be helpful.
- Bob
=
/* Ok, first we need to, for each subject entry, see if we can
verify */
for (i=0; i>>>> ASN1_UTCTIME_free(tm);
There is a man page in the 0.9.7 beta distributions on the command line i/f. That's
all I've seen.
-Bob
> -Original Message-
> From: Jirí Olša [mailto:[EMAIL PROTECTED]]
> Sent: Monday, November 18, 2002 5:21 AM
> To: [EMAIL PROTECTED]
> Subject: OCSP
>
&g
hat, if you have problems, try and be as specific as you can with
your question and you'll be more likely to get help.
-Bob
> -Original Message-
> From: Oblio [mailto:subscriber@;locustcreek.com]
> Sent: Thursday, November 07, 2002 4:38 PM
> To: [EMAIL PROTECTED]
> Sub
is the way I understand it to work
with the OpenSSL client and responder.
-Bob
-Original Message-
From: Howard Chan
[mailto:[EMAIL PROTECTED]]
Sent: Tuesday, October 29, 2002 10:41 PM
To: [EMAIL PROTECTED]
Subject: Re: OCSP request/response
signing
Dear all (Bob
Here’s my understanding, and it
seems to work using the OpenSSL OCSP client and responder, provided the
appropriate certificates are installed in the right places (I’m using a
0.9.7 stable release from 9/02.
-Bob
-Original Message-
From: Howard Chan
[mailto:[EMAIL
to see if it
understands the certificate encoding.
-Bob
-Original Message-
From: Rohit Kumar
[mailto:[EMAIL PROTECTED]]
Sent: Saturday, October 19, 2002
1:05 AM
To: [EMAIL PROTECTED]
Subject: Problem with PKCS7
encoding and Capicom
Hi,
I am trying to make
pkcs7 encryption
http://www.openssl.org/docs/apps/ocsp.html describes the "openssl ocsp"
command, but openssl-0.9.6g command line doesn't recognize the ocsp
command and I don't see it anywhere in the sources.
Can anyone tell me if ocsp is available and, if so, where?
Thanks,
-Bob
-
pe it really is.
- try adding "-- BEGIN CERTIFICATE ---", " END
CERTIFICATE " wrappers if not there (check number of dashes!).
-Bob
-Original Message-
From: David Iungerich [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, August 21, 2002 10:55 A
I'm interested in feedback about reliability, interoperability and
response times with different responders.
Thanks,
-Bob
__
OpenSSL Project http://www.openssl.org
User Support Mailing
Hi,
I'm trying to write a routine that uses RSA_sign to sign a code file but
can't figure out how to get the code to compile. For testing I created
a simple file that just calls RSA_sign. When I try to compile it I get
the following message.
/home/bob/openssltest# gcc -lcrypt
> Hi Bob,
>
> Judging from what you wrote you might want to implement a
> 'content timestamp', which is added to the authenticated
> attributes and contains a timestamp over the encapsulated
> content info. This will not give a proof of the signing
> time, just
nother PKI data structure that could
incorporate
both a PKCS#7 and a RFC 3161 timestamp, could you please suggest it
to me?
Thanks for any and all help.
- Bob
__
OpenSSL Project http://www.openssl.o
Could someone tell me what format this PKCS7 signature is in,
and how I can work with such a format using OpenSSL?
Thanks!
- Bob
MysteryPKCS7.bin
Description: Binary data
natures are in standard formats, so
there
will always be some of my code involved. But I will try to use the
verify tool
shortly.
- Bob
__
OpenSSL Project http://www.openssl.org
User Support Mailin
1 - 100 of 130 matches
Mail list logo
