Jim Fox schrieb:
>
>
>>
>> Is it possible to have one (self-signed) SSL certificate for a server
>> that is known as foo.bar.org (internal LAN name) and bar.org (FQDN on
>> the Internet)? A wildcard certificate doesn't seem to be a solution
>> since it seems to be a subdomain only solution.
>>
>
In the doc of SSL_CTX_set_cert_store I only found the hint, that the doc
of the X509_STORE object are not ready. But I will connect my own to
OpenSSL. When will be the doc of the X509_STORE object ready, so that I
can continue my library?
Thanks
Frank
smime.p7s
Description: S/MIME Cryptographic
Sorry I have found my error.
I have written the cert in the wrong format into my cert storage.
The code I have posted work's correct.
I thing it was to late yesterday.:(
Thanks.
smime.p7s
Description: S/MIME Cryptographic Signature
Hello, I am working on my own cert storage.
At the part to feed OpenSSL with the cert's I have the problem that
PEM_read_bio_X509 returns every time NULL.
Here the code that I have used:
BIO *buffer = BIO_new(BIO_s_mem());
X509 *cert;
QByteArray data;
data=QByteArray::fromBase64(element.text().to
[EMAIL PROTECTED] schrieb:
> Hello,
>
> The following URL gives information about x509 certificate management.
>
>
> http://www.columbia.edu/~ariel/ssleay/x509_certs.html
>
> Regards,
>
Thanks this look very good.
smime.p7s
Description: S/MIME Cryptographic Signature
Some news about the crash.
On Windows this code will work:
EVP_MD_CTX Hash;
EVP_DigestInit_ex(&Hash,EVP_sha256(),NULL);
On Linux it be this to work:
EVP_MD_CTX Hash;
EVP_MD_CTX_init(&Hash);
EVP_DigestInit_ex(&Hash,EVP_sha256(),NULL);
Why must I call EVP_MD_CTX_init(&Hash) only under Linux???
smim
Hello again my app run fine on windows, but crash on Linux at the call
of EVP_DigestInit_ex(&Hash,EVP_sha256(),NULL)
any special on Linux?
gdb tell me:
#0 0x4124a26d in engine_unlocked_finish () from /lib/libcrypto.so.6
#1 0x4124a3bb in ENGINE_finish () from /lib/libcrypto.so.6
#2 0x4125febe in
Now it work. I have forgotten to initialize the pointer:(
I think I was blind because of the hundreds of code lines.
smime.p7s
Description: S/MIME Cryptographic Signature
Kaushalye Kapuruge schrieb:
>>
> All you have to do is to declare an EVP_CIPHER_CTX.
> See the example code.
>
> EVP_CIPHER_CTX ctx;
> EVP_CIPHER_CTX_init(&ctx);
> EVP_EncryptInit_ex(&ctx, EVP_bf_cbc(), NULL, key, iv);
>
> See the manual page for more in
Hello, when I call EVP_CIPHER_CTX_init() in my application it crash.
Must I call anything before?
Thanks,
Frank
smime.p7s
Description: S/MIME Cryptographic Signature
Hello, I want to implement my own certificate storage.
But I can't find information about the OpenSSL X509 and the X509_STORE
object. But this is need to "feed" OpenSSL with the certs and key's of
my Certificate storage.
Have anybody some documentatoion about these object's?
Thanks.
smime.p7s
D
Marek Marcola schrieb:
> Hello,
>> When I call BIO_free() in my app after clean-up the SSL object the app
>> will crash:(
>> Any ideas?
> If you use SSL_free() then read/write BIOs (created indirectly or
> set by SSL_set_bio()) are freed. So if you call BIO_free() on such
> BIO after SSL_free() the
When I call BIO_free() in my app after clean-up the SSL object the app
will crash:(
Any ideas?
Frank
smime.p7s
Description: S/MIME Cryptographic Signature
Nils Larsch schrieb:
> Frank Büttner wrote:
>> Hello, knows anyone the letter codes of the function SSL_state_string()?
>> The the doc I only can read:
>> "RETURN VALUES
>> Detailed description of possible states to be included later. ":(
>
> try
Hello, knows anyone the letter codes of the function SSL_state_string()?
The the doc I only can read:
"RETURN VALUES
Detailed description of possible states to be included later. ":(
Thanks
Frank
smime.p7s
Description: S/MIME Cryptographic Signature
Nils Larsch schrieb:
> Frank Büttner wrote:
>> So now I think it is an bug in the version 0.9.8b. Because with lib
>> 0.9.8a it will not happened. Can some one verify it?
>
> I've just tested "openssl ciphers trash" with openssl 0.9.8a, 0.9.8b
> and
So now I think it is an bug in the version 0.9.8b. Because with lib
0.9.8a it will not happened. Can some one verify it?
smime.p7s
Description: S/MIME Cryptographic Signature
Some news.
It only happens on Windows(0.9.8b) on Linux(0.9.8a) it works.:(
smime.p7s
Description: S/MIME Cryptographic Signature
Hello, I have an problem with the SSL_set_cipher_list() function, I send
trash to it and it returns 1.
Sample:
SSL_set_cipher_list(ptrSSL,"trash");
But in the SSL doc is written that it returns only 1 when if any cipher
could be selected.
smime.p7s
Description: S/MIME Cryptographic Signature
Now it will work better.
The problem was to that all must be event trigger.
Thanks a lot. Next I must add some error handling:)
Frank
smime.p7s
Description: S/MIME Cryptographic Signature
David Schwartz schrieb:
>> I have try this, but it fails, because the is no way to find out when
>> the write buffer BIO has data that must send. I have try it with the
>> callback function. But this will not work, because the function must be
>> static. And than I can not acces the network object
Richard Koenning schrieb:
> Frank Büttner wrote:
>
>> So I found out that SSL don't take teh data from the socket:(
>> The Qt buffer will grow and grow, but SSL don't read the data:(
>
> It seems to me that you have an architecture problem. As i understand
&g
David Schwartz schrieb:
>> So I found out that SSL don't take teh data from the socket:(
>> The Qt buffer will grow and grow, but SSL don't read the data:(
>
> If you use bio pairs, SSL doesn't have to touch the network at all ever. You
> can read and write data to and from the network and to and
Krishna M Singh schrieb:
> Hi Frank
>
> Don't know anything about Qt socket system but I feel there must be
> some other API in place of select in that. Non-blocking sockets cant'
> be handled without select easily and efficiently..
> Its very crude way but u can sort of implement select functiona
Krishna M Singh schrieb:
> Not sure whether it failed with bio.. But for non-blocking sockets u
> must use the select call else it would be too complex to handle the
> sockets.. Have u tried that..?
>
>
I can't use the select() call, because I only have an fd for the socket.
But no direct connect
Krishna M Singh schrieb:
> Hi
>
> I haven't ever used BIO.. One more thing, after calling SSL_read we
> need to call SSL_pending also to make nothing is buffered.. In case
> SSL_pending returns non-zero than we can iteractively call the
> SSL_read again until it returns SSL_WANT_read or Write..
>
David Schwartz schrieb:
>> The only signals that I have is readyRead() (emit when I can read data
>> form socked) and bytesWritten() (emit when data was written to the
>> socked). I seen that OpenSSL will only have data for read when an Record
>> was complete transmitted. How can I find out the siz
Richard Koenning schrieb:
> Frank Büttner wrote:
>
>> Non blocking is not possible because Qt returns only an non blocking fd.
>
> What is the problem?
>
>> What do you mean with the select() fun
Non blocking is not possible because Qt returns only an non blocking fd.
What do you mean with the select() function. In the openSSL doc I can't
found something like that.
smime.p7s
Description: S/MIME Cryptographic Signature
Krishna M Singh schrieb:
> Hi
>
> In non-blocking mode, for client we call
> SSL_connect
>
> In case SSL_connect returns -1 with SSL_ERROR_WANT_READ u need to wait
> in Select and once the sock fd is readable, u again need to all
> SSL_connect till the SSL_connect returns success or some other er
Krishna M Singh schrieb:
> Hi
>
> You need to call SSL_Connect (if client) or SSL_accept( if server) and
> not the SSL_read.. SSL_Connection or ssl_accept internally performs
> that..
>
> If u do SSL_read before SSL handshake completion, the SSL connection
> can't be established..
>
> HTH
> -Kri
David Schwartz schrieb:
> So call it after. This is not an "error" but an indication, similar to
> EWOULDBLOCK. It is telling you that the operation cannot complete without
> blocking and you asked it not to block, so it can't complete now.
When I then call SSL_read I will get the same error
Krishna M Singh schrieb:
> Hi
>
> This is not an issue. U are using a non-blocking socket and thus u
> need to have a select call and put this socket on readable list and
> call SSL_read whenever this sockets becomes readable..
> Other way round, make ur socket fd non-blocking (ioctl call) and tha
Hello, I try to set up an SSL connection, but it fails when I call
SSL_connect() with SSL_ERROR_WANT_READ.
I have written it it is show in the openSSL doc.
To test it I run
openssl s_server -accept 1234 -cert server.pem -state
In my sample app I call
SSL_CTX* K_OpenSSLVerbindung;
SSL*K_SSLStru
Yes now all is ok.
Thanks
smime.p7s
Description: S/MIME Cryptographic Signature
I know that that work. But then the lib is slower.
smime.p7s
Description: S/MIME Cryptographic Signature
That is the problem when I use MSYS I can't compile apps using Qt
because Qt can only be used with mingw and without MSYS.
and 0.9.7 works with mingw only.
smime.p7s
Description: S/MIME Cryptographic Signature
No I only use mingw without MSYS because other lib's that I mus use can
not run with MSYS.(The Qt lib).
In the INSTALL.W32 file of the package it call's
GNU C (MinGW)
-
>ms\mingw32
but this have to Bug's the first is simple to fix with the line change.
But the second is harder, I hav
To fix the error with the deprecated option
change in the file
util\pl\Mingw32.pl
in line
{ $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -mcpu=i486
-Wall"; }
to
{ $cflags="-DL_ENDIAN -DDSO_WIN32 -fomit-frame-pointer -O3 -march=i486
-Wall"; }
smime.p7s
Description: S/MIME Cryptograph
Since 0.9.8 the generated make file is wrong.
The dependency to x86cpuid.o for libcrypt is mising.
The second is that the deprecated -mcpu= option is used by gcc
smime.p7s
Description: S/MIME Cryptographic Signature
This patch will not fix it. But I will build one and send to the list.
smime.p7s
Description: S/MIME Cryptographic Signature
The first error about the deprecated option still exists in 0.9.8b and
the build error also. Are there plains to fix this to problems?
smime.p7s
Description: S/MIME Cryptographic Signature
42 matches
Mail list logo
