Re: X509_NAME_get_text_by_NID fails with accent?

2005-12-20 Thread Jostein Tveit
ò in UTF-8 is 0xc3 0xb2. ò in ISO-8859-1 is 0xf2. I guess the string is encoded as UTF8String in the certificate. If you want your output in ISO-8859-1, you have to convert it from UTF-8. -- Jostein Tveit <[EMAIL PROTECTED]>

Re: ASN.1 problems when implementing CMP protocol

2005-09-21 Thread Jostein Tveit
anguages/index.html -- Jostein Tveit <[EMAIL PROTECTED]> __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.o

Re: SSL version 3 application data.

2005-08-23 Thread Jostein Tveit
. Everything after the 5th byte is ciphertext. 17 (application data) 03 (major version) 00 (minor version) 00 20 (length 16bits) ... (32 bytes of encrypted data) -- Jostein Tveit <[EMAIL PROTECTED]> __ OpenSSL Project

Re: TLSv1 Or SSLv3

2005-07-13 Thread Jostein Tveit
Jagannadha Bhattu <[EMAIL PROTECTED]> writes: > Can you let me know which one is more safer between TLSv1 and > SSLv3. TLSv1 and SSLv3 are equally safe. TLS is the IETF's version of Netscape's SSL with some minor changes. -- Jostein T

Re: question about ssl

2005-07-08 Thread Jostein Tveit
.com/eng/security/SSL_2.html [2] http://www.schneier.com/paper-ssl.pdf [3] http://www.schneier.com/paper-ssl-revised.pdf Regards, -- Jostein Tveit <[EMAIL PROTECTED]> __ OpenSSL Project http:

Re: question about ssl

2005-07-07 Thread Jostein Tveit
is was a typo in the standard, and that the designers intended that the signature be omitted entirely. -- Jostein Tveit <[EMAIL PROTECTED]> __ OpenSSL Project http://www.openssl.org User Supp

Re: how does server determine http or https ?

2005-05-09 Thread Jostein Tveit
Paul Franz <[EMAIL PROTECTED]> writes: > This is defined by the port used. The default port for HTTPS is 443 and > the default for HTTP is 80. Or you can use "Upgrading to TLS Within HTTP/1.1" as defined in RFC 2817. -- Jostein T

Re: openssl md5 strange behaviour

2005-04-29 Thread Jostein Tveit
Victor Duchovni <[EMAIL PROTECTED]> writes: > On Fri, Apr 29, 2005 at 09:45:08AM +0200, Jostein Tveit wrote: > >> The same file copied with cygwin scp to my windows box: >> > > Thereby globally changing to ... That does not explain the difference between open

openssl md5 strange behaviour

2005-04-29 Thread Jostein Tveit
test 2cbba5a2632ae92aa4f10003f7970082 *test Is this a bug in OpenSSL 0.9.7d on cygwin? Regards, -- Jostein Tveit <[EMAIL PROTECTED]> __ OpenSSL Project http://www.openssl.org User Support M

Re: Steve i need to design a web site(from openssl)

2004-01-12 Thread Jostein Tveit
http://www.modssl.org/example/ > >From you descriptions, it is kind of hard to understand what you really want to accomplish. -- Jostein Tveit ([EMAIL PROTECTED]) __ OpenSSL Project http://www.

Re: Newbie: Key question

2003-12-29 Thread Jostein Tveit
r the same messages and compare the results. And if you are fiddling with low level SSL, I strongly advice you to buy Rescorla's book. -- Jostein Tveit ([EMAIL PROTECTED]) __ OpenSSL Project

Re: openssl encrypt problem

2003-12-17 Thread Jostein Tveit
ata you try to encrypt with it. > error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not > 01 > error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed The encrypted data is not correctly padded. --

Re: Encrypted E-mail

2003-12-12 Thread Jostein Tveit
wser. As long as your browser show https in the URL (use SSL), everything is encrypted. -- Jostein Tveit ([EMAIL PROTECTED]) __ OpenSSL Project http://www.openssl.org User Sup

Re: Usage of AES question

2003-12-05 Thread Jostein Tveit
op an active attack (aka man-in-the-middle). Then you have to use authentication in combination with DH. DSS is quite common, but you can also use RSA signatures. -- Jostein Tveit ([EMAIL PROTECTED]) __ Ope

Re: Printing ssl handshake messages...

2003-12-02 Thread Jostein Tveit
Sriram R <[EMAIL PROTECTED]> writes: > Is it possible to print the ssl handshake and keys exchanged > on the openssl side?..If so how? I recommend using ssldump http://www.rtfm.com/ssldump/ >. -- Jostein Tveit ([

Re: Strange garbage in RSA decryption

2003-11-17 Thread Jostein Tveit
variable and adjust your output to print the correct length. -- Jostein Tveit ([EMAIL PROTECTED]) __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMA

Re: Decrypting SSL packets with openSSL

2003-11-06 Thread Jostein Tveit
in the server certificate. Do you have a RSA key in the server certificate, and do the certificate state that the key can be used for encryption? -- Jostein Tveit ([EMAIL PROTECTED]) __ OpenSSL Project

Re: CA list in certificate request

2003-10-06 Thread Jostein Tveit
"Dr. Stephen Henson" <[EMAIL PROTECTED]> writes: > If its the CA list in a certificate request then it is a load of Name > structures i.e. just the DNs and not the whole certificate. Ahhh... I misunderstood. But the DNs are still DER encoded, right? -- Jostein T

Re: CA list in certificate request

2003-10-06 Thread Jostein Tveit
use to correctly extract the DN ? If you just want to dump the content of the certificate you can use Peter Gutmann's dumpasn1 tool at http://www.cs.auckland.ac.nz/~pgut001/ > Search for "dumpasn1". -- Jostein Tveit ([EMAIL PROTECTED]) ___

Re: diagram explaining encryption using openssl

2003-09-22 Thread Jostein Tveit
ee that signing is an application of hashing and encryption. Signing does not have to be an application of hashing and encryption. Take a look at DSA. Signing and encryption are quite different. The fact that RSA can be used to do both can be confusing. --

SSL client and server write key question

2003-09-11 Thread Jostein Tveit
wonder if there are any security reasons for using different client and server session write keys in the SSL specification. Thanks for all answers. Regards, -- Jostein Tveit ([EMAIL PROTECTED]) __ OpenSSL Project