ease? Maybe I
missed some fine points in the standard.
Sorry if my question looks stupid and basic, I am just trying to learn
cryptography on my own by reading books, watching professors lecture online
and self experimentation.
with regards,
M K Saravanan
> I am extremely for making such a basic stupid mistake.
I am extremely sorry.
On Wed, 17 Nov 2021 at 21:19, M K Saravanan wrote:
>
> Thanks Matt.
>
> I am extremely for making such a basic stupid mistake.
>
> On Wed, 17 Nov 2021 at 18:33, Matt Caswell wrote:
> >
&
Thanks Matt.
I am extremely for making such a basic stupid mistake.
On Wed, 17 Nov 2021 at 18:33, Matt Caswell wrote:
>
>
>
> On 17/11/2021 08:25, M K Saravanan wrote:
> > Hi,
> >
> > Do I need to do any config to enable DHE based ciphers in openssl for
> > c
Hi,
Do I need to do any config to enable DHE based ciphers in openssl for
command line usage?
$ openssl s_client -cipher 'DHE_RSA_WITH_AES_128_GCM_SHA256' -connect
10.10.16.100:443
Error with command: "-cipher DHE_RSA_WITH_AES_128_GCM_SHA256"
139775998456896:error:140E6118:SSL
routines:ssl_cipher
there's anything I'm missing something
important, but I at least wanted to voice my support for getting #8797
landed.
Thank you,
James M Snell, jasn...@gmail.com
Thanks Rich.
openssl version -a
…
OPENSSLDIR: "/usr/local/openssl-1.0.2a/ssl"
—
That tells me the dir openssl is looking in.
ls /usr/local/openssl-1.0.2a/ssl
total 36
drwxr-xr-x 6 root root 4096 2019-10-23 16:34 .
drwxr-xr-x 7 root root 4096 2019-10-22 12:27 ..
drwxr-xr-x 2 root root 4
I built openssl 1.0.2 from the tar.gz file.
I am trying to verify a connection, but TLS does not find the ca-bundle.crt
unless it is on the command line:
/usr/local/openssl/bin/openssl s_client -showcerts -connect mta3.edu:25
-starttls smtp
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA
Hello,
I'm trying to create a blake2b512 digest with a key. I've made an attempt to
follow the source code and I'm assuming the algorithm's name for blake2b MAC is
blake2bmac, though I have tried different values. I don't seem to be able to
create a valid checksum:
$ openssl version; echo -n "
I need to implement a SOAP API that will utilize Two-Way Certificate
Authentication and encryption/decryption.
I do not know what parts of the handshaking and processing of authentication
and encryption/decryption is managed by the Windows Server Operating System
(and/or IIS) Environment, or wh
ng A and B
> sequentially).
>
> I believe OpenSSL uses stitched implementations in TLS for AES-CBC +
> HMAC-SHA1/2, if they exist for the platform.
>
> Also note that "AEAD ciphersuites are not impacted", i.e. AES-GCM and
> ChaPoly are not impacted.
>
> Cheers,
Hi,
In the context of https://www.openssl.org/news/secadv/20190226.txt
==
In order for this to be exploitable "non-stitched" ciphersuites must be in use.
==
what is "non-stitched" ciphersuites means?
with regards,
Saravanan
Hi Matt,
On Tue, 15 Jan 2019 at 20:02, Matt Caswell wrote:
> This is perhaps best explained by this comment in the client side code for
> processing a new ticket from the server:
>
> /*
> * There are two ways to detect a resumed ticket session. One is to set
> * an appropriate sessi
Hi,
When I use openssl s_client to connect to a server which uses session
ticket to resume a session (session ID is turned off), openssl is
still printing a session ID where none is sent by the server (packet
capture shows session ID length = zero in the Server Hello).
==
New, TLSv1.2, Ci
Hi,
I read the recent research paper:
The 9 Lives of Bleichenbacher's CAT: New Cache ATtacks on TLS Implementations
by
Eyal Ronen, Robert Gillham, Daniel Genkin, Adi Shamir, David Wong, and
Yuval Yarom
Nov 30, 2018
Research Paper: https://eprint.iacr.org/2018/1173.pdf
As per this paper, OpenSSL
Hi,
When I create static DH key pair using openssl, why the public key and
prime contains the prefix 0x00 byte?
For e.g. in 1024 bit key, 128 bytes is enough.
private key properly shows 128 bytes. But public key and prime shows
129 bytes with a 0x00 byte at the beginning. What is the need for
Hi,
When using openssl with X25519, why it shows the server temp key as 253 bits?
Example:
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: X25519, 253 bits
---
I thought Curve25519 is using 256 bit keys.
Why 253 instead of 256?
wit
On 20 December 2017 at 14:21, haris iqbal wrote:
> Wanted to know this, since my custom application uses an older version
> of OpenSSL, and I wanted to be sure that it is not affected.
Not answering your original question. But you can test it using one
of the following tools:
The follo
Thanks to all persons who have provided the expertise with my problem of
missing header file. One suggestion was to step down a version to 1.0.2k. This
has worked configure, make, make test and make install all executed and
installed.
James Carter PhD
ES34 Bldg 4487 Rm B117
Optics & Imaging Br
The attached text file is a snippet from attempting to install openssl-1.1.0c
on a Solaris 8 machine. As can be seen, failed when could not be
found. There is no such file anywhere on this machine. As root, searched from
the root directory for the file. Do have in more than one location,
/u
uf, in_len) <=
0) { fprintf(stderr, "Error while decrypting data.\n");
return 0; }
x = fwrite(outbuf, sizeof(char), in_len, tgtfp);
if (x != in_len) { fprintf(stderr, "Error
while wr
https://www.openssl.org/docs/fipsnotes.html mentions the following:
As a result of the POST performance issue we revisited the KAT (Known
Answer Test) requirements in the POST process that were burning up most of
those cycle. In consultation with a CMVP test lab we determined that it shoul
Hi,
> Upon checking the wireshark capture, I found the OCSP response does not send
> signer cert, but only the responderID (byKey).
>
> In such scenario, where do I find the OCSP response signer cert?
Clarifying my own question.
https://tools.ietf.org/html/rfc6960#section-4.2.2.3 says:
Hi,
If the OCSP responder does not send the response signer certificate in the
OCSP response, then how can we find the signer certificate?
I was doing a simple test to verify google certificate via OCSP like this:
$ openssl ocsp -issuer ./www.google.com.sg-issuer.cer -CAfile ./ca.cer
-cert ./www
Great Dave this did the trick.
Thanks,
Mark
Van: openssl-users [openssl-users-boun...@openssl.org] namens Dave Thompson
[dthomp...@prinpay.com]
Verzonden: vrijdag 1 mei 2015 6:59
Aan: openssl-users@openssl.org
Onderwerp: Re: [openssl-users] Error signing d
Dear Openssl,
I have the following case:
I am trying to sign a file with a private key from an CA.
I converted the pfx file to a pem file using the following command
openssl pkcs12 -in CustKeyIcBD001.pfx -out CustKeyIcBD001.pem -nodes
After this I trying to sign a file using this key with the fo
Hi,
> Then again, many developers do have a social handicap - that's why
> they are so good a developer.
that sweeping generalisation is probably worse than calling one person
a troll! ;-)
alan
__
OpenSSL Project
Hi,
> > I am new to SSL/TLS Certificates. Please help me understand what is the
> > difference between ROOT CA Certs and Intermediate Certs or Chain Certs. I
> > will appreciate if i can refer to some books or tutorials to know about
> > SSL/TLS technology.
>
> The closest thing you'll probabl
hi,
I'm using OpenSSL 0.9.8q in FreeBSD-8.2. I have 3 virtual hosts on my system
and want to implement SNI to serve for all 3 of them in one server.
I have 3 separate certificates one for each, and in my ssl-server code I have
to somehow findout what is the domain-name of client's request, and u
On Tue, Jan 28, 2014, at 05:18 PM, Dr. Stephen Henson wrote:
> On Tue, Jan 28, 2014, Adam McLaurin wrote:
>
> > I suspect this will result in a double free bug, as I don't think memory
> > ownership of 'data' is actually passed back to the caller (which is why
> > it's 'const char**'). The error i
On Tue, Jan 28, 2014, at 01:41 PM, Dr. Stephen Henson wrote:
> On Tue, Jan 28, 2014, Adam M wrote:
>
> > Hi,
> >
> > I'm reading the documentation for ERR_get_error_line_data() here:
> > http://www.openssl.org/docs/crypto/ERR_get_error.html
> >
> &
Hi,
I'm reading the documentation for ERR_get_error_line_data() here:
http://www.openssl.org/docs/crypto/ERR_get_error.html
The comments say that 'data' is dynamically allocated with
OPENSSL_malloc() if the ERR_TXT_MALLOCED bit is set in 'flags'. I
presume this means that we need to call OPENSSL_
will help someone to decide the canonical interpretation of RSA_size()
> so
> that the broken implementation can be determined and fixed.
>
> David Boyce
>
> On 11 Jan 2014 at 12:09, Som M via RT wrote:
>
> > Hi,
> > We are facing some issue with rsa key size while porti
hat many bytes
>past the end of the http headers.
>
>
>
>
>
>
>
>On 11 January 2014 19:46, M. V. wrote:
>
>Hi everybody,
>>
>>
>>
>>I'm writing an application that creates multiple non-blocking SSL connections
>>to an https server, in
Hi everybody,
I'm writing an application that creates multiple non-blocking SSL connections
to an https server, in each one I send a request and
read the server's response. my problem is, whatever I do, I can't
determine when the response data is finished. here's part of my code
responsible f
Hi,
We are facing some issue with rsa key size while porting our application
from montavista to RHEL 6.4.
The RSA key size(RSA_size) for montavista is returning 128 bytes but on
RHEL its returning 129 bytes.
#include
#include
#include
#include
#include
#include
#include
/*using namespac
Hi,
> All in all, I am not impressed.
..but the joy of OpenSource projects is that you can help to fix
these things and make it better! ;-)
(ps thats just tongue in cheek comment...i have no affiliation/link
to this project and havent seen the code/sf.net page or used the tool)
alan
_
Good day all,
I have a crash of our proprietary server, which is happening inside
libraries.
I will explain the set up.
I built a module that uses gSoap, which in turn uses OpenSSL on Windows
platform
This module is used for credit card purchases. It serves multiple clients
at a time, hence it'
Hi,
I am wondering if it is possible to do TLS only through memory buffers. I
have an application where I'd like to add encryption and authentication to
the communication layer. During a TLS handshake the application could send
and receive memory buffers. But I do not have access to the socket. (S
Hi Michel,
I could not find the p5_crpt2.c under \crypto\evp after I unzipped the
openssl-fips-ecp-2.0.4.tar, could you please provide the correct installation
script needed for WinXP.
Thanks and Regards,
Rengith M.
From: Michel [mailto:msa...@paybox.com]
Sent: Friday, June 14
references to documentation on these, examples.
5. How to build on VC++ 6.0 for windows XP, SP3.
i.e., I would like to check the PBKDF2, with key hashed with SHA256 and
salt length equal to or greater than 8bytes
Warm Regards,
Rengith M.
* Confidentiality Statement/Disclaimer
I have certificates in PEM format and my code is expecting DER formatted keys.
How can I covert from PEM to DER in my code?
thanks
I implemented HMAC, AES encryption and DSA routines using openssl version
1.2.3. I used the EVP_EncryptInit, EVP_EncryptUpdate, EVP_EncryptFinal etc
routines. I have a requirement to use FIPS compliant version of OPenSSL. I
recently got OpenSSL 2.0 and cannot find the EVP_* routines. Are they
http://dev.igd.tw/jeancouk/wp-content/uploads/2012/01/jrklre.html";>
http://dev.igd.tw/jeancouk/wp-content/uploads/2012/01/jrklre.html
hello list
hello folks
hello all the guru to this list
here I am with a question that is both simple and complicated
for a single server using perl
like this with self signed certificat
my $server = IO::Socket::SSL->new( Proto => 'tcp',
LocalPort => $PORT,
hi
When I started to Linux in 2001 I found the event I could not recompile perl
error and corruption
Le mercredi 6 juillet 2011 14:11, monloi perez a écrit :
> Hi,
>
>
> I'm new to the list and having this issue.
>
> I installed apache + openssl. When i started apache I get an error
> "Segment
How can I tell if openssl on my server is acting as a server and calling
SSL_CTX_set_tlsext_status_cb on the server's SSL_CTX?
This includes Apache httpd >= 2.3.3, if configured with "SSLUseStapling On".
smime.p7s
Description: S/MIME cryptographic signature
Hello,
I am trying to build an application and linking it with a FIPS capable
version of openssl. I followed all the steps in the manual and have put the
fipscanister.o and fips_remain.c (along with the .sha1 files) in the
/usr/lib directory. After building openssl-0.9.8q, i have the fipsld
prog
Hi,
I am using OpenSSL 0.9.8e-fips-rhel on Linux.
I am generating RSA Key using RSA_generate_key(). I am able to success
on that part.
On reading the OpenSSL faq, found that the function 'RAND_egd()' needs
to be
called before generating the key.
Is it mandatory to seed before generating ke
Hi ,
I am writing a program to generate RSA key and able to generate also.
But in the document I read, The pseudo-random number generator(PRNG)
must be seeded prior to calling RSA_generate_key().
How to seed the PRNG using ?
Thanks for your time,
Krishnaurthy
_
The informati
Hi,
I am Krishnamurthy. I have some query regarding openssl. Is it possi
ble to generate 64 bit key using RSA_generate_key()
Thanks for your time,
Krishnamurthy
_
The information contained in this message is proprietary and/or confidential.
If you are not the intended re
Thank you very much for the reply.
I'm using a new certificate, but initially I used the old one. I've replace
it because I thought that
might be the problem. At this happens on people's laptops, so I can't
perform much tests
as they are not usually available.
I can only show the logs from my c
The system I am using is CentOS 5.4, and I am trying to install a
custom openssl with a custom zlib.
The system architecture is x86_64.
I have tried to compile and install openssl versions: 0.9.8m, 0.9.8n and 1.0.0
I have tried zlib versions 1.2.3, 1.2.4, and 1.2.5.
GCC Version: 4.1.2-46
Kernel:
The man page for SSL_write() mentions that I should call
SSL_get_error() upon failure:
http://www.openssl.org/docs/ssl/SSL_write.html
Is that all I have to do? Or do I should I inspect the error stack too?
I guess I don't have any specific question here, just looking for discussion.
-Patrick
___
>From the SSL_get_error() man page:
The current thread's error queue must be empty before the TLS/SSL I/O
operation is attempted, or SSL_get_error() will not work reliably.
And don't
I should have mentioned ERR_get_error() in my question, that's what's
most heavily on my mind. The question is if you have to call clear the
error stack with ERR_get_error() after every failed SSL call, even
failures that are often "not really failures." For example, my code
considered SSL_read() r
As an OpenSSL newbie, I'm trouble that the man pages for SSL_write()
and SSL_read() don't stress that you should clear the error stack upon
a failed call. They suggest you check SSL_get_error(), but they make
no mention of clearing the error stack afterward, and I hear that
clearing the error stack
I'm curious why does SSL_get_error() need to be passed a return code
to function? The call sig being
int SSL_get_error(const SSL *ssl, int ret);
I'm referring to the second argument. I just can't imagine what that
might possibly be for, but I'm extremely, anybody have any ideas?
-Patrick
P.S.
I
Hi...
I've been struggling with how to concatenate multiple public domain certs
into one crt file.
Basically, I have 5 SSL virtual host domains running on 1 apache httpd
server and each host has a separate GeoTrust domain certificate. Instead of
having 5 individual public *.crt files, is there an
Hi,
I try to write a program to verify a signature, all results of openssl(0.9.8.h)
function calls are fine except the last one result =
EVP_VerifyFinal(md_ctx, sig, sig_size, evp_pkey);the result is -1, which means
it's an error. Any idea what did I do wrong? see the codes below.
Thanks,
Hi,
> >> I would like to request that this list become moderated as it is now
> >> inundated by spam. I have a strict quota for email lists at work (which
> >> also
> >> includes the spam) and after the quota is up I get no more emails for
> >> the rest of the month. Last month it stopped on the
Hi,
> No. I was trying to be polite,
excuse me? This is a general open public mailing list for OpenSSL.
this sort of abusive language has no place here - its read by a mixture
of professional, non-professional, adults, children, researchers,
computer users etc. foul language has its place in
I was initially working on SHA 128 algorithms & #include was
what was needed.Now, I need to work on SHA 256, but does not
seem to work. I've also tried sha2.h & sha256.h to no avail. I've checked
the source code & the SHA 256 APIs are defined in the same header file as
SHA 128, ie openssl/sha.h
Hello,
I am trying to install OpenSSL-0.9.8k. I currently have OpenSSL-0.9.8.602.
Do I need to remove my older version before I install the new version?
Also, I ran a ./config --prefix=/usr/opt/OpenSSL, which came back with NO
error. Then when I ran make it gives me the following error:
cc: unr
Thanks for your help. I appreciate the prompt response.
On Wed, Apr 1, 2009 at 3:27 PM, Dr. Stephen Henson wrote:
> On Wed, Apr 01, 2009, m r wrote:
>
> > I'm looking to migrate AES encryption code from BSAFE to openSSL. As a
> test,
> > I encrypted a string using BS
I'm looking to migrate AES encryption code from BSAFE to openSSL. As a test,
I encrypted a string using BSAFE AES & tried to decrypt using AES of
openSSL. The openSSL manages to decrypt, but it adds some junk (mostly
unprintable characters) in the end. For example, if my input is 1234, the
decrypte
w-rw-r-- 1 asish asish 1733 Dec 31 18:11 test.pfx*
#
When i check both cert.pem and test.pem the private key part is changed .
Why is it so? Kindly help me.
Regards
Asish M Madhu
Hi,
> Folks,
> I know this a well known issue, but still didnt find a solution.
> When generating the key pair certificates, running the command
> openssl req -new -key mydomain.com.key -out mydomain.com.csr) I received and
> error message as
> follows:
>
> Unable to load config info from
> /
Hi All
I have been using this API to dump in my statistics logs whether the
SSL session is reused or not in a windows openSSL based client.
Everything was good till i was using 9.7e. The session reuse works
fine and the logs were correctly showing session reused as 1 and
sniffer traces rec
Hi,
> Basically our client software is just sending out characters and should not
> be bothered about anything else. I've read about openvpn which uses TCP to
> bootstrap a secure UDP connection.
OpenVPN can also run on just UDP too.
alan
Hi,
> Why the latest version is still 0.9.x, why it hasn't bumped up to 1.x in
> last 8 years. Generally 1.x defines a stable version.
hmm, I personally would not get hung up on '1.x is stable' -
having used dozens of platforms and software versions
to run network delivery solutions I can tell y
Hi All
I have been using this API to dump in my statistics logs whether the
SSL session is reused or not in a windows openSSL based client.
Everything was good till i was using 9.7e. The session reuse works
fine and the logs were correctly showing session reused as 1 and
sniffer traces reconfirm
, IP:::1
Thank you for any suggestion.
--
Loren M. Lang
[EMAIL PROTECTED]
http://www.alzatex.com/
Public Key: ftp://ftp.tallye.com/pub/lorenl_pubkey.asc
Fingerprint: 10A0 7AE2 DAF5 4780 888A 3FA4 DCEE BB39 7654 DE5B
smime.p7s
Description: S/MIME Cryptographic Signature
)
*
Please send your comments /suggestions on the error messages highlighted
here.
Thank you,
Sachin P B
--
Loren M. Lang
[EMAIL PROTECTED]
http://www.north-winds.org/
Public Key: ftp://ftp.north-winds.org/pub/lorenl_pubkey.asc
Fingerprint: 10A0 7AE2 DAF5 4780 888A 3FA4 DCEE BB39 7654 DE5B
te() to see if the machines can communicate and I was able to
successfully write/read messages.
One thing I did notice, and thanks for pointing this out, is that my
SSL_set_verify callback
function is never getting called which is strange.
I'm using OpenSSL 0.9.8f running on AIX.
Thanks,
John M.
Thanks, I've read the man page for SSL_get_peer_certificate() and it says it
returns NULL if " No certificate was presented by the peer or no connection was
established." After tracing through the code I see that
SSL_get_peer_certificate() returns null because no connection has been
established
Hi,
I am having a problem establishing a connection with openssl libs. My client
code is failing because SSL_get_peer_certificate() returns NULL. On the server
code SSL_get_error() returns 1 and the error string i get is
"error::lib(0):func(0):reason(0)" which is very unclear to me. Why
Ok Great!! Thanks, I'll give it a try...
David M. Funk
President/CEO
Tivoli Certified Enterprise Consultant
Specializing in Network and Systems Management Solutions
Trinity Solutions
604 Cassandra Dr.
Cranberry Twp., PA 16066
Phone: 724-316-0721
Yea that's what I tried earlier and couldn't get to work..
Thanks for your reply though.
David M. Funk
President/CEO
Tivoli Certified Enterprise Consultant
Specializing in Network and Systems Management Solutions
Trinity Solutions
604 Cassandra Dr.
Cranberry Twp., PA 16066
);
out.write( "response Code:"+conn.getResponseMessage() );
conn.disconnect();=
++++
+
TIA,
David M. Funk
President/CEO
Tivoli Certified Enterprise Consultant
Specializi
Hi,
>
> if you find out? PLEASE LET ME KNOW? HELP!
if you read instructions this is the first email you ever got from this
list:
Welcome to the openssl-users mailing list!
Please save this message for future reference. Thank you.
If you ever want to remove yourself from this ma
Hi,
> This problem is much bigger than OpenSSL. In fact, it is probably bigger
> than Y2K because it will involve changes to most flavors of the Unix
> operating system. It is neither trivially solved, nor an unknown problem.
move to 64bit - thats the only way to go beyond 2038 from the
unix ep
Hi,
> When trying to make a certificate for 30 years seems you run into the
> 2038 date limitation. Seems the code converts date to a signed int in
> seconds since 1970 and now that we are within 30 years of the 2038 limit
> we get hit by it. Using a date of (30 * 365) from now:
thats the same dat
Maybe I need some more coffee before I google...
I just upgraded to openssl-0.9.8g, but when I type openssl version it
still shows me the old one.
Am I missing some steps here and is there a web page where I can find them?
Thanks.
__
Steve,
Just to be clear, I can use this file, ~\app\openssl, to generate a key and
certificate request that will be FIPS compliant? How can I tell Tomcat to use
this built version of OpenSSL as the SSLEngine?
Thank you,
Ben M. Scholl
Ennovex Solutions, Inc.
Software Engineer
DoD PKE
help you can provide is much appreciated.
Thank you,
Ben M. Scholl
Ennovex Solutions, Inc.
Software Engineer
DoD PKE Engineering
Phone: 703-933-9064
Fax: 703-933-9067
www.ennovex.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen
Henson
Sent
upposed to configure the environment?
Why is this operation so abstract and cryptic?
Ben M. Scholl
Ennovex Solutions, Inc.
Software Engineer
DoD PKE Engineering
Phone: 703-933-9064
Fax: 703-933-9067
www.ennovex.com
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Be
Saju,
When you do get some time, would you please elaborate on how to accomplish this
task of building and installing each version and somehow linking each of them
together?
Thank you,
Ben M. Scholl
Ennovex Solutions, Inc.
Software Engineer
DoD PKE Engineering
Phone: 703-933-9064
Fax: 703-933
So do you need either openssl version 0.9.7m, 0.9.8g, or other to be built on
the system before trying to build the FIPS version? How do you link the two
versions?
Ben M. Scholl
Ennovex Solutions, Inc.
Software Engineer
DoD PKE Engineering
Phone: 703-933-9064
Fax: 703-933-9067
www.ennovex.com
there something wrong
with the make file(s)? Or is there some other reason this won't build? Please
let me know if you have any questions or need additional information.
Thank you for the help,
Ben M. Scholl
Ennovex Solutions, Inc.
Software Engineer
DoD PKE Engineering
Phone: 703-933-9064
Fax: 703-933-9067
www.ennovex.com<http://www.ennovex.com/>
[cid:image002.jpg@01C882B7.F2A19180]
<>
installed CAs. I have read up on the posts in
<http://marc.info/?l=openssl-users&m=109589078005056&w=2> as well as
other resources and I believe I have correctly setup a cross certificate
to give trust to CA2 from CA
Hi,
> OpenSSL is *NOT* intended to be 'used' by people who use programs that use
> it. It is intended to be used by programs and by people who make them.
I'll stick my 0.01 euro cent in here and state i disagree with this
hypothesis. whether you are a user via a 3rd party program (as almost
all
Folks,
I wrote a "webbot" Perl script that goes through an entire checkout process
and tests for validation.
It works great. It has been in production for a while now.
Now to make changes, I had to copy into our test environment and work with
our test web server. (Change control go figure...
It was stup0id programmer tricks. I thought I had the signature properly
decoded. Once I got that ironed out, all my problems went away. :)
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola
Sent: Tuesday, October 16, 2007 3:48 PM
To: openssl-u
greater
than mod len:.\crypto\rsa\rsa_eay.c:660:
If the php internal openssl code verifies this signature, and the
external openssl.exe binary generates thie listing above, does this
indicate a but in openssl.exe?
From: [EMAIL PROTECTED]
[mailto:[EMAIL
I'm attempting to implement some single sign-on code from this site:
http://www.single-signon.com/en/single-signon.html
I downloaded their PHP-based agent code, and successfully run it on our
IIS7 server. The PHP code can use either PHP's internal openssl code,
or can be configured to use
Hello Steve,
Thank you for the clarification. It addresses my problem.
Thanks and Regards
Vijay
On 9/12/07, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote:
>
> On Wed, Sep 12, 2007, Vijayekkumaran M wrote:
>
> > Hello All,
> >
> > This is the first time I am po
Hello All,
This is the first time I am posting to this forum.
If I am asking this question in the wrong forum please redirect me.
I am using OpenSSL 0.9.8.
I need to create a detached pkcs#7 signature of some piece of data and store
the signature in BER encoded format.
>From the man pages I u
Hi
there is install.w32 file that is used to build dlls on windows
platform. I am not aware of any workspace file for OpenSSL and also I
never needed one as well..
thanks and regards
Krishna
On 7/20/07, Abhishek Tripathi <[EMAIL PROTECTED]> wrote:
Hi Friends ,
Can any body tell
I am not sure but you can have some traces based on the return value
of the SSL calls. But if we think about the layered model, there can't
be any other way to know what u have written is actually encrypted or
not at layers below the SSL unless using some sniffers. At SSL layer,
you need to have e
Alain
A certificate generated for CN*.example.com will work for
foo.example.com as well as foo.bar.example.com in IE. Please crosscheck this.
We have tested this longback with 9.7e
regards
Krishna
On 6/16/07, Alain Spineux <[EMAIL PROTECTED]> wrote:
Hello
I would like to create a individua
1 - 100 of 260 matches
Mail list logo
