I found that if the signing and verification are all done by command line or
all done by API, the verification will pass. But if cross, then failed. Any
default configuration are different?
--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
I am working on the upgrade my program written 4 years before with updated
openssl version 1.1.0j from 1.0.1e. There are so many changes between the
two versions. I updated my code with 1.1.0 API, but it failed and I cannot
figure out the reason.
The RSA key pair and message signature are generat
Hi,
Just wonder what is the planned or expected date for the Openssl 1.1 release
with the new SP 800-90 random number algorithms?
Thank you.
Ying
__
OpenSSL Project http://www.openssl.org
User
wow this is pretty awesome you should give it a look
http://www.finance15dynews.net/biz/?read=9799495
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl
wow this is crazy check it out http://www.finance15elnews.net/biz/?page=7115048
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Auto
wow this is awesome give it a look
http://www.finance15cinews.net/biz/?employment=0410777
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@opens
wow this is pretty crazy you should check it out
http://www.thanews.net/biz/?employment=8003005
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users
such an
fatal error, seems it will damage the image of the project.
--
qun-ying
- Original Message -
> From: Peter Heimann
> To: openssl-users@openssl.org
> Cc: "Spence, Thomas CIV USAF AFDW 844 CS/SCOX"
> Sent: Wednesday, April 25, 2012 12:08:45 AM
> Subjec
Hi,
Regarding this SGC-Restart DoS Attack (CVE-2011-4619), does it require the
server to use the SGC certificate or it doesn't matter what kind of certificate
is used by the server?
--
Qunying
Hi,
It seems there is an effort to provide a git repository:
http://repo.or.cz/w/mirror-openssl.git
Qunying
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
nderstanding. Please enlighten me if I miss something.
--
qun-ying
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
A
-ying
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
I found a solution without hacking into the library itself. Since my system is
running glibc, I forced all mem request to use mmap with
mallopt(M_MMAP_THRESHOLD, 0), which release the memory back to the system when
free is called, testing shows so far so good.
--
qun-ying
- Original
Does it mean that it is hard to change the behavior?
--
qun-ying
--- On Fri, 9/24/10, David Schwartz wrote:
>
> Sounds like OpenSSL wasn't what you wanted. OpenSSL is
> intended for use on general-purpose computers with virtual
> memory. It is not designed to return virt
down. This leave
very little memory for other part of the system, as this app is only a small
part of a bigger system. The memory usage is a big concern as it is always
running with the box.
So far periodically restart the app is not a good solution.
--
qun-ying
> This all seems nor
chunks = 81
mmap regions =4
mmap bytes = 1773568
Total (incl. mmap):
system bytes = 30045520
in use bytes = 3582752
releasable bytes = 462496
--
qun-ying
__
OpenSSL
If you just want to study it, gnutls has support TLS1.2, I suppose now most
Linux distributions include it by default also.
--
qun-ying
--- On Tue, 7/14/09, Akos Vandra wrote:
> From: Akos Vandra
> Subject: Re: TLSv1.2 in openssl
> To: openssl-users@openssl.org
> Received: T
Hi,
May I know is the current version of OpenSSL supports verification for CRL with
critical extensions? I am currently runing 0.9.7m.
Thanks
--
qun-ying
__
The new Internet Explorer® 8 - Faster, safer, easier
Ah, I miss that one. Thanks.
--
qun-ying
--- On Wed, 2/4/09, Giang Nguyen wrote:
> From: Giang Nguyen
> Subject: RE: IE could not connect to a chaine-cert's ssl server
> To: openssl-users@openssl.org
> Received: Wednesday, February 4, 2009, 2:02 PM
> i think it's be
the
connection.
Server: Linux lighttpd 1.4.19
Client: Windows XP, IE7, firefox 3.0.3
Actually, I try Aapche 2.x also, same result.
Thanks for your help!
--
qun-ying
__
Ask a question on any topic and get answers from real
'client-date' => 'Fri, 18 Oct 2002 14:00:44
GMT',
'content-length' => 302
}, 'HTTP::Headers' ),
'_msg' => 'Server Error',
Averroes wrote:
> Hi all,
>
> Perhaps someone noticed this:
>
> When I create a certificate there is difference
> between system (OS) time and creation time of certificate.
> Approximately one hour.
>
>
> certificate info:
> Validity
> Not Before: Sep 14 09:57:24 2001 GMT
>
the Java thread dump gives a lot of information unralted(I don't know
how to interprete it either). try to insert a lot of debug print in your
C code and find out exactly where it fails and check every return code
from the OpenSSL library calll, from there it is much easier to find the
problem..
_
app_RAND_load_file() is not in the library. it is only a function used
in the openssl command tool. you can get the function definition in
apps/app_rand.c
__
OpenSSL Project http://www.openssl.org
U
what platform/compiler are you running?
take note of the order you supply the library. move the -lcrypto to the
last of your link command may solve your problem.
__
OpenSSL Project http://www.opens
Don't use Netscape 6.01! Use Mozilla in stead (latest milestone is 0.8). It is
much more stable and with features that Netscape does not have.
--
(~._.~) Öì Ⱥ Ó¢ ¦¶ ¸s ^ (Qun-Ying) (65) 874-6643
( O )
()~*~()
(_)-(_)[EMAIL PROTECTED] * [EMAIL PROT
Could somebody hele me stop this message?
thanks
Ying li
-Original Message-
From: Dale Peakall [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 11, 2001 1:10 PM
To: [EMAIL PROTECTED]
Subject: Novell Spam
Would every subscriber in the U.S. please call Novell's toll free number:
What happend?
Please stop this message!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 11, 2001 12:22 PM
To: [EMAIL PROTECTED]
Subject: Message status - undeliverable
The message that you sent was undeliverable to the following:
RS
Yes. I got the same message.
Could somebody tell me why?
-Original Message-
From: Jennifer Arden [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 10, 2001 2:20 PM
To: [EMAIL PROTECTED]
Subject: RE: Message status - undeliverable
Can someone please take care of this. This is annoyin
This is a strange email. Why you send it to me?
Please don't send it again.
thanks
Ying Li
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 10, 2001 1:50 PM
To: [EMAIL PROTECTED]
Subject: Message status - undeliverable
The message tha
Hi,
I'd like to see whether my program can read most of the certificate
extensions (better in full implementation) defined in X.509 and PKIX.
Are there any samples available at any places?
Please email me privately.
Thanks in advance.
Regards,
Xiaoying
I used to get this kind of error. Active perl seems not working quite
well together with cygwin/mingw32. Try to get a perl version for cygwin.
QUERAN LOIC wrote:
>
> --- Reçu de CMB.QUERALO 0298002339 13-12-00 10.29
>
> I try to install OpenSSL 0.9.6 with gcc 2.95.2, m
Hi,
I am trying to create a X509 certificate and store the result in a
memory location for later usage. But the result return from i2d_X509()
is wrong. I can get the correct result if I write the X509 structure
through either PEM_write_X509() or i2d_X509_bio().
I am running OpenSSL 0.9.6 under S
Hi,
While going through the code in apps/x509.c, in line:979, function
x509_certify().
What does the 3 lines do? It seems useless for the upkey is free after
parameters being copied to? As
int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
is defined as copy from the second argument to t
s the verification of encrypted data's signature have the same level
of security of the decrypted data's signature? The reason for this is that if
the data have been corrupted, there is no point to decrypt them.
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6643
( O ) TrustCopy Pte L
While normally the original data before encryption gets signed, what is the
effect of signing the encrypted data? In this form, the verification can take
place without decrypting the data. Any pros and cons of this method?
Thanks
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6643
( O
After you create the base 64 BIO, set the following flag,
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
to parse the input without linefeed.
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O ) TrustCopy Pte Ltd / Kent Ridge Digital Labs
()~*~() 21 Heng Mui Keng Terrace, Singapore
In your VC installation, you should be able to found a batch file under
C:\progra~1\micros~2\vc98\bin, it is named "vcvars32.bat", just run the batch
file under your DOS prompt, it will setup all the environment for you.
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O )
e attached file that I just commented out the cert. related code.
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O ) TrustCopy Pte Ltd / Kent Ridge Digital Labs
()~*~() 21 Heng Mui Keng Terrace, Singapore 119613
(_)-(_)[EMAIL PROTECTED] * [EMAIL PROTECTED]
p12_crt.c
As more information on the mingw32 platform:
The code needed tlhelp32.h is for win95 only not for NT.
the tlhelp32.h is suppose only work in Win95 and later, not in NT at least 4.0.
It is said to to be supported under NT 5.0.
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O
Hi,
I have not dug into the source code yet, but I want to know how to use the proxy
support? Does it work transparently with those web proxy server, acting as a
tunnel for communication between two sites?
Thanks
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O
?? wrote:
>
> no default format.
> if you use openssl, pem is default.It is DER encode of you private key, then
>base64 it. with addtion alogorithm information, it became .pem file.
> PKCS is another format to store one' s certificate of private key or crl. Not
>strange, often used by I
It seems OpenSSL only support dynamic library on solaris system and dll
under Windows. How do I make a dynamic library for Linux? Is there other
issue to take care other than change the relevent compile options?
__
OpenSSL Project
Hi,
If I have the signature generated, how do I convert the p7 into a DER string
without writing out to a file? How do I know the size of the buffer to prepare?
Thanks
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O )
()~*~()
(_)-(_)[EMAIL PROTECTED] * [EMAIL PROTECTED
have to read in the data into buffer block by block
to verify the data. How do I setup such operations?
Regards
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O ) TrustCopy Pte Ltd / Kent Ridge Digital Labs
()~*~() 21 Heng Mui Keng Terrace, Singapore 119613
(_)-(_)[EMAIL PROTEC
~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O )
()~*~()
(_)-(_)[EMAIL PROTECTED] * [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
This site distributes a free software called SecureAge which
is working on Windows 95/98/NT. It will give the user a free
certificate issued by that company, that certfiticate will enable
the user to
- send signed/encrypted email
- exchange secure document over the Internet
- chat securely wi
47 matches
Mail list logo
