I found that if the signing and verification are all done by command line or
all done by API, the verification will pass. But if cross, then failed. Any
default configuration are different?
--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html
I am working on the upgrade my program written 4 years before with updated
openssl version 1.1.0j from 1.0.1e. There are so many changes between the
two versions. I updated my code with 1.1.0 API, but it failed and I cannot
figure out the reason.
The RSA key pair and message signature are generat
ave SAML assertions that
> are digitally signed.
>
> So, on the web service "client" side, we have a private key and a
> corresponding certificate, and on the web service "server" side, we have the
> certificate which is used for the validation of the digital signature
> > We are working with web services our SOAP messages have SAML assertions
> > that are digitally signed.
> >
> > So, on the web service "client" side, we have a private key and a
> > corresponding certificate, and on the web service "server&q
AML assertions that
> are digitally signed.
>
> So, on the web service "client" side, we have a private key and a
> corresponding certificate, and on the web service "server" side, we have the
> certificate which is used for the validation of the digital signature.
uot;client" side, we have a private key and a corresponding
certificate, and on the web service "server" side, we have the certificate
which is used for the validation of the digital signature.
We've been in development and testing for awhile, using certs from an in-house
CA,
- Original Message
Da: openssl-users@openssl.org
To: openssl-users@openssl.org
Oggetto: Re: Digital signature via Openssl
Data: 10/04/09 14:12
>
>
>
> On Fri, Apr 10, 2009, vism...@email.it wrote:
On Fri, Apr 10, 2009, vism...@email.it wrote:
> Hello,
>
>
> I need help for a digital signature using openssl; I have to generate a p7m
> file, I used openssl mime with -inkey (user private key) and -signer (user
> cert) options, but when I verify the file (via Javasign) I se
Hello,
I need help for a digital signature using openssl; I have to generate a p7m
file, I used openssl mime with -inkey (user private key) and -signer (user
cert) options, but when I verify the file (via Javasign) I see an error
"File not signed".
The command used was:
ope
Hi All,
I just wanted to know how the Digital Signature is
calculated for the Client Certificate using the Client
Certificate & Private Key files i.e. how the following
items are derived from the certificate data
1. Hash algorithm to generate a fix length hash value
2. The data on which the
Windows 2003 Server, SP1. List of Crypto Providers:
Listing Provider 'Default' 1
Algorithm Name Default Key len Min lenMax len
RC2 128 40 128
RC4 128 40 128
DES 56 56 56
3
On Wed, Apr 27, 2005, Oliver wrote:
> This is what I was beginning to question, I read something that through .NET
> V2 ripemd160 appears to be supported in Windows; though research doesn't
> produce much at this moment as to whether Windows does or does not support
> ripemd160.
>
The dialog box
ECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Nils
Larsch
Sent: 27 April 2005 16:49
To: openssl-users@openssl.org
Subject: Re: Using ripemd160 causes "nonvalid digital signature" CA
Oliver wrote:
> Would anyone be aware whether a problem exists using "ripemd160" message
&g
t;
Certification Path tab -> Certificate status: This certificate has a nonvalid
digital signature
The CA certificate Signature algorithm correctly shows: 1.3.36.3.3.1.2 (ripemd160); creating the exact same CA cert but using SHA1 causes no problems whatsoever.
since when does wind
n Path tab -> Certificate status: This certificate has a nonvalid
digital signature
The CA certificate Signature algorithm correctly shows: 1.3.36.3.3.1.2
(ripemd160); creating the exact same CA cert but using SHA1 causes no pr
Hi
Any one knows how to use openssl to verify the digital
signature generated by java program.
What I have done are the following:
1. Using openssl generates the private key and
certificate.
2. Export the key and certificate into the pkcs12
file.
3. Import the key and certificate into &quo
: Re: Digital signature creation
Man pages for the openssl command on www.openssl.org
Openssl is an executable that can be used to generate certificates,
keys, etc.
The page http://www.post1.com/home/ngps/m2/howto.ca.html has a tutorial
on
Thanks,
Mike
>>> [EMAIL PROTECTED] 6/18/2004 9:02:18 AM >>>
Hi,
I'm completely new to this Digital Signature functionality and i would
like to know what do i need to create Private/Public keys to exchange
files with another entity, and also, if it i
Hi,
I'm completely new to this Digital Signature functionality and i would like to know
what do i need to create Private/Public keys to exchange files with another entity,
and also, if it is mandatory to create Certificates. If so, where can i send the
certificate a generate?
regard
[EMAIL PROTECTED] wrote:
Hi everyone!
I've got to write a plugin for Adobe Acrobat to make a digital signature
of a pdf receiving a PKCS#7 in input...I must admit I still haven't figured
out how that works.I mean...there should be two different cert the former
with the private key the l
Hi everyone!
I've got to write a plugin for Adobe Acrobat to make a digital signature
of a pdf receiving a PKCS#7 in input...I must admit I still haven't figured
out how that works.I mean...there should be two different cert the former
with the private key the latter with the public key,
On Thu, Nov 13, 2003, Jia L Wu wrote:
>
> Thanks, Nils. But which openssl command can I use to generate a public
> key file or extract public key from certificate file?
>
The 'x509' command will extract the public key from a certificate:
openssl x509 -in cert.pem -pubkey -noout >key.pem
Steve
Thanks, Nils. But which openssl command can I use to generate a public
key file or extract public key from certificate file?
On Thu, 13 Nov 2003, Nils Larsch wrote:
> Jia L Wu wrote:
> > Hi,
> > I used the following command to creat a signature.
> >
> > "openssl dgst -sign -out "
> >
> > Howev
Jia L Wu wrote:
Hi,
I used the following command to creat a signature.
"openssl dgst -sign -out "
However why the signature can not be verified using corresponding
self-signed certificate.
"openssl dgst -signature -verify "
What's wrong? Thanks.
What's the error message ? Btw: the '-verify' o
Hi,
I used the following command to creat a signature.
"openssl dgst -sign -out "
However why the signature can not be verified using corresponding
self-signed certificate.
"openssl dgst -signature -verify "
What's wrong? Thanks.
On Monday 03 November 2003 16:20, Nabil Fanaian wrote:
> >Does Win2k support ec cryptography at all ?
> >
> >Nils
>
> I believe it does. I have another ECC certificate that was issued by
> Certicom and it shows up as being valid in Win2k.
Strange, could you please send me the certicom certificate
>Does Win2k support ec cryptography at all ?
>Nils
I believe it does. I have another ECC certificate that was issued by
Certicom and it shows up as being valid in Win2k.
Nabil.
__
OpenSSL Project
n Win2k. The 'General' tab for the certificate reads "The
> integrity of this certificate cannot be guaranteed. The certificate
> may be corrupted or may have been altered.". The 'Certificate
> status' on the 'Certification Path' tab, reads "Th
of this
certificate cannot be guaranteed. The certificate may be corrupted or may
have been altered.". The 'Certificate status' on the 'Certification Path'
tab, reads "This certificate has an nonvalid digital signature."
What does this mean and how can I
The pkcs7_verify works in the first verification but I
dont know how to use that bio as an entry to the second
pkcs7_verify (in the first parameter p7), to check the
validity of the first signed pkcs7. Have you any idea?
I haven't found the function to do that.
Thanks
> On Mon, Dec 09, 2002 at
On Mon, Dec 09, 2002 at 04:16:12PM +0200, [EMAIL PROTECTED] wrote:
> Hi
>
> I've realised a signed pkcs7 with "pkcs7_sign", then I
> repeat the same function but the content is the first
> signed pkcs7, so I get a signed pkcs7 into a signed
> pkcs7. All works fine, but when I try to verify it,
Hi
I've realised a signed pkcs7 with "pkcs7_sign", then I
repeat the same function but the content is the first
signed pkcs7, so I get a signed pkcs7 into a signed
pkcs7. All works fine, but when I try to verify it, I
faced a problem with the second verification (the first
pkcs7_verify works
Hi all,
OpenSSL-0.9.7-beta4 for WinCE works fine except when I verify the digital
signature of my Attribute Certificate with the X.509 public
key.
I use the following command:
ASN1_item_verify(ASN1_ITEM_rptr(ASN1attributeCertificateInfo),
(X509_ALGOR *) ACasn1
ROTECTED]>
To: "'OpenSSL Users'" <[EMAIL PROTECTED]>
Sent: Tuesday, August 28, 2001 5:47 AM
Subject: RSA Digital Signature questions
> I'm looking for an example of a "RSA Digital Signature Using Hash
Function"
> (text followed by the signature).
>
hi Kim,
On Tue, 28 Aug 2001, Hellan,Kim KHE wrote:
> I'm looking for an example of a "RSA Digital Signature Using Hash Function"
> (text followed by the signature).
Probably the most relevant data structure is PKCS7 Signed.
> Does anyone know where to find a more techn
I'm looking for an example of a "RSA Digital Signature Using Hash Function"
(text followed by the signature).
Does anyone know where to find a more technical description of such a
signature (like the ASN.1 syntax) ?
Does anyone have a sample of such a signature including th
Oops, I forgot to send the attachments.
#include "firma.hh"
#include
#include
#include
#include
#include
#include
const int KEY_SIZE = 1024;
Bytes_sha Sha1 (string contr);
Bytes_sha Blow (Bytes_sha data, Bytes_sha key);
void Firma::Generar (string contr, Bytes_sha& pub, Bytes_sha& pr
[EMAIL PROTECTED] wrote:
>
> help!
>
> Im feeling a bit daft,
> but all im looking for is an example on implementing digital signatures,
> and I keep finding myself bogged down with theory!
>
> Can you point ,me in the direction of a coding example?
>
> thanks in anticipation!
>
> Sam Duncan
help!
Im feeling a bit daft,
but all im looking for is an example on implementing digital signatures,
and I keep finding myself bogged down with theory!
Can you point ,me in the direction of a coding example?
thanks in anticipation!
Sam Duncan
*
I need to get a persons name from a certificate. I can currently get the
user's email address very easily. Can anyone tell me how to do this?
Thanks,
Sean Walker
AtPac
BEGIN:VCARD
VERSION:2.1
N:Walker;Sean
FN:Sean Walker
EMAIL;PREF;INTERNET:[EMAIL PROTECTED]
REV:2901T203920Z
END:VCARD
> digital signatures be of the same size? What are the factors that
> determine the size of a digital signature?
>
> Thanks in advance,
>
> Milan
> __
> OpenSSL Project
o, how can
digital signatures be of the same size? What are the factors that
determine the size of a digital signature?
Thanks in advance,
Milan
__
OpenSSL Project http://www.openssl.org
User Support Ma
Hi All,
Can anyone help me to write some code that Extract the private key from
PKCS12 File ,extract the public key associated with the previous private
key
and make a digital signature of a digest with the private key?
I think I have to use PKCS12_parse() and EVP_SignInit but I don't kno
43 matches
Mail list logo
