Re: help //java.security.NoSuchAlgorithmException: 1.2.840.113549.1.5.13 SecretKeyFactory not available

Hi, I'm not an expert on this topic, but this is looks like of interest here: https://stackoverflow.com/questions/58488774/configure-tomcat-hibernate-to-have-a-cryptographic-provider-supporting-1-2-840-1 23 Aug 2022 10:34:51 李周华 : > Hi , guys > > >    I have use the follow openssl commands to c

Re: Help needed with X509_STORE_CTX structure

On Mon, May 09, 2022 at 06:00:14AM +, Srinivas, Saketh (c) wrote: > I need to set the current_issuer field in an object of the > X509_STORE_CTX structure. Can any suggest the setter function for > this. You almost certainly don't *need* to do this. What is the actual high-level task you're t

Re: Help with TLS call on openssl3

On 24/01/2022 12:58, Srinivas, Saketh (c) wrote: HI, I am using Openssl3. while Run a TLS call, call connected successfully, but at the end of the call i got the error message: SSL3 alert write:fatal:decode error  SSL error (a000126): unexpected eof while reading This is a new error mes

Re: Help Required For Code Changes While Upgrading OpenSSL 1.0.1 to 3.0

On 20/10/2021 10:57, Kumar Mishra, Sanjeev wrote: Hi, I am upgrading the code from OpenSSL 1.0.1 to 3.0. I am getting following compilation errors. Could you please suggest appropriate changes for following- 1. X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE);   error: 'X509er

Re: Help Needed for deprecated functions and macros like "CRYPTO_num_locks()" , "CRYPTO_LOCK" ......etc

Locking in OpenSSL 1.1.1 and later is completely different.  You no longer need to and should not try to register the locking callbacks. Pauli On 17/8/21 11:59 pm, Kumar Mishra, Sanjeev wrote: Hi All, I am upgrading the code from OpenSSL 1.0.1 to OpenSSL 3.0. I am getting compilation errors f

Re: Help request

On Fri, Apr 16, 2021 at 04:27:23PM +, Richard Simard wrote: > root@PKI:/# /usr/bin/openssl ca > -selfsign ^ > -config /etc/root-ca.conf > -in /ca/network-ca/csr/network-ca.csr > -out /ca/network-ca/crt/network-ca.crt > -extensions intermediate_ca_ext > -startdate 202101

RE: Help request

I juste add this: (stdin)= a9ea3acfbc9406a774245ac029d8d9f2 root@PKI:/# /usr/bin/openssl req -in /ca/network-ca/csr/network-ca.csr -noout -modulus | openssl md5 (stdin)= a9ea3acfbc9406a774245ac029d8d9f2 -Message d'origine- De : openssl-users De la part de Richard Simard Envoyé : 16 av

Re: Help with i2d_CMS_bio_stream from OpenSSL 1.0 to OpenSSL 1.1.1j

L_1.0.2_to_OpenSSL_1.1.1_guide >> >> >> >> -Tom >> >> >> >> *From:* openssl-users *On Behalf Of * >> Fabio >> *Sent:* Tuesday, April 13, 2021 12:59 AM >> *To:* openssl-users@openssl.org >> *Subject:* Re: Help with i2d_CMS

Re: Help with i2d_CMS_bio_stream from OpenSSL 1.0 to OpenSSL 1.1.1j

gt; *Sent:* Tuesday, April 13, 2021 12:59 AM > *To:* openssl-users@openssl.org > *Subject:* Re: Help with i2d_CMS_bio_stream from OpenSSL 1.0 to OpenSSL > 1.1.1j > > > > Hi, > > no one have some hints? > > > > Il giorno gio 8 apr 2021 alle ore 10:53 Fabio ha > scritto

RE: Help with i2d_CMS_bio_stream from OpenSSL 1.0 to OpenSSL 1.1.1j

Hello, Are there any clues for you here? https://wiki.tizen.org/Security/Tizen_5.X_Migration_from_OpenSSL_1.0.2_to_OpenSSL_1.1.1_guide -Tom From: openssl-users On Behalf Of Fabio Sent: Tuesday, April 13, 2021 12:59 AM To: openssl-users@openssl.org Subject: Re: Help with i2d_CMS_bio_stream

Re: Help with i2d_CMS_bio_stream from OpenSSL 1.0 to OpenSSL 1.1.1j

Hi, no one have some hints? Il giorno gio 8 apr 2021 alle ore 10:53 Fabio ha scritto: > Hi all, > I have a problem upgrading my code from openssl 1.0 to the last 1.1.1j. > Using an older version, I exported the CMS code in order to extend and > modify some calculations. I used i2d_CMS_bio_stream

Re: Help with SSL 8152 SEC_ERROR_INVALID_KEY Intermittent Error (first post please be kind!)

Hi Craig, On Wed, Dec 09, 2020 at 08:35:46PM +0900, Craig Henry wrote: > Hi, > > This is my first post to this list so please be kind! > > Environment - Linux Centos > SSL - 1.0.2k19-el7 > > Connection - CURL (via PHP) with public / private key auth + http basic auth > > We're having an issue

Re: Help with SSL 8152 SEC_ERROR_INVALID_KEY Intermittent Error (first post please be kind!)

On 09/12/2020 11:35, Craig Henry wrote: > Hi, > > This is my first post to this list so please be kind! > > Environment - Linux Centos > SSL - 1.0.2k19-el7 > > Connection - CURL (via PHP) with public / private key auth + http basic auth > > We're having an issue where we are seeing intermitt

Re: Help with SSL 8152 SEC_ERROR_INVALID_KEY Intermittent Error (first post please be kind!)

Hi, curl on RHEL-7 and Centos 7 uses NSS and not OpenSSL as the TLS backend. So this is unfortunately a wrong mailing list to ask. Tomas Mraz On Wed, 2020-12-09 at 20:35 +0900, Craig Henry wrote: > Hi, > > This is my first post to this list so please be kind! > > Environment - Linux Centos >

Re: Help with certificatePolicies section

MECapability.3 = SEQWRAP, OID:aes-256-ecb > SMIMECapability.4 = SEQWRAP, OID:aes-256-cbc > SMIMECapability.5 = SEQWRAP, OID:aes-256-ofb > SMIMECapability.6 = SEQWRAP, OID:aes-128-ecb > SMIMECapability.7 = SEQWRAP,

RE: Help with certificatePolicies section

= 1.3.6.1.4.1.51063.0.1.0 GroupeSTIDevice = 1.3.6.1.4.1.51063.0.1.1 GroupeSTIAssuranceEV= 1.3.6.1.4.1.51063.0.1.2 De : openssl-users De la part de Libor Chocholaty Envoyé : 6 avril 2020 16:42 À : openssl-users@openssl.org Objet : Re: Help with certificatePol

Re: Help with certificatePolicies section

Hi, could you share commands that led to this error? It looks to me referenced non existent section in config file like as param "-extensions" option. Regards, Libor On 2020-04-06 19:43, Richard Simard wrote: > Hi! > > Anybody can help me whit this error? > > Error Loading extension se

Re: Help on Diffie Hellman key exchange

Thanks Rich, On Wed, Nov 13, 2019 at 12:34 PM Salz, Rich wrote: > *>*For using 1.1.0, we only need to call RAND_bytes() ? > > > > Yes. But do check the return value of RAND_bytes. >

Re: Help on Diffie Hellman key exchange

On Wed, Nov 13, 2019 at 12:23:37PM -0500, Jason Qian via openssl-users wrote: > Here is the code for creating the key (openssl-0.9.8h) Is this is a new question? It seems to no longer be related to DH key agreement. > int AESCipher::createKey(unsigned char *buf, int keySize) { > char seed[256];

Re: Help on Diffie Hellman key exchange

>For using 1.1.0, we only need to call RAND_bytes() ? Yes. But do check the return value of RAND_bytes.

Re: Help on Diffie Hellman key exchange

Thanks Rich and Tomas, Here is the code for creating the key (openssl-0.9.8h) int AESCipher::createKey(unsigned char *buf, int keySize) { char seed[256]; ::sprintf(seed, "%ldXXX_XXX_H__x__xxx_x_xxx__INCLUDED_", MiscUtils::generateId()); RAND_seed(seed, ::strlen(seed)); RAND_bytes

Re: Help on Diffie Hellman key exchange

> On Nov 12, 2019, at 3:14 AM, Tomas Mraz wrote: > > Could it be a padding issue? I.E. use DH_compute_key_padded() instead. Do we have an open issue to document DH_compute_key_padded(3)? It should be documented right next to DH_compute_key(3), with some words to suggest that the caller needs to

Re: Help on Diffie Hellman key exchange

>RAND_seed(seed, ::strlen(seed)); >RAND_bytes(buf, keySize / 8); I don’t know where you are getting the seed, but it is typically binary data, not a C string. If you are using 1.1.0 or later, you do not need to seed things.

Re: Help on Diffie Hellman key exchange

On Wed, 2019-11-13 at 11:11 -0500, Jason Qian wrote: > Hi Tomas, > >Using DH_compute_key_padded() seems fixed the problem. > > I have one more question regarding a similar issue but this time is > about AES key generation. > > I think the problem is related to RAND_seed or RAND_bytes

Re: Help on Diffie Hellman key exchange

Hi Tomas, Using DH_compute_key_padded() seems fixed the problem. I have one more question regarding a similar issue but this time is about AES key generation. I think the problem is related to RAND_seed or RAND_bytes (someone also mentioned on another thread). RAND_seed(seed, ::strl

Re: Help on Diffie Hellman key exchange

Thanks Tomas, I will try that. On Tue, Nov 12, 2019 at 3:14 AM Tomas Mraz wrote: > On Mon, 2019-11-04 at 17:34 -0500, Jason Qian via openssl-users wrote: > > Hi > > > >We have an application that does the Diffie Hellman key exchange > > (OpenSSL/1.1.0f). > >It works fine, but under heav

Re: Help on Diffie Hellman key exchange

On Mon, 2019-11-04 at 17:34 -0500, Jason Qian via openssl-users wrote: > Hi > >We have an application that does the Diffie Hellman key exchange > (OpenSSL/1.1.0f). >It works fine, but under heavy loaded conditions, sometimes an > invalide secret been generated and other side couldn't dec

Re: help - building OpenSSL fips for 64 bit Android

>that the setenv-android.sh script doesn't account for 64 bit architectures. Correct. The current FIPS module has not been modified for quite some time, and your platform is not supported. If you cannot follow the steps *exactly* you cannot claim FIPS validation. The OpenSSL project is wo

Re: help - building OpenSSL fips for 64 bit Android

Forgot to mention I am trying to cross compile on a MacBook Pro (15-inch, 2017) running MacOS 10.14.5 -- Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html

Re: Help

SLES 10 is 13 years old and stopped receiving (security) updates three years ago. The best course of action here is to upgrade the operating system. -Marian Am 22.05.19 um 11:16 schrieb pcraghavendra.pra...@dell.com: > Hi Team, > >   > > Need help on the openssl library. > > We want to upgrad

RE: Help

You may have missed the openSSL wiki which is not always obvious to reach when you start …. Do not forget to initialize openSSL in your code as explained at http://wiki.openssl.org/index.php/Libcrypto_API A good place to get a grip on the relev

RE: Help diagnosing SSL connection problem needed

> From: owner-openssl-us...@openssl.org On Behalf Of Kyle Hamilton > Sent: Thursday, August 07, 2014 16:48 > Your client is saying that it's failing the certificate verification of > the server certificate. It's probably not using the CAfile that you > passed to openssl s_client. > > -Kyle H >

Re: Help diagnosing SSL connection problem needed

Hi Kyle, Thanks See below On Thu, Aug 7, 2014 at 4:47 PM, Kyle Hamilton wrote: > Your client is saying that it's failing the certificate verification of > the server certificate. It's probably not using the CAfile that you > passed to openssl s_client. > > -Kyle H > Actually, I can confirm t

Re: Help diagnosing SSL connection problem needed

Your client is saying that it's failing the certificate verification of the server certificate. It's probably not using the CAfile that you passed to openssl s_client. -Kyle H On 8/5/2014 12:19 PM, Ted Byers wrote: > I have Perl code, which uses a library that in turn uses openssl for > HTTPS co

Re: Help with export key as ASN.1 type EncryptedPrivateKeyInfo

On 15/07/14 15:05, Dr. Stephen Henson wrote: On Mon, Jul 14, 2014, Martin Basti wrote: Hi list, I have RSA encrypted private key as byte sequence, and I need to export it as ASN.1 type EncryptedPrivateKeyInfo (RFC5958 section 3.) Currently I use the following code (shortened): unsigned char

Re: Help with export key as ASN.1 type EncryptedPrivateKeyInfo

On Mon, Jul 14, 2014, Martin Basti wrote: > Hi list, > > I have RSA encrypted private key as byte sequence, and I need to > export it as ASN.1 type EncryptedPrivateKeyInfo (RFC5958 section 3.) > > Currently I use the following code (shortened): > > unsigned char *pkey; //assigned encrypted prim

Re: help with error

Maybe it's not a bug, but a feature. Steven might wish to bring the issue to the attention of the dev team (openssl-...@openssl.org) for code inspection, discussion and an agreed way forward with the core team. Cheers Lakhsa On 04/07/2014 18:33, Jakob Bohm wrote: > On 7/3/2014 8:52 PM, Michael S

Re: help with error

On 7/3/2014 8:52 PM, Michael Sierchio wrote: My Windoze knowledge is hazy, and from the distant past, but if you're running this in a CMD window, you may simply need to increase the available memory from the default for that process. Too hazy, I am afraid. Those memory settings are/were only

Re: help with error

Seems to be the second case. Code check on master: In app/req.c:1561 the call if(!X509_REQ_add1_attr_by_NID(req, nid, chtype, (unsigned char *)buf, -1)) { works through crypto/x509/x509_att.c:313 if ((len == -1) && !(attrtype & MBSTRING_FLAG)) { if (!

RE: help with error

> From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Jakob Bohm > Sent: Thursday, 03 July, 2014 12:22 > > On 7/3/2014 5:50 PM, Steven Kinney wrote: > > I enter the following command, as instructed by Cisco: > > > > req -new -config c:\openssl\share\opens

Re: help with error

gt; >> >> Original message >> From: Jakob Bohm >> Date:07/03/2014 1:23 PM (GMT-06:00) >> To: openssl-users@openssl.org >> Subject: Re: help with error >> >> On 7/3/2014 5:50 PM, Steven Kinney wrote: >>> I enter the foll

Re: help with error

> > Sent on the new Sprint Network from my Samsung Galaxy S®4. > > > Original message > From: Jakob Bohm > Date:07/03/2014 1:23 PM (GMT-06:00) > To: openssl-users@openssl.org > Subject: Re: help with error > > On 7/3/2014 5:50 PM, Steven Kinney

RE: help with error

No. Running on my Dell laptop. Sent on the new Sprint Network from my Samsung Galaxy S®4. Original message From: Jakob Bohm Date:07/03/2014 1:23 PM (GMT-06:00) To: openssl-users@openssl.org Subject: Re: help with error On 7/3/2014 5:50 PM, Steven Kinney wrote: > I enter

Re: help with error

On 7/3/2014 5:50 PM, Steven Kinney wrote: I enter the following command, as instructed by Cisco: req -new -config c:\openssl\share\openssl.cnf -newkey rsa:1024 -nodes -keyout mykey.pem -out myreq.pem And I get the following error: Please enter the following 'extra' attributes to be sent with

Re: Help me for ECDHE algorithm

On 16 April 2014 05:48, chetan wrote: > If this is only ECDH than how to perform ECDHE? > what changes i have to made in this code? Well the final E in ECHDE stands for ephemeral. It is not really a difference in the way the algorithm itself works, but more about how it is used. With ECDH both pa

Re: Help me for ECDHE algorithm

If this is only ECDH than how to perform ECDHE? what changes i have to made in this code? -- View this message in context: http://openssl.6102.n7.nabble.com/Help-me-for-ECDHE-algorithm-tp49168p49499.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __

RE: Help me for ECDHE algorithm

> From: owner-openssl-us...@openssl.org On Behalf Of chetan > Sent: Monday, April 14, 2014 00:42 > xxx.c is my program file. > So, i'm compile simply like "cc xxx.c ". > I am Gettting [undefined reference] This is basic C programming. Whenever you link (not just compile) a C program that uses a

RE: help upgrading to 1.0.1g

First of all, what system are you using? _ From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of laxminarayana.ganes...@maersk.com Sent: Tuesday, April 15, 2014 1:40 AM To: openssl-users@openssl.org Subject: help upgrading to 1.0.1g Hi Team,

Re: Help me for ECDHE algorithm

On 15 April 2014 05:40, chetan wrote: > Thanks to you...it's working. > Now i have one last query for you. > I'm generating public and private key files using command line openssl. I > generated 2 .PEM files each for public and private key. > Now i want to generate shared secret from that files us

Re: Help me for ECDHE algorithm

Thanks to you...it's working. Now i have one last query for you. I'm generating public and private key files using command line openssl. I generated 2 .PEM files each for public and private key. Now i want to generate shared secret from that files using APIs like EVP_PKEY_derive and others. So,Can

Re: Help me for ECDHE algorithm

On 14 April 2014 05:42, chetan wrote: > xxx.c is my program file. > So, i'm compile simply like "cc xxx.c ". > I am Gettting errors as below: > xxx.c:(.text+0x19): undefined reference to `EVP_PKEY_CTX_new' > xxx.c:(.text+0x30): undefined reference to `EVP_PKEY_derive_init' > xxx.c:(.text+0x48): un

Re: Help me for ECDHE algorithm

xxx.c is my program file. So, i'm compile simply like "cc xxx.c ". I am Gettting errors as below: xxx.c:(.text+0x19): undefined reference to `EVP_PKEY_CTX_new' xxx.c:(.text+0x30): undefined reference to `EVP_PKEY_derive_init' xxx.c:(.text+0x48): undefined reference to `EVP_PKEY_derive_set_peer' xxx

Re: Help me for ECDHE algorithm

On 11 April 2014 06:25, chetan wrote: > I tried your sample code but compiler showing error like "Undefined refrence > to EVP_PKEY_CTX_new" although i included header file "openssl/evp.h". > You have any idea why this errors occuring??? > And by the way thanks for the help friend. Please 1) Post

Re: Help me for ECDHE algorithm

I tried your sample code but compiler showing error like "Undefined refrence to EVP_PKEY_CTX_new" although i included header file "openssl/evp.h". You have any idea why this errors occuring??? And by the way thanks for the help friend. -- View this message in context: http://openssl.6102.n7.nab

Re: Help me for ECDHE algorithm

On 10 April 2014 07:29, chetan wrote: > Thanks for giving time to me. I was given a task that i have to implement > ECDHE algorithm means i can use openssl. > So, can you please tell me what i have to do after generatic public and > private key files. How to generate shared secret and what next a

Re: Help me for ECDHE algorithm

Thanks for giving time to me. I was given a task that i have to implement ECDHE algorithm means i can use openssl. So, can you please tell me what i have to do after generatic public and private key files. How to generate shared secret and what next after that. Thanks again -- View this messag

Re: Help me for ECDHE algorithm

On 9 April 2014 08:39, chetan wrote: > I am newer to this and i want to make ECDHE algorithm for cilient-server. > Can anyone tell me basic steps and functions to do this. all response are > acceptable. > Thankss in advance > Its unclear from your question whether you are l

Re: Help regarding Compile FIPS compliant OpenSSL on Windows platform

Dear OpenSSL users, I would like to post my successful compilation of FIPS compliant OpenSSL Regards Imran Sher Din *= Building OpenSSL for Visual Studio 2005/2008/2010 =* *= Requirements

Re: Help: DecryptFinal error

Sent from iTouch > On Mar 7, 2014, at 11:42 AM, "Li, David" wrote: > > Hi, > > I am new to openssl C APIs. So I wrote a simple test to encrypt and decrypt a > 15 byte ASCII string using AES128. The encryption seems OK and the encrypted > length is 16. But the decryption always failed at

Re: Help: DecryptFinal error

On Mar 8, 2014, at 11:23 AM, Larry Bugbee wrote: > On Mar 7, 2014, at 11:42 AM, "Li, David" wrote: > >> Hi, >> >> I am new to openssl C APIs. So I wrote a simple test to encrypt and decrypt >> a 15 byte ASCII string using AES128. The encryption seems OK and the >> encrypted length is 16. B

Re: Help regarding Compile FIPS compliant OpenSSL on Windows platform

Bonjour Dr Stephen N. Henson, Your reply was very helpful to me. I got FIPS compliant OpenSSL exe lib and dll files. Thanks :) I am also sharing the end to end steps as reference for some new users for their help. == End to end steps to Compile

Re: Help regarding Compile FIPS compliant OpenSSL on Windows platform

On Sun, Mar 02, 2014, Scott Thomas wrote: > Bonjour Users, > > I am compiling fips enabled/compliant openssl with openssl-fips-2.0 & > openssl.1.0 from Visual studio 2008 on windows XP SP3. I am running the > commands as listed in the Article 4.3 (Building and Installing the FIPS > Object Modu

Re: Help. required regarding CVE-2013-0169

I too face this same scenario as Raajeesh. Can anyone provide details on the exact patch for CVE-2013-0169 that was applied to OpenSSL version 0.9.8y? Thank you, ~Ryan On 03/06/2013 12:15 AM, Raajesh Sivaramakrishnan wrote: Hi, The product that I am working on is running on OpenSSL versi

RE: Help me understand how this should work:

Ø I guess I need to know what to research to make all of these guys sort of use the same cert. is this what chaining could do for me? Not sure why you need or want a single cert, but if you do then one cert with multiple subjectAltName extensions should do it. /r$ -- Principa

Re: Help creating certificate chain

Please let me know the openssl commands So far I've create a Root CA I created an intermediate CA and signed it's certificate with the Root CA I created an end user certificate and signed it with the intermediate CA. Thanks -- View this message in context: http://openssl.6102.n7.nabble.com/He

Re: Help in loading EC_KEY

On Thu, Dec 13, 2012 at 4:04 AM, jeetendra gangele wrote: > HI, > > I am trying to sign the data using EC-DSA algorithm. > i have the private key to sign the data and I could load using > EC_KEY_set_private_key. > But when check the loaded key its failing with the error code below. > error:100B104

RE: Help with client certificates

n Sent: Thursday, July 26, 2012 6:42 PM To: openssl-users@openssl.org Subject: Re: Help with client certificates On Wed, Jul 25, 2012, Fili, Tom wrote: > I'm trying to setup my application to allow for the use of client > certificates. I am using the capi engine to pull from the Windows st

Re: Help with client certificates

On Wed, Jul 25, 2012, Fili, Tom wrote: > I'm trying to setup my application to allow for the use of client > certificates. I am using the capi engine to pull from the Windows store. > > I setup my ssl connection and it works fine if I set the correct > certificate using SSL_CTX_use_certificate_AS

RE: Help with openssl FIPS on AIX

- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: Wednesday, May 30, 2012 8:13 AM To: openssl-users@openssl.org Subject: Re: Help with openssl FIPS on AIX On Wed, May 30, 2012, Brewster, Scott wrote: > > I am not sure

Re: Help with openssl FIPS on AIX

On Wed, May 30, 2012, Brewster, Scott wrote: > > I am not sure how I should interpret this - do I expand the 0.9.8w tar > file into the same directory as were I did the openssl-fips? Do I just > expand 0.9.8w.tar into its own directory and proceed with the config > fips, make and make install st

RE: Help with openssl FIPS on AIX

To: openssl-users@openssl.org Subject: Re: Help with openssl FIPS on AIX On Fri, May 25, 2012, Brewster, Scott wrote: > We have openssl-fips installed on 1 system. I have been asked to > update it to openssl 0.9.8w. The person who did this previously is no > longer available, so I can

Re: help

Openssl comes with a command line interface also. Type openssl on terminal and you will see it. This talks about using the openssl commands in a batch file .. Hope this helps! On Sat, May 26, 2012 at 5:52 AM, Feras Elias wrote: > hello > > i need help with this question > > Write a command li

Re: Help with openssl FIPS on AIX

On Fri, May 25, 2012, Brewster, Scott wrote: > We have openssl-fips installed on 1 system. I have been asked to update > it to openssl 0.9.8w. The person who did this previously is no longer > available, so I cant ask him what he did... > > > > I have downloaded, compiled and installed opens

RE: Help me find the SSL wrapper/another solution

ay 12, 2012 2:54 PM To: openssl-users@openssl.org Subject: Re: Help me find the SSL wrapper/another solution demos/state_machine demos/tunala On Tue, May 8, 2012 at 2:17 PM, Marcin Głogowski wrote: > Hello, > I have to write non blocking SSL/TLS server based on the OpenSSL library. > I cou

Re: Help me find the SSL wrapper/another solution

demos/state_machine demos/tunala On Tue, May 8, 2012 at 2:17 PM, Marcin Głogowski wrote: > Hello, > I have to write non blocking SSL/TLS server based on the OpenSSL library. > I couldn't find any example/tutorial with this. > Please write me where can I find some client/server examples or simple

RE: Help me find the SSL wrapper/another solution: nonblocking

> From: owner-openssl-us...@openssl.org On Behalf Of Marcin Glogowski > Sent: Tuesday, 08 May, 2012 09:18 > Hello, > I have to write non blocking SSL/TLS server based on the > OpenSSL library. > I couldn't find any example/tutorial with this. > Please write me where can I find some client/server

RE: Help in Understanding

> From: owner-openssl-us...@openssl.org On Behalf Of Dave Thompson > Sent: Saturday, 03 December, 2011 20:44 > > 2. Is there any way to decrypt Application data (HTTP > > data) on wireshark itself ? > > If using kRSA and you have/get the server's private key, yes. > Edit / Preferences / Protoc

RE: Help in Understanding

> From: owner-openssl-us...@openssl.org On Behalf Of Mr.Rout > Sent: Saturday, 03 December, 2011 02:59 Aside: this item was apparently delayed in master.openssl.org from 03.0758Z to 03.1907Z and delivered to my mailhost 03.1914Z. > Can somebody please clarify my silly questions ? I need to > un

RE: Help neede Generating a V3 self-signed certificate from a CSR

> From: owner-openssl-us...@openssl.org On Behalf Of Benoit Rouleau > Sent: Friday, 11 November, 2011 12:19 > I have a problem. I am attempting to generate a self-signed > (for internal use) certificate with multiple SAN and all I can get > is a V1 certificate with no SAN at al

RE: help please: commandline & DOS basics

> From: owner-openssl-us...@openssl.org On Behalf Of Abdulhadi Abulzahab > Sent: Saturday, 05 November, 2011 12:32 > 1 - I want to use the " sha1" command but I need the result to go > into txt file not only to appear on the screen > otherwise I need to print the result o

Re: help please

From: Abdulhadi Abulzahab > 1 - I want to use the " sha1" command but I need the result to go into txt file Search for any dos/windows shell tutorial... And then search about redirections (> file). > 2 - I want to create a simple batch file  contains the sha1 command I typed > in the cmd : >

RE: Help in Generating Chained ROOT Certificate

> From: owner-openssl-us...@openssl.org On Behalf Of ramaswamy > Sent: Thursday, 03 November, 2011 07:44 > Try this...if you need some extensions you can add those in > openssl.cnf. > Several minor errors, and some infelicities. > > export OPENSSL_CONF=./openssl.cnf > PATH=.:$PATH > > # Root C

RE: Help in Generating Chained ROOT Certificate

Sign, cRLSign > subjectKeyIdentifier=hash > #authorityKeyIdentifier=keyid:always,issuer:always > authorityKeyIdentifier=keyid:always > #basicConstraints= critical, CA:TRUE, pathLenConstraint:0 > basicConstraints= critical, DER:30:06:01:01:ff:02:01:00 > > > > Regards > Ram >

RE: Help in Generating Chained ROOT Certificate

:00 Regards Ram -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Mr.Rout Sent: Thursday, November 03, 2011 10:28 AM To: openssl-users@openssl.org Subject: RE: Help in Generating Chained ROOT Certificate Thanks Dave. Probably i h

Re: Help in Generating Chained ROOT Certificate

Hi, Perhaps you should have a look at : http://www.cs.odu.edu/~cs772/sourcecode/NSwO/v1.3/NSwO-1.3/ssl/ The Makefile and *.cnf are used to generate root, CA, server and client certificates and keys for test purpose. Hope this example ( from http://www.opensslbook.com/code.html ) will inspire

RE: Help in Generating Chained ROOT Certificate

Thanks Dave. Probably i have not understood the things properly. After surfing through Google i got confused. Actually I am doing TLS Client Testing which authenticate the Server(www.https.com in my example). Steps I followed to achieve this: 1) Created a Self signed Certificate where Issuer &

RE: Help in Generating Chained ROOT Certificate

> From: owner-openssl-us...@openssl.org On Behalf Of Mr.Rout > Sent: Monday, 31 October, 2011 13:43 > I am newbie to Openssl. I am confused about Chained ROOT > certificates? > Could someone please guide me the step by step approach for generating > Chained ROOT certificate? > > e.g. My Server

Re: Help Needed: SSL Connect starting from a weird state

My initial analysis of this was very misleading. I have to apologize for that. The problem was that during the first part of the handshake (clienthello), the call failed without anything being written out. Tracing ssl23_client_hello() in s23_clnt.c showed that the following statement returned false

Re: Help compiling,assembling and linking RC4 code.

On 19 Aug 2011, at 4:08 AM, rastir...@rastirrat.force9.co.uk wrote: > What I am try to do is build the assembly language version of RC4. So far > I have been able to create the rc4-586.asm file by running the rc4-586.pl > script. > > I specifically want to run rc4speed and rc4test but using the

RE: Help with PKCS7 format

Thanks for the answer and for clearing things, but I actually managed to do it last weekend. It was a delay in posting on the forum. But really thanks, because now I see that I have done things right.

RE: Help with PKCS7 format

> From: owner-openssl-us...@openssl.org On Behalf Of Claudiu Stanciu > Sent: Saturday, 11 June, 2011 12:32 Aside: not sure what this delay is. Headers (on my copy, going up) show originate yahoo near 06-11 09:32 -7 = 16:32Z and (consistent) Received by master.openssl.org 06-11 18:34

Re: Help with PKCS7 format

Need some help again. I'm doing the decryption now. Done almost everything, but have a question related to the public key of the recipient. So i encrypted a text into PKCS7 enveloped data. Now, I am reading from that structure the symmetric key IV and the encrypted data with the symmetric key. H

RE: Help building FIPS openssl (suitable for apache)

> Date: Sun, 12 Jun 2011 04:10:39 +0200 > From: st...@openssl.org > To: openssl-users@openssl.org > Subject: Re: Help building FIPS openssl (suitable for apache) > > On Fri, Jun 10, 2011, Sam Theman wrote: > > > > > Hello, > > > > First off, I AM tr

Re: Help building FIPS openssl (suitable for apache)

On Fri, Jun 10, 2011, Sam Theman wrote: > > Hello, > > First off, I AM trying to follow the FIPS/OPENSSL user guide > > What am I doing wrong: > > 1.) downloaded fips openssl 1.2.3 > > 2) ./config fipscanisterbuild > make > make install > > > 3.) ./config fips --with-fipslibdir=/usr

Re: Help with PKCS7 format

On Fri, Jun 10, 2011, Claudiu Stanciu wrote: > Hy. I am trying to encrypt a text into a pkcs7 format without using > PKCS7_encrypt, because i want to control the key used. So I have done almost > everything, but can't put the IV in the pkcs7 data. trying to obtain a PKCS7 > enveloped data with

Re: [help] how to load the privatekey from char[] = "MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9..."

> > Now I'm trying to replace the filepath with char[] which has all characters > of the file. > > I just did this today. Do something like this, where privateKeyString is your unsigned char array with your PEM file contents in it: BIO* bp = BIO_new_mem_buf(privateKeyString, -1);/

RE: Help me fix this code

> From: owner-openssl-us...@openssl.org On Behalf Of Muhammed Shafeek > Sent: Monday, 02 May, 2011 04:48 > Hi Peter, > Add padding for CBC mode encryption. > Or u can use CFB mode. EVB_bf_cfb() Unnecessary. EVP_bf_cbc (or EVP_*_cbc) already does PKCS5 padding. (If yo

Re: Re: Re: Help me fix this code

Hi Peter, The extra string in o/p is due to error in coding. u r passing incorrect length in EVP_DecryptUpdate. if (!(EVP_DecryptUpdate(&dctx, dec_outbuf, &decoutlen, enc_outbuf, output_buf_size))) change above line to if (!(EVP_DecryptUpdate(&dctx, dec_outbuf, &decoutlen, enc_outbuf, enco

Re: Re: Help me fix this code

Hi Peter, The extra string in o/p is due to error in coding. u r passing incorrect length in EVP_DecryptUpdate. if (!(EVP_DecryptUpdate(&dctx, dec_outbuf, &decoutlen, enc_outbuf, output_buf_size))) change above line to if (!(EVP_DecryptUpdate(&dctx, dec_outbuf, &decoutlen, enc_outbuf, encoutlen

Re: Re: Help me fix this code

Hi Peter, Add padding for CBC mode encryption. Or u can use CFB mode. EVB_bf_cfb() -Shafeek Hi, Thank you for the reply. I have edit the code. Source Code: //gcc blowfish2.c -L/usr/local/ssl/lib/ -lssl -lcrypto -Wall #include #include #include #include #include #define input_

  1   2   3   4   >