On 8/17/2021 9:47 PM, Sands, Daniel via openssl-users wrote:
The dump you show below is:
Attributes (set, tagged with a 0, optional)
Version
privateKeyAlgorithm
privateKey
This is a PKCS#8 packet for a key. The encapsulated data is the RSA public key
in PKCS1 format. I know OpenSSL has built-
> My latest attempt to code the below DER is this. It compiles, but the d2i
> segfaults on apparently the second element.
>
> Anything obviously wrong?
>
> typedef struct {
> ASN1_INTEGER *version;
> ASN1_INTEGER *serialNumber;
> X509_ALGOR *signature;
> X509_PUBKEY *key;
>
My latest attempt to code the below DER is this. It compiles, but the d2i
segfaults on
apparently the second element.
Anything obviously wrong?
typedef struct {
ASN1_INTEGER *version;
ASN1_INTEGER *serialNumber;
X509_ALGOR *signature;
X509_PUBKEY *key;
} TPM_ADDTOCERT;
ASN1_S
On 8/17/2021 12:57 PM, Sands, Daniel via openssl-users wrote:
Now I would like to do the other end, where I have der and I want to
parse back to the structure, using d2i()
1 - Is there a tutorial on this?
Seems like you don't need one. If you got i2d working you should have d2i
al
> >> Now I would like to do the other end, where I have der and I want to
> >> parse back to the structure, using d2i()
> >>
> >> 1 - Is there a tutorial on this?
> >
> > Seems like you don't need one. If you got i2d working you should have d
which created the i2d() function.
It should also give you the d2i() function too!
Now I would like to do the other end, where I have der and I
want to parse back to the structure, using d2i()
1 - Is there a tutorial on this?
Seems like you don't need one. If you got i2d working you s
should also give you the d2i() function too!
Now I would like to do the other end, where I have der and I
want to parse back to the structure, using d2i()
1 - Is there a tutorial on this?
Seems like you don't need one. If you got i2d working you should have
d2i already!
Matt
2
der and I
want to parse back to the structure, using d2i()
1 - Is there a tutorial on this?
2 - Can someone show me this structure?
The DER is a version, serial number, signature algorithm,
public key algorithm, and public key.
The dump looks like this:
0 337: SEQUENCE {
4 3: . [0] {
6
A migration guide is being worked on in
https://github.com/openssl/openssl/pull/14710
You might want to provide feedback with comments there to help making sure
useful information is not left out.
Nicola
P. S. It's a pity that a lot of external resources, including blog post,
articles and stac
ammer will need do this work, if possible before releasing
OpenSSL 3, so a tutorial can be very useful
2632
Support: 888.281.5182 | avigilon.com
Follow Twitter | Follow LinkedIn
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of pl
Sent: Wednesday, November 25, 2015 9:50 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Ask for a tutorial on EC...
On 25/11/2015
On 25/11/2015 18:18, Matt Loah wrote:
> Hi all,
>
> Has anyone a little tutorial on how to use OpenSSL APIs to implement
> an encryption / decryption code using Elliptic Curves ?
>
> Thanks,
>
> Matt L.
>
>
> ___
Hi all,
Has anyone a little tutorial on how to use OpenSSL APIs to implement an
encryption / decryption code using Elliptic Curves ?
Thanks,
Matt L.
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
I would like to implement pre-shared keys using OpenSSL (another mechanism is
being used to provide for a common secret at all nodes to be used as a
symmetric key). My goal is for OpenSSL to simply load the key from a local
location and use it. No certificates should be involved.
I notice two f
ures. (I don't believe
that's proprietary information, and anyone with a copy of Visibroker can easily
discover it by trying to use such a certificate.) My guess is it's not the only
one.
That said, I think it makes sense to use SHA-256 in the tutorial. Anyone using
it who
On Thu, Mar 27, 2014 at 2:47 AM, Stefan H. Holek wrote:
> No reason. Just for maximum compatibility. Every software can do SHA1. But
> this comes up a lot and I might switch to sha256 the next time around.
It appears that even what most "legacy" web browsers and servers
support sha256, given the
On 27.03.2014, at 13:32, Walter H. wrote:
> Does this mean, you use certificates with a complete chain of at least 4
> certificates?
>
> - root ca cert. no pathlen
> - intermediate ca cert. also no pathlen
> - signing ca cert. with pathlen
> - end cert
Yes, the expert example does that.
> what
Hello,
On Thu, March 27, 2014 10:47, Stefan H. Holek wrote:
>> 3. Is there a reason to not set a pathLen in the basicConstraints
>> section of the Root CA's (to 1, to allow a maximum of one layer of
>> CA's below the Root), but to do so on the Intermediate CA's?
>
> Pathlen is not used on root CA
Le 27/03/2014 11:14, Jeffrey Walton a écrit :
On Thu, Mar 27, 2014 at 5:47 AM, Stefan H. Holek wrote:
On 25.03.2014, at 17:44, Zack Williams wrote:
...
3. Is there a reason to not set a pathLen in the basicConstraints
section of the Root CA's (to 1, to allow a maximum of one layer of
CA's bel
On Thu, Mar 27, 2014 at 5:47 AM, Stefan H. Holek wrote:
> On 25.03.2014, at 17:44, Zack Williams wrote:
>
>> ...
>> 3. Is there a reason to not set a pathLen in the basicConstraints
>> section of the Root CA's (to 1, to allow a maximum of one layer of
>> CA's below the Root), but to do so on the I
On 25.03.2014, at 17:44, Zack Williams wrote:
> 1. Is there a reason you're not using SHA-256 hash by default - it
> appears that SHA1 is being recommended against currently:
> http://www.digicert.com/sha-2-ssl-certificates.htm
No reason. Just for maximum compatibility. Every software can do SHA1
Le 25/03/2014 23:08, Zack Williams a écrit :
On Tue, Mar 25, 2014 at 10:54 AM, Erwann Abalea
wrote:
2. I couldn't figure out what the [additional_oids] section of the
Expert example's root-ca.conf file is for - either through research or
going through the commit history. Could you elaborate on
On Tue, Mar 25, 2014 at 10:54 AM, Erwann Abalea
wrote:
>
>> 2. I couldn't figure out what the [additional_oids] section of the
>> Expert example's root-ca.conf file is for - either through research or
>> going through the commit history. Could you elaborate on what that
>> accomplishes?
>>
>> htt
Le 25/03/2014 17:44, Zack Williams a écrit :
On Fri, Mar 21, 2014 at 12:25 AM, Stefan H. Holek wrote:
I have updated the OpenSSL PKI Tutorial at Read the Docs. The tutorial provides
three complete PKI examples you can play through and the prettiest
configuration files this side of Neptune
On Fri, Mar 21, 2014 at 12:25 AM, Stefan H. Holek wrote:
> I have updated the OpenSSL PKI Tutorial at Read the Docs. The tutorial
> provides three complete PKI examples you can play through and the prettiest
> configuration files this side of Neptune. Check it out!
>
&
Hi All,
I have updated the OpenSSL PKI Tutorial at Read the Docs. The tutorial provides
three complete PKI examples you can play through and the prettiest
configuration files this side of Neptune. Check it out!
https://pki-tutorial.readthedocs.org/
Cheers,
Stefan
--
Stefan H. Holek
ste
ectory". I.e.:
Good catch! I have fixed 4.3 to use the "ca" directory as well.
> So far though, this has been a helpful tutorial for a noob to PKI. Thanks!
> Kevin
>
Thank you,
Stefan
--
Stefan H. Holek
ste...@epy.co.at
rtfile ca/signing-ca.crt \
-certfile ca/root-ca.crt \
-out certs/signing-ca-chain.p7c \< certs directory
-outform der
Step 5.4:
openssl pkcs7 \
-in ca/signing-ca-chain.p7c \ < ca directory
-inform der \
-noout \
-text \
-print_certs
So f
Hi All!
I have updated the OpenSSL PKI tutorial at readthedocs. The tutorial takes a
novel approach without ever referring to openssl.cnf or CA.pl (yuck). You can
find it here:
https://pki-tutorial.readthedocs.org/
Thanks to everyone who has provided feedback for the first version. I heard
mån 2012-12-17 klockan 15:23 +0100 skrev Stefan H. Holek:
> Hi All!
>
> I have been working on an OpenSSL PKI tutorial, and the time has come where I
> would like to solicit feedback from the community. The tutorial takes a
> somewhat novel approach without ever referring to
This tutorial is a very good start, however, I have a couple suggestions.
1) Add more verbiage in the configuration files. I suggest pretending
you're talking to a bright undergraduate student who knows nothing of
either PKI or Openssl. That is, be a bit more pedantic in the presention
o
Hallo,
https://pki-tutorial.readthedocs.org/en/latest/cadb.html
-> Serial number files ...
what is the CRL number file?
where can I configure this?
Thanks,
Walter
On Mon, December 17, 2012 15:23, Stefan H. Holek wrote:
> Hi All!
>
> I have been working on an OpenSSL PKI tutorial,
Hi All!
I have been working on an OpenSSL PKI tutorial, and the time has come where I
would like to solicit feedback from the community. The tutorial takes a
somewhat novel approach without ever referring to openssl.cnf or CA.pl (yuck).
You can find it here:
https://pki
2:09 AM
Subject:Re: asn1 parsing tutorial
On 09/04/2012 10:47 PM, Ken Goldman wrote:
> Is there any tutorial or other documentation on how to use the openssl
asn1 parsing C functions?
> That is, not the command line.
>
> The man pages are empty. I found that the asn1parse command l
On Tue, Sep 04, 2012, Ken Goldman wrote:
>
> Use case: I have to parse a non-standard X.509 certificate that
> openssl cannot handle at a higher level. I think I have to parse at
> a low level and pull out the data I need.
>
Is this the OAEP certificate issue? It should be possible to retriev
Is there any tutorial or other documentation on how to use the openssl
asn1 parsing C functions? That is, not the command line.
The man pages are empty. I found that the asn1parse command line
utility works, but the asn1pars.c code is completely uncommented. It
will be a chore to reverse
On Sun June 19 2011, Ilya Dyoshin wrote:
> Good day!
>
> is there any tutorial on adding a new cryptoalgorithms to openssl wrapper.
> I.e.: I have a set of cryptographic functions released in c (for crypting,
> decrypting etc.), and want to wrap it to openssl, in order
Good day!
is there any tutorial on adding a new cryptoalgorithms to openssl wrapper.
I.e.: I have a set of cryptographic functions released in c (for crypting,
decrypting etc.), and want to wrap it to openssl, in order to use it as an
algorithm in apache's httpd server, using sta
> From: Igor Galic
>
> > I am a newbie, any tutorial to start with openssl?
>
> That highly depends on what you want to achieve.
> There *is* documentation. http://openssl.org/docs/
>
> You probably want to start with the
> http://openssl.org/docs/HOWTO/ which ex
> All,
>
>
> I am a newbie, any tutorial to start with openssl?
That highly depends on what you want to achieve.
There *is* documentation. http://openssl.org/docs/
You probably want to start with the
http://openssl.org/docs/HOWTO/ which explains some of the
essential concepts yo
All,
I am a newbie, any tutorial to start with openssl?
Benix.
On 6/16/2010 12:10 PM, Dr. Stephen Henson wrote:
>
> Those for the bleeding egde development version are also available online too,
> see: http://www.openssl.org/docs/ the API doesn't change that much so those
> will be largely accurate for older versions of OpenSSL.
>
> The examples at the botto
On Wed, Jun 16, 2010 at 12:29 PM, Sad Clouds
wrote:
> A few of my bookmarks:
>
> http://tldp.org/HOWTO/SSL-Certificates-HOWTO/index.html
> http://docs.sun.com/source/816-6156-10/contents.htm
> http://docs.sun.com/source/816-6154-10/contents.htm
> http://h71000.www7.hp.com/doc/83final/ba554_90007/c
till need guides to
> walk me through generating keys, and I don't fully understand which
> keys fit which "locks"...).
>
Well you wont find a cryptography tutorial in OpenSSL. Some knowledge of that
is assumed.
> BTW, anybody know "why" is the documentation s
On Wed, 16 Jun 2010 12:14:49 -0400
Brandon McCaig wrote:
> Hello,
>
> I'm having trouble finding up-to-date tutorials (or any documentation
> at all) for the OpenSSL APIs. The best one that I have found is
> apparently from 2004:
>
> http://www.ibm.com/developerworks/linux/library/l-openssl.htm
Hello,
I'm having trouble finding up-to-date tutorials (or any documentation
at all) for the OpenSSL APIs. The best one that I have found is
apparently from 2004:
http://www.ibm.com/developerworks/linux/library/l-openssl.html
I'm worried that it is out of date and I'll be wasting my time
learnin
uld figure out by staring at its MAN page long time and
looking up some sample codes in source code distribution of the OpenSSL.
However, it would be great if there is a good reference/tutorial
book. :)
went ahead and made that minor change
$ cat openssl_EVP_example.c
/*
* Compilation
* $
JongAm Park wrote:
Hello.
Thank you for mentioning the book.
However, I could figure out by staring at its MAN page long time and
looking up some sample codes in source code distribution of the OpenSSL.
may be of use...
from the mailing list and the web
note that with a little modificati
JongAm Park wrote:
Hello.
Thank you for mentioning the book.
However, I could figure out by staring at its MAN page long time and
looking up some sample codes in source code distribution of the OpenSSL.
However, it would be great if there is a good reference/tutorial book. :)
went ahead
distribution of the OpenSSL.
However, it would be great if there is a good reference/tutorial book. :)
Thank you again,
Best regards,
JongAm Park
Richard Koenning wrote:
JongAm Park wrote:
Hello, I am just a beginner at using OpenSSL library.
I write in C/C++ and Objective-C. After looking up the
Hello.
Thank you for mentioning the book.
However, I could figure out by staring at its MAN page long time and
looking up some sample codes in source code distribution of the OpenSSL.
However, it would be great if there is a good reference/tutorial book. :)
Thank you again,
Best regards
there any good source like sample codes, tutorial and so on?
http://oreilly.com/catalog/9780596002701/
It's a little bit outdated (based mainly on OpenSSL 0.9.7 (or older,
iirc)), but otherwise still a useful tutorial.
Ciao,
Ri
JongAm Park wrote:
Hello, I am just a beginner at using OpenSSL library.
I write in C/C++ and Objective-C. After looking up the OpenSSL web
site, I found out that there was no document for studying how to use it.
Is there any good source like sample codes, tutorial and so on?
http
Hello, I am just a beginner at using OpenSSL library.
I write in C/C++ and Objective-C. After looking up the OpenSSL web
site, I found out that there was no document for studying how to use it.
Is there any good source like sample codes, tutorial and so on?
Thank you in advance.
JongAm Park
:18 PM
Subject: Tutorial
Hello,
I need to set an SSL communication between a server and a client using openSSL
source.
However, I have to learn more about the openSSL use, and so I would need a
tutorial or a sample code explaining the way to use the openSSL library.
Thank you.
Best Regards
Dr
Hi,
Man pages means to look at the manual pages for the libraries. If you're
using a UNIX system, you can do:
$ man EVP_EncryptInit
as an example, to see the manual. Additionally, you can use google for "man
EVP_EncryptInit" to find the man pages. I recommend starting here:
http://www.hmug.o
Thanks for your answer.
What do you mean by man pages for the OpenSSL libraries?
Is it necessary to buy the openSSL book to understand correctly?
Hi Driss,
The OpenSSL book will make things monumentally easier. There are a number
of things you need to do to create a secure service, beyond e
SSL use, and so I would need a
tutorial or a sample code explaining the way to use the openSSL library.
Thank you.
Best Regards
Driss El Hachimi
-
Ne gardez plus qu'une seule adresse mail ! Copiez vos mails
L communication between a server and a client using
> openSSL source.
> However, I have to learn more about the openSSL use, and so I would need a
> tutorial or a sample code explaining the way to use the openSSL library.
>
> Thank you.
> Best Regards
> Driss El Hachimi
>
>
Hello,
I need to set an SSL communication between a server and a client using openSSL
source.
However, I have to learn more about the openSSL use, and so I would need a
tutorial or a sample code explaining the way to use the openSSL library.
Thank you.
Best Regards
Driss El Hachimi
Hi guys,
I've been reading openssl-users for quite some time and I've noticed that
there's always a constant need for example code of basic openssl
functionality. I've had some experience in writing software using openssl
(mainly in combination with PKCS#11 tokens). I've spent some time learning
op
is Server
AL> Certificate)
AL> So, if you have an idea... ! Thanks,
AL> Alain
AL> nb: i attached snapshot about the certificate window.
AL> - Original Message -
AL> From: "Derek Chew En-Hock" <[EMAIL PROTECTED]>
AL> To: "Alain Lafleche" <[EMAI
more experienced OpenSSL users would like to comment on this?
Thursday, July 24, 2003, 10:34:54 PM, you wrote:
AL> Hi,
AL> I just read your mini-tutorial & i want to thanks you..! It was really better easy
to do procedure. Thanks
AL> But, I have only 1 question :
AL> Certificate Request is
Hi All,
A simple tutorial to manage CRLs into Netscape 7.x
URL: http://www.medracen.net/pki.php?url=tutorials
Comments & suggestions are welcome.
#---
Averroes
__
OpenSSL Project
Hello,
I'm still newbie and I'd like to know if there is any tutorial describing
what is CRL , PKI and how to revoke or renew certificate using OpenSSL ?
Also I have one maybe off-topic question: I successfully instaled my
certificate into Apache but when connect to using IE 5.5 all
Hi all,
This tutorial helped me. It is short and a quick
learning to use OpenSSL.
Thanks!
--- Jeremy Smith
<[EMAIL PROTECTED]> wrote:
> Hi!
>
> I've updated my webpage:
>
>
http://members.netscapeonline.co.uk/jeremyalansmith/ssltutorial/
>
> With some informat
Hi!
I've updated my webpage:
http://members.netscapeonline.co.uk/jeremyalansmith/ssltutorial/
With some information at the beginning, about what ports SSL is used on, and
how to test an SSL application with a browser.
The tutorial is aimed at those who are trying to SSL-ise a webs
> Please assume that my function "SSL_Server_Socket" &
> "client_socket_descriptor" (called below) has
> SSL_library_init, SSL_CTX_new, SSL_new, SSL_set_fd. I
> am able to convert a socket to a SSL_socket not
> problem with that.
>
> Porblme is... in my program I want to know if I have
> to co
Jeremy and others...
Please assume that my function "SSL_Server_Socket" &
"client_socket_descriptor" (called below) has
SSL_library_init, SSL_CTX_new, SSL_new, SSL_set_fd. I
am able to convert a socket to a SSL_socket not
problem with that.
Porblme is... in my program I want to know if I ha
> My company has a web server which is actaully
> implemented using the concept of sockets (socket
> program...). I am adding OpenSSL to it.
> With the OpenSSL help and refering to your link
> http://members.netscapeonline.co.uk/jeremyalansmith/ssltutorial/
>
> Firstly, I followed the steps in cr
Hi!!!
My company has a web server which is actaully
implemented using the concept of sockets (socket
program...). I am adding OpenSSL to it.
With the OpenSSL help and refering to your link
http://members.netscapeonline.co.uk/jeremyalansmith/ssltutorial/
,
Firstly, I followed the steps in creati
Thanks! This will help and lot.
WIll get back soon...
--- Jeremy Smith
<[EMAIL PROTECTED]> wrote:
> Hi!
>
> I've setup a page about how to get an SSL socket
> working, from the webserver
> side of things and on virtually any browser (well,
> Netscape 2+ and IE3+ I
> think). Should be okay for no
Hi!
I've setup a page about how to get an SSL socket working, from the webserver
side of things and on virtually any browser (well, Netscape 2+ and IE3+ I
think). Should be okay for non-Windows users (although Windows is the
platform I got it working on), it's a step-by-step guide.
http://member
I don't treat that book as good reading, at least not the German
version I got in my hands.
Dr. Greg Quinn schrieb:
>
> Steve; not sure what level of book you want; I'm a real newby at this, so
> the book I found very helpful in terms of concept was :
> 1) Internet Cryptography; Richard E Smith
74 matches
Mail list logo
