Re: Error with PEM_write_RSAPrivateKey function

Angel Martinez Gonzalez wrote: Hello: This is the error message that I obtained: The instruction in "0x78468216" refers to memory in "0x0010". Memory can not "written". I send you a image with this error message. did you read the FAQ item "I've compiled a program under Windows and it crashes:

Re: Timestamp server and certificate creation

Alle 22:07, martedì 19 aprile 2005, Nils Larsch ha scritto: > Sebastiano Zabert wrote: > > Hi, > > I'm trying to setup a timestamp server on a linux box with debian. > > ... > > The certificate is present and it is world readable, so i think the > > problem is the certificate, a generic self signe

Multi process Server and openssl

Folks, We have come up against a problem while trying to integrate the openssl library into our server. The server architecture is multi process where child processes handle requests. Each process attaches to a single shared memory segment which holds common configuration data. Our problem

Re: Multi process Server and openssl

On Wed, Apr 20, 2005 at 10:32:20AM +0100, [EMAIL PROTECTED] wrote: > During the TLS negotiation and after the secure channel is set up > different child processes will handle the request and will need access to > the SSL connection. The SSL connections are allocated and freed using > openssl libr

Encrypting binary files with evp symmetric cipher - Error

Hi, I'm trying to do a program to encrypt and decrypt a file using EVP API. I read the input file (plaintext) in binary mode using a buffer of 100 bytes to encrypt. The function restult_aes is the encryption / decryption funcion. I'm calling the funcions EVP_Encrypt and EVP_Decrypt for each 100

sk_X509_push vs sk_x509_free

Hi, I add certificates to the store using sk_x509_push and then free it later with sk_x509_free, but it doesn't seem to free memory. Should I use sk_x509_pop or something? Thank you for your time. Calista. __ Do You Yahoo!? Tired of spam? Yahoo! M

"select" for timeout work with SSL?

I found this snippet for implementing a timeout for sockets, although the example had nothing to do with SSL... I put it in some code and it seems to work fine, but was wondering if anybody else has tried it or can comment on the idea. Thanks! /// snippet: int err; fd_set fds; struct timeval

RE: sk_X509_push vs sk_x509_free

Yes you will have to use sk_X509_pop_free I think. Regards Aftab Alam -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Calista Sent: Wednesday, April 20, 2005 7:32 PM To: openssl-users@openssl.org Subject: sk_X509_push vs sk_x509_free Hi, I add certific

Downgrade OpenSSL

Hi,   I am running FreeBSD 5.3Beta4 with OpenSSL 0.9.7d installed. For my student research project on timing attacks against SSL, I need to downgrade OpenSSL to version 0.9.7 release Dec 31_2002 (or to OpenSSL <= 0.9.6h) since newer versions are already patched against these attacks.  

Re: "select" for timeout work with SSL?

On Wed, Apr 20, 2005, Schneider John wrote: > > I found this snippet for implementing a timeout for sockets, although > the example had nothing to do with SSL... I put it in some code and it > seems to work fine, but was wondering if anybody else has tried it or > can comment on the idea. Thanks

openssl verify conflicts with SSL_connect

I am testing my implementation of OpenSSL within an existing application by creating certificates using the instructions in the O'Reilly book, chapter 5. When I use the client.pem file with SSL_CTX_set_certificate_chain_file, and the root.pem file with SSL_CTX_load_verify_locations, then SSL_con

Re: Downgrade OpenSSL

Stefan Müller wrote: Hi, I am running FreeBSD 5.3Beta4 with OpenSSL 0.9.7d installed. For my student research project on timing attacks against SSL, I need to downgrade OpenSSL to version 0.9.7 release Dec 31_2002 (or to OpenSSL <= 0.9.6h) since newer versions are already patched against these

Re: Downgrade OpenSSL

Hi, > The shared libraries /lib/libcrypto.so.3 and /usr/lib/libssl.so.3 are still > from the newer Version. sounds like they are the world version - what lives in /usr/local/lib ? (you did compile with the 'shared' configure option, yes? alan _

cygwin

When I use cygwin to run the test of openssl, I got the following error: running bc bc: not found cat: tmp.bctest: No such file or directory bc does not work properly ('SunOStest' failed). Looking for another bc ... No working bc found. Consider installing GNU bc. 0 tests passed I run the comm

AW: Downgrade OpenSSL

Hi, thanks for your answer! I tried the following: 1.) ./config shared 2.) make But make stops with the following error: + gcc -shared -o libcrypto.so.0.9.7 -Wl,-soname=libcrypto.so.0.9.7 -Wl,-Bsymbolic -Wl,--whole-archive libcrypto.a -Wl,--no-whole-archive -L. -lc libcrypto.a(c_enc.o)(.text+0

RE: Confusion about SSL_ERROR_WANT_READ/WRITE

> Thanks for the info. One last question :) So if I am using blocking > sockets, than would I ever get a WANT_WRITE error? I'm guessing no? No, it should just block until it gets some application data or can send the application data. > But if I am using BIO pairs, and blocking socket

RE: Downgrade OpenSSL

Hi, My /usr/local/lib contains the following files: libasprintf.a libexpat.so libintl.so libasprintf.so libexpat.so.5 libintl.so.6 libasprintf.so.0libfreetype.a libjpeg.a libc-client4.a libfreetype.so libjpeg.so libc-cli

RE: sk_X509_push vs sk_x509_free

Thanks Aftab. --- Aftab Alam <[EMAIL PROTECTED]> wrote: > Yes you will have to use sk_X509_pop_free I think. > > Regards > Aftab Alam > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Calista > Sent: Wednesday, April 20, 2005 7:32 PM > To: ope

JNI Problems urgent.

Hey guys i'm having trouble with a jni interface to OpenSSL. This is my Java: public class nativeBF { public native void nativeRun(); public void nCall(){ nativeRun(); } static { //Load the

Re: Encrypting binary files with evp symmetric cipher - Error

Rafael Cividanes wrote: Hi, I'm trying to do a program to encrypt and decrypt a file using EVP API. I read the input file (plaintext) in binary mode using a buffer of 100 bytes to encrypt. The function restult_aes is the encryption / decryption funcion. I'm calling the funcions EVP_Encrypt and E

what's the default openssl engine

Hi, I always heard that the openssl uses the default openssl engine if the engine is not specified. I would like to know what's the default openssl engine. In another word, how could I tell which is the default openssl engine when I use openssl? thanks hao Best Regard __

Certificate Handling APIs

Hi,   I'd like to find out whether openssl provides the same certificate handling APIs as RSA does, such as the followings: X509_STORE_CTX_get_ex_data() SSLCERT_STORE_CTX_get_current_­cert() SSLCERT_to_binary() Would be great to know if openssl provides similar functionalities with differe

Re: JNI Problems urgent.

Hi, >Hey guys i'm having trouble with a jni interface to OpenSSL. >/home/mcx/Programming/Eclipse/project/lib/libnativebf.so: undefined symbol: > BF_set_key If BF_set_key function is statically linked, you can confirm those symbols in shared object, like: $ nm libnativebf.so U BF_cfb

How to verify when CA certificates in database?

If I was using flat files, I could simply do SSL_CTX_load_verify_locations. However, I have the certificates stored in a database. At first I was kind of looking for function SSL_CTX_load_verify_BIO(), but there does not seem to be such a thing... (I could then have written a BIO for loading the c

SSL/TLS Interoperability Issue

Hi all, I am new to openSSL.I want to make SSLv3 node(client/server) to communicate to TLSv1 node(client/server).Condition is that they work only on protocols and not on other protocols. eg.SSLv3 client will work only on SSLv3. On creation of SSL_CTX , I do the following :- ::client side (TLSv1)