Before calling the RSA verify(), I have hashed the message digest got
20 bytes output.
It just works fine!!
>-Original Message-
>From: Sakthi Subramanian (WT01 - EMBEDDED & PRODUCT
>ENGINEERING SOLUTIONS)
>Sent: Monday, July 05, 2004 6:36 PM
>To: '[EMAIL PROTECTED]'
>Subject: RSA_veri
Hi.,
I am using d2i_x509() function for converting the certificates from
DER to PEM.
It is failing at file :tasn_dec.c function:asn1_template_ex_d2i() line
number 353. ( version 0.9.7c and 0.9.7b also)
The DER format buffer contains valid certificates of 2048 bytes. At the
end it has the sequenc
Hi .,
Is it possible that to have certificates in other formats like PKCS
apart from PEM/DER? In that case how can we convert the PKCS to X509
format?Is there any interface available on openssl? What way we can
identify the format of the certificate. According to my understanding
DER and PKCS for
Hi.,
I will be getting the certificates in a buffer in DER format.The buffer
of 2048 bytes contains the following data I am copying the initial few
bytes and then the trailing bytes.:
With the start bytes we can identify as DER format. When I pass this
buffer to d2i_X509() it fails.
-
Attached the cert dump..
What is dumpasn1? How can I take that?
Thanks.,
Sakthi S G
>-Original Message-
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] On Behalf Of Nils Larsch
>Sent: Tuesday, July 13, 2004 5:47 PM
>To: [EMAIL PROTECTED]
>Subject: Re: d2i_X509() failed.
>
>
>[EMAIL P
Thanks for the link..
Did you get the dump I have sent?
>-Original Message-
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] On Behalf Of Nils Larsch
>Sent: Tuesday, July 13, 2004 6:29 PM
>To: [EMAIL PROTECTED]
>Subject: Re: d2i_X509() failed.
>
>
>[EMAIL PROTECTED] wrote:
>...
>> What
>Its not clear what you want to do from this 30/31 years business.
The number of years difference between "Not Valid before and Not valid
after" should not exceed 30 years in the certificates..How can I check
it ?
Thanks
Sakthi S G
>-Original Message-
>From: [EMAIL PROTECTED]
>[mailto:[
9, 2004, Richard Levitte - VMS Whacker wrote:
>
>> In message
>> <[EMAIL PROTECTED]> on
>> Mon, 19 Jul 2004 09:51:35 +0530, <[EMAIL PROTECTED]> said:
>>
>> sakthi.subramaniam>
>> sakthi.subramaniam> >Its not clear what you want to do from
For the second case it is returning 255. There was a problem in the
certificate..
Thanks for your help.
Sakthi S G
>-Original Message-
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] On Behalf Of Dr.
>Stephen Henson
>Sent: Tuesday, July 20, 2004 9:47 PM
>To: [EMAIL PROTECTED]
>Subjec
Is there any function available to compare the Authority key identifier
of the certifcate with the issuers subject key identifier?
Will X509_verify_cert() do the comparision of the above?
Actually I have both the certificates in DER format.
Confidentiality Notice
The information contained in
Hi.,
I had gone thro' the X509_check_issued(). With that only I have
created X509 structure for subject and issuers certificate with
d2i_X509().
But the subject->akid is NULL .
Then I called ASN1_OCTET_STRING_cmp(subject->akid->keyid,
issuer->skid);it crashes..
Is there anything I need to do fo
I have tried X509_get_ext_d2i
akid = X509_get_ext_d2i(dev_cert,
NID_authority_key_identifier,NULL, NULL)
This returns AUTHORITY_KEYID structure..After that will
ASN1_OCTET_STRING_cmp() serve the purpose?
>-Original Message-
>From: [EMAIL PROTECTED]
>[mailto:[EMAIL PROTECTED] On B
I have tried to the following code..it crashes in
ASN1_OCTET_STRING_cmp()..
Any inputs??
--
BOOL SSL_validate_AID_SID(X509 *dev_cert, UCHAR *manu_buffer) {
X509 *issuer_cert = NULL;
AUTHORITY_KEYID
--- Begin Message ---
I am seeing that akid->keyid as NULL always but i am sure that akid is a valid
structure.
It is a valid certificate and authority key identifier is also present, in that case i
am wondering how can i get the akid->keyid as a NULL? Do i need to call any function
to update ak
Do we need to free the X509 structure returned by d2i_X509() and
PEM_read_X509() functions after using it?
Sakthi S G
Confidentiality Notice
The information contained in this electronic message and any attachments to this
message are intended
for the exclusive use of the addressee(s) and
I am using the BN library for generating keys. With the documents I come
to know that it is giving only big endian support.
If I use BN_bn2bin(big_rand, test_num[8]), test_num[0] -> will have the
MSB and test_num[7] -> will have the LSB.
Is my understanding correct?
Regards.,
Sakthi S G
Conf
Title: Message
Hi.,
Use d2i interfaces
For
any object...
d2i_OBJNAME(OBJTYPE *obj, char *pp, long length)
for
example
to get
RSA key from buffer
RSA
*rsa
rsa =
d2i_RSAPublicKey(NULL, &buf, len)..
Hope
it helps..
-Original Message-From:
[EMAIL PROTECTED] [mailto:[
Title: Message
HI.,
You can use /dev/random as a seed generator..I belive that cygwin
has the support for /dev/random device..
For that u can use RAND_load_file("/dev/random", no_of_bytes) for
programming the seed.
or
otherwise you can use the static character buffer (rnd_seed)as a seed and
Hi ,
I have the x509 v3 certificates, I would like to validate the BASIC
CONSTRAINTS FIELD.
Using X509_get_ext_d2i I will get the BASIC_CONSTRAINTS structure if it
is present.. How to extract and validate the cA and pathLenConstraint
from the structure?
Any inputs on this?
Thanks in advance.,
S
Hi All,
We are facing a compilation issue which building OpenSSL for -mips3 and
mcpu=r4000 for Big Endian. We are using MontaVista supplied gcc and bin
utils.
GCC Version : 2.95.3
LD Version : 2.10.91
AR Version : 2.10.91
RANLIB Version : 2.10.91
The follo
20 matches
Mail list logo
