Re: rpath-ing openssl
On Friday 13 January 2006 01:48, Lee Thompson wrote: I'd be interested in your thoughts on this approach. well your hardcoding of -Wl,-R/opt/assembly/lib in the linux-elf-rpath line certainly wont work ... -mike __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Loading CRL to Client
I tried using these 3 code snippets but my client still accepts the server certificate I included in the CRL.BTW Im using OpenSSL 0.9.6h pStore = SSL_CTX_get_cert_store(ctx); pLookup = X509_STORE_add_lookup(pStore, X509_LOOKUP_file()); ret = X509_load_cert_crl_file(pLookup,clientCRL,X509_FILETYPE_PEM); pStore = SSL_CTX_get_cert_store(ctx); crl = d2i_X509_CRL_fp(fCRL,NULL); ret = X509_STORE_add_crl(pStore, crl); pStore = SSL_CTX_get_cert_store(ctx); pLookup = X509_STORE_add_lookup(pStore, X509_LOOKUP_file()); ret = X509_load_crl_file( pLookup, clientCRL,X509_FILETYPE_PEM); View this message in context: Re: Loading CRL to Client Sent from the OpenSSL - Dev forum at Nabble.com.
Re: rpath-ing openssl
Mike Frysinger writes: On Friday 13 January 2006 01:48, Lee Thompson wrote: I'd be interested in your thoughts on this approach. well your hardcoding of -Wl,-R/opt/assembly/lib in the linux-elf-rpath line certainly wont work ... I entirely agree with that, and I'm also a bit dubious about the implementation. I currently don't have the code in front of me, but as I recall what I did, Makefile.shared already does the proper (according to our ideas at least) handling of rpath and a number of other things, and maybe it should be changed to handle creation of .pc files... With some luck, I might even remember to take a look at this tonight or next week... :-) Cheers, Richard - Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte [EMAIL PROTECTED] http://richard.levitte.org/ When I became a man I put away childish things, including the fear of childishness and the desire to be very grown up. -- C.S. Lewis __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Loading CRL to Client
On 1/13/06, am0ykam0te (sent by Nabble.com) [EMAIL PROTECTED] wrote: my version of openssl does not have the constant flags you included.. (X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL).. View this message in context: Re: Loading CRL to ClientSent from the OpenSSL - Dev forum at Nabble.com. Can u show me the full code ?
[openssl.org #1270] BN_get_negative != BN_is_negative
Comment doesn't match macro. BN_get_negative != BN_is_negative From crypto/bn/bn.h, rev 1.113 /* BN_get_negative(): returns 1 if the bignum is 0 and 0 otherwise */ #define BN_is_negative(a) ((a)-neg != 0) Love __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Loading CRL to Client
My App wont compile because the constants(flags) are not declared in my version of OpenSSL . (0.9.6h) View this message in context: Re: Loading CRL to Client Sent from the OpenSSL - Dev forum at Nabble.com.
how to decrypt the encrypted data, which is encrypted by C Language library, on commandline.
I tried to decrypt the encrypted texts, which is encrypted by C Language library, on commandline , but it didn't work well. Please tell me how I can decrypt the encrypted texts, encrypted by C Language library, on commandline. unsigned char outbuf[1024]; int outlen, tmplen; unsigned char key[] = 0123456789012345; unsigned char iv[] = ; char intext[] = Some Crypto Text; EVP_CIPHER_CTX ctx; FILE *out; char outfile[ 256] = .\\outfile.txt; EVP_CIPHER_CTX_init(ctx); //Blowfish CBCモードを採用. EVP_EncryptInit_ex(ctx, EVP_bf_cbc(), NULL, key, iv); if( !EVP_EncryptUpdate( ctx, outbuf, outlen, ( unsigned char*)intext, strlen (intext))) { /* Error */ return 0; } if(!EVP_EncryptFinal_ex(ctx, outbuf + outlen, tmplen)) { /* Error */ return 0; } outlen += tmplen; EVP_CIPHER_CTX_cleanup(ctx); out = fopen(outfile, wb); fwrite(outbuf, 1, outlen, out); fclose(out); The encrypted texts is output as outfile.txt. Then, I tried to decrypt the encrypted texts as decfile.txt on commandline. OpenSSL enc -d -bf-cbc -k 0123456789012345 -iv -in outfile.txt -out decfile.txt But, the following massage is displayed, and it can't be decrypted. bad magic number error in enc __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
how to decrypt the encrypted data, which is encrypted by CLanguage library, on commandline.
I tried to decrypt the encrypted texts, which is encrypted by C Language library, on commandline , but it didn't work well. Please tell me how I can decrypt the encrypted texts, encrypted by C Language library, on commandline. unsigned char outbuf[1024]; int outlen, tmplen; unsigned char key[] = 0123456789012345; unsigned char iv[] = ; char intext[] = Some Crypto Text; EVP_CIPHER_CTX ctx; FILE *out; char outfile[ 256] = .\\outfile.txt; EVP_CIPHER_CTX_init(ctx); //Blowfish CBC mode EVP_EncryptInit_ex(ctx, EVP_bf_cbc(), NULL, key, iv); if( !EVP_EncryptUpdate( ctx, outbuf, outlen, ( unsigned char*)intext, strlen (intext))) { /* Error */ return 0; } if(!EVP_EncryptFinal_ex(ctx, outbuf + outlen, tmplen)) { /* Error */ return 0; } outlen += tmplen; EVP_CIPHER_CTX_cleanup(ctx); out = fopen(outfile, wb); fwrite(outbuf, 1, outlen, out); fclose(out); The encrypted texts is output as outfile.txt. Then, I tried to decrypt the encrypted texts as decfile.txt on commandline. OpenSSL enc -d -bf-cbc -k 0123456789012345 -iv -in outfile.txt -out decfile.txt But, the following massage is displayed, and it can't be decrypted. bad magic number error in enc __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Loading CRL to Client
On Fri, Jan 13, 2006, am0ykam0te (sent by Nabble.com) wrote: My App wont compile because the constants(flags) are not declared in my version of OpenSSL . (0.9.6h) CRL checking is not support in OpenSSL 0.9.6 you need 0.9.7 at least. This should also be in openssl-users. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: rpath-ing openssl
The code certainly runs so is your issue a point of coding style? I figured the style was okay considering this comment in the INSTALL instructions. edit the Configure program and add the correct configuration for your system Works great on a gentoo box too btw. Could be useful for a slotted ebuild of openssl depending on where you wanted to target the different versions of the shared lib. --- Mike Frysinger [EMAIL PROTECTED] wrote: On Friday 13 January 2006 01:48, Lee Thompson wrote: I'd be interested in your thoughts on this approach. well your hardcoding of -Wl,-R/opt/assembly/lib in the linux-elf-rpath line certainly wont work ... -mike __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: rpath-ing openssl
On Friday 13 January 2006 11:38, Lee Thompson wrote: The code certainly runs so is your issue a point of coding style? just because the path is correct on your machine has no relevance to anyone else, and forcing people to install into /opt/assembly/lib wont fly -mike __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1266] openssl prime 2
should be fixed, please test a recent snapshot Thanks, Nils __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1266] openssl prime 2
should be fixed, please test a recent snapshot Thanks, Nils __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
[openssl.org #1270] BN_get_negative != BN_is_negative
fixed Thanks, Nils __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]