Re: rpath-ing openssl

2006-01-13 Thread Mike Frysinger 
On Friday 13 January 2006 01:48, Lee Thompson wrote:
 I'd be interested in your thoughts on this approach.

well your hardcoding of -Wl,-R/opt/assembly/lib in the linux-elf-rpath line 
certainly wont work ...
-mike
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: Loading CRL to Client

2006-01-13 Thread am0ykam0te (sent by Nabble.com) 

I tried using these 3 code snippets but my client still accepts the server certificate I included in the CRL.BTW Im using OpenSSL 0.9.6h

pStore = SSL_CTX_get_cert_store(ctx);
pLookup = X509_STORE_add_lookup(pStore, X509_LOOKUP_file());
ret = X509_load_cert_crl_file(pLookup,clientCRL,X509_FILETYPE_PEM);

pStore = SSL_CTX_get_cert_store(ctx);
crl = d2i_X509_CRL_fp(fCRL,NULL);
ret = X509_STORE_add_crl(pStore, crl);

pStore = SSL_CTX_get_cert_store(ctx);
pLookup = X509_STORE_add_lookup(pStore, X509_LOOKUP_file());
ret = X509_load_crl_file( pLookup, clientCRL,X509_FILETYPE_PEM);


View this message in context: Re: Loading CRL to Client
Sent from the OpenSSL - Dev forum at Nabble.com.

Re: rpath-ing openssl

2006-01-13 Thread Richard Levitte 
Mike Frysinger writes: 


On Friday 13 January 2006 01:48, Lee Thompson wrote:

I'd be interested in your thoughts on this approach.


well your hardcoding of -Wl,-R/opt/assembly/lib in the linux-elf-rpath line 
certainly wont work ...


I entirely agree with that, and I'm also a bit dubious about the 
implementation.  I currently don't have the code in front of me, but as I 
recall what I did, Makefile.shared already does the proper (according to our 
ideas at least) handling of rpath and a number of other things, and maybe it 
should be changed to handle creation of .pc files... 

With some luck, I might even remember to take a look at this tonight or next 
week...  :-) 


Cheers,
Richard 


-
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details. 


--
Richard Levitte [EMAIL PROTECTED]
  http://richard.levitte.org/ 


When I became a man I put away childish things, including
the fear of childishness and the desire to be very grown up.
  -- C.S. Lewis 


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: Loading CRL to Client

2006-01-13 Thread Rajeshwar Singh Jenwar 

On 1/13/06, am0ykam0te (sent by Nabble.com) [EMAIL PROTECTED] wrote:
my version of openssl does not have the constant flags you included.. (X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL).. 


View this message in context: Re: Loading CRL to ClientSent from the 
OpenSSL - Dev forum at 
Nabble.com. 

Can u show me the full code ?

[openssl.org #1270] BN_get_negative != BN_is_negative

2006-01-13 Thread Love H�rnquist �strand via RT 

Comment doesn't match macro. BN_get_negative != BN_is_negative

 From crypto/bn/bn.h, rev 1.113

/* BN_get_negative():  returns 1 if the bignum is  0 and 0 otherwise */
#define BN_is_negative(a) ((a)-neg != 0)



Love


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: Loading CRL to Client

2006-01-13 Thread am0ykam0te (sent by Nabble.com) 

My App wont compile because the constants(flags) are not declared in my version of OpenSSL . (0.9.6h)

View this message in context: Re: Loading CRL to Client
Sent from the OpenSSL - Dev forum at Nabble.com.

how to decrypt the encrypted data, which is encrypted by C Language library, on commandline.

2006-01-13 Thread Tomiyama Hajime 
I tried to decrypt the encrypted texts, which is encrypted by C Language 
library,

on commandline , but it didn't work well.
Please tell me how I can decrypt the encrypted texts, encrypted by C 
Language library,

on commandline.


unsigned char outbuf[1024];
int outlen, tmplen;
unsigned char key[] = 0123456789012345;
unsigned char iv[] = ;
char intext[] = Some Crypto Text;
EVP_CIPHER_CTX ctx;
FILE *out;
char outfile[ 256] = .\\outfile.txt;


EVP_CIPHER_CTX_init(ctx);

//Blowfish CBCモードを採用.
EVP_EncryptInit_ex(ctx, EVP_bf_cbc(), NULL, key, iv);

if( !EVP_EncryptUpdate( ctx, outbuf, outlen, ( unsigned char*)intext, 
strlen

(intext)))
{
/* Error */
return 0;
}

if(!EVP_EncryptFinal_ex(ctx, outbuf + outlen, tmplen))
{
/* Error */
return 0;
}
outlen += tmplen;
EVP_CIPHER_CTX_cleanup(ctx);

out = fopen(outfile, wb);
fwrite(outbuf, 1, outlen, out);
fclose(out);



The encrypted texts is output as outfile.txt.
Then, I tried to decrypt the encrypted texts as decfile.txt on commandline.


OpenSSL enc -d -bf-cbc -k 0123456789012345 -iv  -in 
outfile.txt -out

decfile.txt


But, the following massage is displayed, and it can't be decrypted.

bad magic number
error in enc



__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

how to decrypt the encrypted data, which is encrypted by CLanguage library, on commandline.

2006-01-13 Thread Tomiyama Hajime 

I tried to decrypt the encrypted texts, which is encrypted by C Language 
library,
on commandline , but it didn't work well.
Please tell me how I can decrypt the encrypted texts, encrypted by C 
Language library,

on commandline.


unsigned char outbuf[1024];
int outlen, tmplen;
unsigned char key[] = 0123456789012345;
unsigned char iv[] = ;
char intext[] = Some Crypto Text;
EVP_CIPHER_CTX ctx;
FILE *out;
char outfile[ 256] = .\\outfile.txt;


EVP_CIPHER_CTX_init(ctx);

//Blowfish CBC mode
EVP_EncryptInit_ex(ctx, EVP_bf_cbc(), NULL, key, iv);

if( !EVP_EncryptUpdate( ctx, outbuf, outlen, ( unsigned char*)intext, 
strlen

(intext)))
{
/* Error */
return 0;
}

if(!EVP_EncryptFinal_ex(ctx, outbuf + outlen, tmplen))
{
/* Error */
return 0;
}
outlen += tmplen;
EVP_CIPHER_CTX_cleanup(ctx);

out = fopen(outfile, wb);
fwrite(outbuf, 1, outlen, out);
fclose(out);



The encrypted texts is output as outfile.txt.
Then, I tried to decrypt the encrypted texts as decfile.txt on commandline.


OpenSSL enc -d -bf-cbc -k 0123456789012345 -iv  -in 
outfile.txt -out

decfile.txt


But, the following massage is displayed, and it can't be decrypted.

bad magic number
error in enc


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: Loading CRL to Client

2006-01-13 Thread Dr. Stephen Henson 
On Fri, Jan 13, 2006, am0ykam0te (sent by Nabble.com) wrote:

 
 My App wont compile because the constants(flags) are not declared in my 
 version of OpenSSL . (0.9.6h)


CRL checking is not support in OpenSSL 0.9.6 you need 0.9.7 at least.

This should also be in openssl-users.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: rpath-ing openssl

2006-01-13 Thread Lee Thompson 
The code certainly runs so is your issue a point of
coding style?  I figured the style was okay
considering this comment in the INSTALL instructions.

 edit the Configure program and add the
 correct configuration for your system

Works great on a gentoo box too btw.  Could be useful
for a slotted ebuild of openssl depending on where you
wanted to target the different versions of the shared
lib.

--- Mike Frysinger [EMAIL PROTECTED] wrote:

 On Friday 13 January 2006 01:48, Lee Thompson wrote:
  I'd be interested in your thoughts on this
 approach.
 
 well your hardcoding of -Wl,-R/opt/assembly/lib in
 the linux-elf-rpath line 
 certainly wont work ...
 -mike
 


__
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: rpath-ing openssl

2006-01-13 Thread Mike Frysinger 
On Friday 13 January 2006 11:38, Lee Thompson wrote:
 The code certainly runs so is your issue a point of
 coding style?

just because the path is correct on your machine has no relevance to anyone 
else, and forcing people to install into /opt/assembly/lib wont fly
-mike
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

[openssl.org #1266] openssl prime 2

2006-01-13 Thread Nils Larsch via RT 

should be fixed, please test a recent snapshot

Thanks,
Nils
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

[openssl.org #1266] openssl prime 2

2006-01-13 Thread Nils Larsch via RT 

should be fixed, please test a recent snapshot

Thanks,
Nils
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]

[openssl.org #1270] BN_get_negative != BN_is_negative

2006-01-13 Thread Nils Larsch via RT 

fixed

Thanks,
Nils
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   [EMAIL PROTECTED]