Re: [openssl-dev] Query about CRLDistributionPoints extension data

On Thu, Mar 30, 2017, Winter Mute wrote: > Hello, > All certificates I have encountered with this extension seem to have a > problem with the encoding of the distributionPoint. > According to the specs: > >DistributionPointName ::= CHOICE { > fullName[0]

[openssl-dev] Query about CRLDistributionPoints extension data

Hello, All certificates I have encountered with this extension seem to have a problem with the encoding of the distributionPoint. According to the specs: DistributionPointName ::= CHOICE { fullName[0] GeneralNames, nameRelativeToCRLIssuer [1]

Re: [openssl-dev] Query related to API SSL_set_SSL_CTX

Guys, any suggestions that you might have :) Regards, Anirudh From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Patel, Anirudh (Anirudh) Sent: Monday, October 24, 2016 11:32 AM To: openssl-dev@openssl.org Subject: [openssl-dev] Query related to API SSL_set_SSL_CTX Hi Guys

[openssl-dev] Query related to API SSL_set_SSL_CTX

Hi Guys, I have create a shared ssl ctx as below: boost::shared_ptr SharedSslCtx; mSslCtx = SharedSslCtx(SSL_CTX_new(meth), ctx_deleter) I have a copy of the above mSslCtx in a separate class under another shared pointer mCtx. Once I get the incoming TLS connection an SSL object is created as

Re: [openssl-dev] [PATCH] crypto/ui/ui_openssl.c: let new-line through after query in Windows path.

>> Originally new-line was suppressed, because double new-line was >> observed under wine. But it appears rather to be a wine bug, >> because on real Windows new-line is much needed. >> >> Reviewed-by: Richard Levitte > > Hm, this commit comment needs an explicit reference

Re: [openssl-dev] [PATCH] crypto/ui/ui_openssl.c: let new-line through after query in Windows path.

On Mon, 2016-08-01 at 10:48 +0200, Andy Polyakov wrote: > Originally new-line was suppressed, because double new-line was > observed under wine. But it appears rather to be a wine bug, > because on real Windows new-line is much needed. > > Reviewed-by: Richard Levitte Hm,

[openssl-dev] [openssl.org #3498] RE: AW: Platform query

WinCE is no longer supported. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3498 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4123] Query regarding dummy variable inside crypto

fixed with commit effaf4d. -- Rich Salz, OpenSSL dev team; rs...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4123 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4123] Query regarding dummy variable inside crypto

Thanks for your inputs On Mon, Nov 9, 2015 at 10:36 PM, Kaduk, Ben via RT wrote: > On 11/08/2015 05:37 AM, tosif tamboli via RT wrote: > > Hi , > > I am compiling crypto in openssl for vxWorks version 5.4 > > with 5.5.1 it compiles well > > But with 5.4 it gives error for

Re: [openssl-dev] [openssl.org #4123] Query regarding dummy variable inside crypto

On 11/08/2015 05:37 AM, tosif tamboli via RT wrote: > Hi , > I am compiling crypto in openssl for vxWorks version 5.4 > with 5.5.1 it compiles well > But with 5.4 it gives error for below files > bn_depr.c > ccppc: Internal compiler error: program cc1 got fatal signal 6 > > When checked it gives

[openssl-dev] [openssl.org #4122] Re: Query regarding dummy variable inside crypto

Hi, Can you please provide your inputs Thanks, Tosif On Wed, Nov 4, 2015 at 1:59 PM, tosif tamboli wrote: > Hi , > I am compiling crypto in openssl for vxWorks version 5.4 > with 5.5.1 it compiles well > But with 5.4 it gives error for below files > bn_depr.c > ccppc:

[openssl-dev] [openssl.org #2524] openssl 1.0.0d bug report/ query

Whatever it was, it's no longer reproducible. ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: Query

On 03/12/14 05:01, Dominyk Tiller wrote: Hey guys, I wanted to query something I saw pop up on the Git earlier: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=961d2ddb4b48e0e857a704b0cc6b475d63372419 Does that change imply that right now, without that commit, building without

Query

Hey guys, I wanted to query something I saw pop up on the Git earlier: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=961d2ddb4b48e0e857a704b0cc6b475d63372419 Does that change imply that right now, without that commit, building without SSLv2 and SSLv3 would remove SSL/TLS support

Re: Query regarding SSLv23 methods

On Fri, Nov 14, 2014 at 06:35:51AM +, Viktor Dukhovni wrote: On Fri, Nov 14, 2014 at 06:26:24AM +, Vaghasiya, Nimesh wrote: [ It is rude to ask user questions on the dev list (moved to Bcc). ] We are in process of disabling SSLv3 and SSLv2 protocols from all of our FreeBSD based

Re: Query regarding SSLv23 methods

On Fri, Nov 14, 2014 at 06:26:24AM +, Vaghasiya, Nimesh wrote: [ It is rude to ask user questions on the dev list (moved to Bcc). ] We are in process of disabling SSLv3 and SSLv2 protocols from all of our FreeBSD based applications. For SSLv23 methods we are setting SSL_OP_NO_SSLv2,

Query: Disabling SSLv3

Hi, We are upgrading to OpenSSL 0.9.8zc on FreeBSD based OS to mitigate POODLE risk. Could you please answer our following queries, 1. Will 0.9.8zc allow following methods to fallback to SSLv3 ? SSLv23_method(void), SSLv23_server_method(void), SSLv23_client_method(void) 2.

Re: Query: Disabling SSLv3

On Tue, Nov 04, 2014 at 06:54:55AM +, Vaghasiya, Nimesh wrote: We are upgrading to OpenSSL 0.9.8zc on FreeBSD based OS to mitigate POODLE risk. Could you please answer our following queries, 1. Will 0.9.8zc allow following methods to fallback to SSLv3 ? SSLv23_method(void),

Fwd: Query Regarding defining MTU for DTLS Packet

Hi All, I am Trying to limit the packet size for DTLS messages. By using ssl_set_mtu() I am able to define max size for particular record. But in the above Handshake OPENSSL combines multiple records and sends out in a single UDP Packet.Is there a way we can configure OPENSSL such that it

RE: Query Regarding defining MTU for DTLS Packet

. From: owner-openssl-...@openssl.org [owner-openssl-...@openssl.org] on behalf of T@Run..! Polisetty [tarunpolise...@gmail.com] Sent: Friday, October 31, 2014 13:01 To: openssl-dev@openssl.org Subject: Fwd: Query Regarding defining MTU for DTLS Packet Hi All, I am Trying to limit

Re: Query Regarding defining MTU for DTLS Packet

[tarunpolise...@gmail.com] *Sent:* Friday, October 31, 2014 13:01 *To:* openssl-dev@openssl.org *Subject:* Fwd: Query Regarding defining MTU for DTLS Packet Hi All, I am Trying to limit the packet size for DTLS messages. By using ssl_set_mtu() I am able to define max size for particular

[openssl.org #2773] Openssl Query

Don't knwo why the API isn't working. An apache integration issue. Can't reproduce this. Closing ticket. -- Rich Salz, OpenSSL dev team; rs...@openssl.org __ OpenSSL Project http://www.openssl.org

[openssl.org #3498] RE: AW: Platform query

, Cambridge MA IM: rs...@jabber.me Twitter: RichSalz -Original Message- From: owner-openssl-...@openssl.org [mailto:owner-openssl- d...@openssl.org] On Behalf Of Pierre DELAAGE Sent: Thursday, August 21, 2014 6:05 AM To: openssl-dev@openssl.org Subject: Re: AW: Platform query Dear All

Re: AW: Platform query

Dear All, At least for WCE, I can say that with this patch: https://www.mail-archive.com/openssl-dev@openssl.org/msg35958.html which is W32 compatible and NOT WCE specific, and consists of only one typedef (which is highly clarifying the code ALSO for win32) and one CAST error (cast error that

Re: Platform query

On Wed, Aug 20, 2014 at 10:12 AM, Salz, Rich rs...@akamai.com wrote: Minor clarification is appropriate. MSDOS is supported in single stance, namely DJGPP, which is 32-bit environment. Good point. So the idea is that MSDOS gets turned into DJGPP. BEOS and OS/2 are removed in HEAD (i.e.,

RE: AW: Platform query

, Cambridge MA IM: rs...@jabber.me Twitter: RichSalz -Original Message- From: owner-openssl-...@openssl.org [mailto:owner-openssl- d...@openssl.org] On Behalf Of Pierre DELAAGE Sent: Thursday, August 21, 2014 6:05 AM To: openssl-dev@openssl.org Subject: Re: AW: Platform query Dear All

AW: Platform query

Hi, There are 70 files that have OS2 in them, for a total of 130 instances. Strange. Here, I obtain: grep -r OS2 * | wc -l 52 grep -r OS2 * | sed s/\([^:]*\)\:.*/\1/ | uniq | wc -l 22 i.e. 22 files with a total of 52 instances. Did I miss something, or did you happen to count the

RE: Platform query

Did I miss something, or did you happen to count the includes of e_os2.h which is not OS/2 specific at all? Or both? No, I made the stupid mistake. The current version of eComStation, 2.1, was released only a year after version 2.0, in May 2011. We were not aware of eComStation. Thanks.

Re: AW: Platform query

Hi all, I just wanted to state the fact, that we maintain openssl for os/2 also on a seperate svn, as we did include some fixes which are not in the openssl trunk. We would like to have them in the trunk, but we always thought no one could even look at them. And of course removing all os/2

Re: Platform query

Does anyone want to speak up for the requirement that we continue to support BEOS (apparently B/1 and R5?), OS/2, or pre-Windows MSDOS? Minor clarification is appropriate. MSDOS is supported in single stance, namely DJGPP, which is 32-bit environment. 16-bit code was never supported by OpenSSL,

RE: Platform query

Minor clarification is appropriate. MSDOS is supported in single stance, namely DJGPP, which is 32-bit environment. Good point. So the idea is that MSDOS gets turned into DJGPP. BEOS and OS/2 are removed in HEAD (i.e., after 1.0.2), and Microsoft means WINDOWS of various flavors. If this is

RE: Platform query

I'm not sure what WINDOWS means. And I'm not sure MSFT knows either :) Less flippantly, the goal is that OPENSSL_SYS_WINDOWS means any Windows platform, and then there are subtypes within that. We'll figure it out as we go along. It's gonna take a while to clean up the #ifdef world without

AW: Platform query

Does anyone want to speak up for the requirement that we continue to support BEOS (apparently B/1 and R5?), OS/2, or pre-Windows MSDOS? Which timeframe do we look at? E.g. if 1.0.2 is released this year and it's successor where OS/2 support is removed maybe 2-3 years later (say beginning

RE: Platform query

Thanks for the feedback! There are 70 files that have OS2 in them, for a total of 130 instances. That's rather a lot for a platform that hasn't had an update in five years. This is my personal opinion, as a team member. We will release 1.0.2 this year. At that time we will announce end of

Platform query

Does anyone want to speak up for the requirement that we continue to support BEOS (apparently B/1 and R5?), OS/2, or pre-Windows MSDOS? Unless there is strong interest and commitment, we will drop these after 1.0.2 /r$ -- Principal Security Engineer Akamai Technologies,

[openssl.org #3132] Query related to d2i_X509 and X509_free

Not a bug report, should be in openssl-users. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project

Query reg multiple CA-Cert in list with same subject

Hi, I have a query for Ca-Cert list. If at gateway we have configured two CA-certs A1 and A2 both having same subject and content except time-stamp of generation. If peer sends Cert matching to A2, gateway tries to validate it with A1(subject being same and configured first in list

Query reg multiple CA-Cert in list with same subject

Hi, I have a query for Ca-Cert list. If at gateway we have configured two CA-certs A1 and A2 both having same subject and content except time-stamp of generation. If peer sends Cert matching to A2, gateway tries to validate it with A1(subject being same and configured first in list

Re: OpenSSL obsolescence query

. Your assistance with this matter is most appreciated. Regards, Richard Richard, this query would be more appropriate for the openssl-users list. PDFtk: no idea, that is product quite separate and distinct from OpenSSL. I didn't know it had any support for FIPS 140-2. OpenSSL FIPS 1.2

OpenSSL obsolescence query

Hi, I am an ILS Engineer working for CGI IT UK Limited. At the present time I am looking at software obsolescence issues that relate to the CGI project I am working on. On this project we use OpenSSL FIPS 1.2 and FIPS 1.2.4. In order to support our process of monitoring software obsolescence I

Re: OpenSSL support query

in a text friendly format. Also, the openssl-users list would be more appropriate for this kind of query. -Steve M. -- Steve Marquess OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877 673 6775 s/b +1 301 874 2571 direct marqu...@opensslfoundation.com

Query on non blocking sockets

Hello Team, In our application we open non blocking socket for read and write operation and pass the fd to openssl through BOI API's like this bio = BIO_new(BIO_s_socket()); BIO_set_fd(bio, socket_fd, BIO_NOCLOSE); And we update this bio to SSL using SSL_set_bio() function. My query is do we

OpenSSL ECCN query

On the CGI IT UK Limited project I am currently working on, we are looking to export OpenSSL as part of the overall software deliverable. As part of this process, we need to know whether OpenSSL is of United States origin, and if so what the ECCN number is, and does an ENC licence also apply?

Re: OpenSSL ECCN query

On 12/09/2013 07:35 AM, Trebilcock, Richard wrote: On the CGI IT UK Limited project I am currently working on, we are looking to export OpenSSL as part of the overall software deliverable. As part of this process, we need to know whether OpenSSL is of United States origin, and if so what the

Re: OpenSSL ECCN query

rg" openssl-dev@openssl.org Sent: Monday, December 9, 2013 6:35 AM Subject: OpenSSL ECCN query On the CGI IT UK Limited project I am currently working on, we are looking to export OpenSSL as part of the overall software deliverable. As part of this process, we need to know whether OpenSSL

[openssl.org #3132] Query related to d2i_X509 and X509_free

Hi, We are using openssl-1.0.0e. I am facing a memory leak of 98 bytes when I use d2i_X509() function. This memory leak is seen even if d2i_X509() return NULL. I couldn't find the source code for d2i_X509() and X509_free() function. Can you please help me in this. int

Fw: Query on availability the libeay64 dll

Outsourcing - Forwarded by Sridevi Chilumula/HYD/TCS on 06/14/2012 03:20 PM - From: Sridevi Chilumula/HYD/TCS To: openssl-us...@openssl.org Date: 06/14/2012 03:00 PM Subject: Query on availability the libeay64 dll Hi Currently in of the application

[openssl.org #2773] Openssl Query

Hi All, I am using openssl for my project. On top Apache is integrated with openssl library. For  my project I need to get  socket fd  within the openssl library itself. I used SSL_get_fd() retrieve the socket fd. , but it is not returning the socket fd in case of with apache integration. So I

query regarding printing ciphersuite value

Hi All, I am using ssldump to tool to check the ciphersuite used in communication between client and server with different ssl configurations. SSL configuration values are DEFAULT, LOW and HIGH. When I set to DEFAULT and LOW configuration ciphersuites are TLS_RSA_WITH_RC4_128_MD5 and

Re: query regarding printing ciphersuite value

On Fri, Mar 02, 2012, Rama K. Chandra Reddi wrote: Hi All, I am using ssldump to tool to check the ciphersuite used in communication between client and server with different ssl configurations. SSL configuration values are DEFAULT, LOW and HIGH. When I set to DEFAULT and LOW

Query: OpenSSL compatibility with LK-SCTP Transport.

Hi All, I’m a new baby to open source world. Please forgive me, if I posted this query to a wrong mailing list. Here is my query. Currently I have a proprietary application which uses LKSCTP (Open source SCTP implementation) stack. And I’m planning use the “Transport Layer Security” for the SCTP

Re: Query: OpenSSL compatibility with LK-SCTP Transport.

On Aug 1, 2011, at 9:08 AM, sandeep kandula wrote: Hi All, I’m a new baby to open source world. Please forgive me, if I posted this query to a wrong mailing list. ... you posted it already on the ts...@ietf.org. See my answer there... Best regards Michael Here is my query. Currently I

RE: [openssl.org #2524] openssl 1.0.0d bug report/ query

1.0.0d bug report/ query Hi Steve, I'm using curl 7.21.6 to make the request. When I build it with openssl 0.9.8i uppercase hostnames work fine. However, when I build curl with openssl 1.0.0d I get a 400 (bad request) with uppercase hostnames, but only with https requests. Http requests are fine

RE: [openssl.org #2524] openssl 1.0.0d bug report/ query

1.0.0d bug report/ query Hi Steve, I'm using curl 7.21.6 to make the request. When I build it with openssl 0.9.8i uppercase hostnames work fine. However, when I build curl with openssl 1.0.0d I get a 400 (bad request) with uppercase hostnames, but only with https requests. Http requests are fine

RE: [openssl.org #2524] openssl 1.0.0d bug report/ query

Regards, Sam. -Original Message- From: Stephen Henson via RT [mailto:r...@openssl.org] Sent: 24 May 2011 18:29 To: Gardner, Sam Cc: openssl-dev@openssl.org Subject: [openssl.org #2524] openssl 1.0.0d bug report/ query [sam.gard...@echostar.com - Mon May 23 12:29:05 2011]: Hi, I have

RE: [openssl.org #2524] openssl 1.0.0d bug report/ query

Regards, Sam. -Original Message- From: Stephen Henson via RT [mailto:r...@openssl.org] Sent: 24 May 2011 18:29 To: Gardner, Sam Cc: openssl-dev@openssl.org Subject: [openssl.org #2524] openssl 1.0.0d bug report/ query [sam.gard...@echostar.com - Mon May 23 12:29:05 2011]: Hi, I have

[openssl.org #2524] openssl 1.0.0d bug report/ query

[sam.gard...@echostar.com - Mon May 23 12:29:05 2011]: Hi, I have recently upgraded from openssl 0.9.8i to 1.0.0d, and noticed that if the host name is in upper case that I get a 400 (bad request) when doing a https request. This was working in version 0.9.8i. My OS is Linux. Is

SubjectAlternate Name Query

Hi, I am trying to generate a certificate request and was trying to add 'otherName' type in SubjectAlternate name extension. I have below code to add the otherName. add_ext(exts, NID_subject_alt_name, otherName:1.3.6.1.4.1.311.20.2.3;UTF8:rau...@abc.com); Is this a right way to add otherName

Re: SubjectAlternate Name Query

On Wed, Jul 14, 2010, Inganti, Dheeraj wrote: Hi, I am trying to generate a certificate request and was trying to add 'otherName' type in SubjectAlternate name extension. I have below code to add the otherName. add_ext(exts, NID_subject_alt_name,

open ssh query

consistent and more abstract to user. -- View this message in context: http://old.nabble.com/open-ssh-query-tp28620802p28620802.html Sent from the OpenSSL - Dev mailing list archive at Nabble.com. __ OpenSSL Project

openssl 0.9.8L query

hiii i m a new user of openssl.Right now i m using openssl 0.9.8L and working on windows os. i can not able to use the .lib files in it.plzz help me in it :(... thanks __ OpenSSL Project

Query Regarding building wpa_suplicant wit OpenSSL support.

Hi Team, I want to have OpenSSL support in wpa_suplicant in order to get the support for the functionality needed for EAP-FAST in wpa_suplicant. For this I have downloaded the openssl-0.9.8d.tar.tar file and I have openssl-0.9.8d-tls-extensions.patch file with me. But I am not sure what

Re: Query Regarding building wpa_suplicant wit OpenSSL support.

Hi Gaurav, Gaurav Halwasia -X (ghalwasi - at Cisco) schrieb: I want to have OpenSSL support in wpa_suplicant in order to get the support for the functionality needed for EAP-FAST in wpa_suplicant. For this I have downloaded the openssl-0.9.8d.tar.tar file and I have

Re: Query on OCSP

I hope this works. Thanks, Sandeep On Wed, Jun 10, 2009 at 4:19 AM, Ashish Agrawal meetash...@gmail.comwrote: Hi, I ve a query on the OCSP request command: openssl ocsp -issuer issuer.pem -cert c1.pem -url http://ocsp.myhost.com/ -cafile ca.pem -resp_text -respout resp.der I

Re: Query on OCSP

resp.der I hope this works. Thanks, Sandeep On Wed, Jun 10, 2009 at 4:19 AM, Ashish Agrawal meetash...@gmail.comwrote: Hi, I ve a query on the OCSP request command: openssl ocsp -issuer issuer.pem -cert c1.pem -url http://ocsp.myhost.com/ -cafile ca.pem -resp_text -respout

Query on OCSP

Hi, I ve a query on the OCSP request command: openssl ocsp -issuer issuer.pem -cert c1.pem -url http://ocsp.myhost.com/ -cafile ca.pem -resp_text -respout resp.der I have a scenario where i have a three certificate chain. Root Cert - Intermediate Cert -- End Cert so here i am

[openssl.org #1844] Query regaring the Pre-Shared Key Ciphersuites Patch for OpenSSL

Hi, I need an openssl server setup with PSK support for my experimentation. I tried installing the openssl patch published in following forum and could not get it working. http://rt.openssl.org/Ticket/Display.html?id=1191user=guestpass=guest # I tried downloading the latest version and

Re: A query on TLS Server Name Indicator extension support

On Wed, Dec 24, 2008, Barnhill, William CTR USAF AFMC AFRL/RIGC wrote: Something that's recently come up on another list is support in OpenSSL for the Server Name Indicator (SNI) TLS extension. I understand that Dr. Henson backported code slated for 0.9.9 into v0.9.8f as an optional

A query on TLS Server Name Indicator extension support

Something that's recently come up on another list is support in OpenSSL for the Server Name Indicator (SNI) TLS extension. I understand that Dr. Henson backported code slated for 0.9.9 into v0.9.8f as an optional feature not enabled by default. I tried finding documentation on support for SNI

Query on the BIO objects and the SSL_read function

Hi all, I am new to the OpenSSL environment. I would like to know from the experts here about the BIO_read and BIO_write and the SSL_read and SSL_write. After a BIO object is created and associated with the i/o, only BIO_read and BIO_write may be used. However why is that the SSL_read and

query

Hi, Can any one tell me 1) when I call SSL_write() in application then which layer/code actually does encryption of data? As per my understanding, SSL_write() calls write callback of SSL object. 2) If I've to add crypto accelerator support in openssl for linux then which is better approach

Re: query

2) If I've to add crypto accelerator support in openssl for linux then which is better approach a) I directly write an engine b) I use engine written for OCF and I just write my module for OCF in kernel From my limited experience with OCF I remember a _significant_ performance

Please help: very urgent: Query on patented algorithms

Dear Developers, I have openssl dlls(i.e.libeay32.dll, ssleay32.dll). I need to know if these libraries are using any of the patented algorithms like IDEA, RC4, RC5,MDC2 etc.Dependency walker helped me but I want to know if there is any other way. Is there any binary distribution where I can

Re: Please help: very urgent: Query on patented algorithms

On Wed, Jun 18, 2008 at 01:44:42PM +0530, bagavathy raj wrote: I have openssl dlls(i.e.libeay32.dll, ssleay32.dll). I need to know if these libraries are using any of the patented algorithms like IDEA, RC4, RC5,MDC2 etc.Dependency walker helped me but I want to know if there is any other

Re: Please help: very urgent: Query on patented algorithms

Date: 18/06/2008 20:29 Subject:Re: Please help: very urgent: Query on patented algorithms

Query with digital signatures

Hi All, I am facing a problem: I have generated the public Private keys using the following commands at the server: openssl genrsa -out private.pem 1024 openssl rsa -in private.pem -out public.pem -outform PEM -pubout After this I am finding hash of my document using openssl md5

Re: Query with digital signatures

Hi Just make sure two things:- 1. to (buffer that hastohold the message digest),must point to a memory section large enough to hold the message digest (which is smaller than RSA_size(rsa) - 11) 2. padding is the padding mode that was used to sign the data Regards, Bhupendra K Joshitarun

Re: Query with digital signatures

Hi, ---The buffer to hold the message digest is quiet big. ---No padding was used, by default it takes RSA_PKCS1_PADDING Can you please provide any inputs or the code that does the same. Regards Tarun --- Bhupendra K Joshi [EMAIL PROTECTED] wrote: Hi Just make sure two things:- 1. to

Re: Query with digital signatures

Hi, I am using the following code: unsigned char p_key[300];//contains public key unsigned char sig_data[300];//contains digital sign unsigned char dst_data[300];//will contain digest after decryption if (BIO* bio = BIO_new_mem_buf(p_key, sizeof(p_key))) { RSA* rsa_key = 0;

query: Private Key generation using OpenSSL

Hi I am implementing HMAC algorithm in which i need a private key in a unsigned char* format the size of key required is between 20-64 bytes can any one help me in this regard with thanks Rafeeq __ OpenSSL Project

RE: query: Private Key generation using OpenSSL

Any random data that is shared with the recipient will do as a key for HMAC Dave __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org

Re: query: Private Key generation using OpenSSL

Thanks for ur respose But I still not satisfied I want the key as per RFC 2104 , http://www.faqs.org/rfcs/rfc2104.html which suggest the key to be between 20 to 64 bytes. Dave , is there any OpenSSL command which i can use to generate the key directly or indirectly into char form

Re: query: Private Key generation using OpenSSL

the key directly or indirectly into char form RAND_bytes(). Please move this to openssl-users, its not an openssl-dev query. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage

query

hi, I am trying to install the openssl library on Itanium -64 which is running on HP-UX operating system which uses 64-bit cc compiler . The installation quits with error-code 1 after it does making all in apps Could you please help me out. Thanks

FW: v0.9.6 Query on PKCS7 decoding

Query on PKCS7 decoding OpenSSL v0.9.6 Platform/Config: na? filename: crypto/pkcs7/pk7_doit.c line 226 I'm trying to abuse openssl and get it to verify the CMS output of my timestamp authority. The input is SignedData and the only thing different is that the ContentInfo is not id_data. I'm trying

Re: ASN1 query...

So with that in mind, is there a good reason to try and have this functionality (but working this time!) in the new ASN1 code or should any existing structure be freed and a new one freshly allocate? Are refcounts on the ASN1 objects or higher-level? How do you handle overwrite if the

Re: ASN1 query...

Rich Salz wrote: So with that in mind, is there a good reason to try and have this functionality (but working this time!) in the new ASN1 code or should any existing structure be freed and a new one freshly allocate? Are refcounts on the ASN1 objects or higher-level? How do you

Re: ASN1 query...

Dr S N Henson wrote: Now since I've never heard a report of this problem I can only assume hardly anyone uses this parameter. Fixing the existing code is a very painful task and the only advice that can be given is don't use that parameter! There's another case I've just realised that

ASN1 query...

Does anyone reuse the (type **) parameter to the ASN1 functions and friends (such as PEM)? As many of you may know I'm currently revising the OpenSSL code and I'm seeing what features are used and which should be dumped or fixed. The parameter is one case where there is a feature which is

Query

Hi guru I am veru new to this field. I tried to run the demo/ssl/client and server program by creating the certificate using req command. Where cipher selection happens?? If I want to use DH for public key, BlowFish for symmetric key and MD5 for authentication then wher should I specify in my

Query

hi Guru's I am very new to this development. So please forgive me for my some basic questions. 1-How to compile debug version of SSL on win32? 2-How to test the SSL functioanity? 3-To understand the flow, what's the best way ?? I tried to execute client.c and server.c in debugger but it got stuck

OpenSsl: Bug report Test query?

Dear all, This report is just for fun because the original idea was to integrate iksd (Internet Kermit Service Daemon) but it seams that US laws does not allow us to transmit the header (just a header?) making the bridge between Kermit and OpenSsl libraries. Here is a bug report: the rebuild of