Hello everyone.
I'm using .NET to encrypt a file using DES. I'm using this:
DESCryptoServiceProvider, CryptoTransform and CryptoStream
Anyone knows how to use OpenSSL to decrypt the file?
Thanks in advance.
Best Regards.
Bruce Stephens wrote:
Bruce Stephens bruce.steph...@isode.com writes:
Dr. Stephen Henson st...@openssl.org writes:
[...]
Is that unmodified OpenSSL 0.9.8o? If so that's peculiar I get the expected
error here.
No, it's Debian's 0.9.8o-2.
Ah, my fault. Obvious in retrospect: Debian's
On Tue, Nov 09, 2010 at 01:45:15PM +, Bruce Stephens wrote:
Michael Str??der mich...@stroeder.com writes:
Bruce Stephens wrote:
[...]
Ah, my fault. Obvious in retrospect: Debian's openssl finds the root
cert because it's in the ca-certificates package!
Did you use -CAfile
Michael Ströder mich...@stroeder.com writes:
Bruce Stephens wrote:
[...]
Ah, my fault. Obvious in retrospect: Debian's openssl finds the root
cert because it's in the ca-certificates package!
Did you use -CAfile as in my original posting when testing?
I did.
Doesn't -CAfile set
Hi there,
I received an SMIME certificate and want to know the correct
filename to use in the command openssl smime -verify -CAfile
filename...
In my particular example,
openssl x509 -in smime.pem -issuer_hash -noout
results in 9ec3a561. However, if I use that certificate (available
as
Hi All,
We are required to upgrade the sizes of private/public key pairs to 3072
bits from 1024 bits.
We have two main data structures, X509Stack and PKCS7. We fill these two
structures at the initialization by reading the PEM files on disk.
During the upgrade process, I pick the X509stack and
Dear All,
I have a certificate with a .rsa extension. On googling I found that this is
a pkcs7 format using MD5 with RSA.
Now my question is, is there a way to convert it to openssl specifics and
handle??
I want to read it in say PEM..
thanks
On Tue, Nov 09, 2010, Jens Lechtenboerger wrote:
Hi there,
I received an SMIME certificate and want to know the correct
filename to use in the command openssl smime -verify -CAfile
filename...
The hash based filename doesn't apply to the -CAfile option: you can name the
file anything you
On Tue, Nov 09, 2010 at 11:42:14AM -0500, josh kirbey wrote:
Hi All,
We are required to upgrade the sizes of private/public key pairs to 3072
bits from 1024 bits.
Welcome to bureaucratic insanity. There is no rational basis for
this requirement. Even 2048 bits is excessively conservative
Thanks Viktor for your quick response. Even I am contesting the unnecessary
usage of 3072 bit sized key.
Surprisingly, in the given scenario, if I write this line of code before
modifying the certificate it works like a charm.
pkcs7 = PKCS7_dup(pkcs7);
Below is the flow of APIs
1) pkcs7 =
On Tue, Nov 09, 2010 at 01:31:40PM -0500, josh kirbey wrote:
Thanks Viktor for your quick response. Even I am contesting the unnecessary
usage of 3072 bit sized key.
Surprisingly, in the given scenario, if I write this line of code before
modifying the certificate it works like a charm.
On 2010-11-09, Dr. Stephen Henson wrote:
On Tue, Nov 09, 2010, Jens Lechtenboerger wrote:
Hi there,
I received an SMIME certificate and want to know the correct
filename to use in the command openssl smime -verify -CAfile
filename...
The hash based filename doesn't apply to the
Has anyone seen .deb packages for openssl 1.0.0?
I took a quick stab at converting the 0.9.8 debian files, but I ran into a lot
of problems and it takes a long time to debug.
--
Chris Bare
ch...@bareflix.com
__
OpenSSL Project
Hi,
using the openssl tool, we generated an Elliptic Curve key pair
and put it into a pkcs8 file:
0 48: SEQUENCE {
32: INTEGER 0
6 48: SEQUENCE {
86: OBJECT IDENTIFIER ecPublicKey (1 2 840 10045 2 1)
176: OBJECT IDENTIFIER '1 2 840 10045 3 1 7'
On Tue, Nov 09, 2010 at 09:34:42PM +0100, Stef Hoeben wrote:
Hi,
using the openssl tool, we generated an Elliptic Curve key pair
and put it into a pkcs8 file:
0 48: SEQUENCE {
32: INTEGER 0
6 48: SEQUENCE {
86: OBJECT IDENTIFIER ecPublicKey (1 2 840
Hi,
I have the following in my /etc/ssl/openssl.cnf file:
openssl_conf= openssl_def
[openssl_def]
engines = engine_section
[engine_section]
pkcs11 = pkcs11_section
[pkcs11_section]
engine_id = pkcs11
SO_PATH = /usr/local/lib/engines/engine_pkcs11.so
MODULE_PATH =
Here is an example of what happens if I run it from the command line
interface:
openssl
OpenSSL engine dynamic -pre
SO_PATH:/usr/local/lib/engines/engine_pkcs11.so -pre ID:pkcs11 -pre
LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib64/opensc-pkcs11.so
(dynamic) Dynamic engine loading support
Ok I am getting closer.
I can get the engine to load now with this (better) config file
openssl_conf = openssl_def
[openssl_def]
engines = engine_section
[engine_section]
pkcs11 = pkcs11_section
[pkcs11_section]
engine_id = pkcs11
dynamic_path = /usr/local/lib/engines/engine_pkcs11.so
OK, I guess this is the only way to go then. Thanks for the help!
Regards,
Martin
2010/11/9 David Schwartz dav...@webmaster.com:
On 11/6/2010 7:44 AM, Martin Boßlet wrote:
I just tested, whether the BER-encoding is preserved if I do not alter
any of the contents. Unfortunately, it seems as
19 matches
Mail list logo
