Thanks Steve! Unfortunately your hint couldn't help me. I know that in TLS 1.2
the hash and signature algorithms can be chosen during the handshake. I chose
to use Sha256 with RSA for the signature, and therefore adding the
corresponding algorithm ids in front of the signature. In Wireshark my
GOST is not a block cipher, it's the acronym for GOsudarstvennyi
STandard, which means State Standard. It's not dedicated to cryptography.
Speaking of GOST standard is redundant, but clearer for non russian
locutors.
There's a block cipher (poorly) defined as a GOST standard, referenced
Hi Jeff
There are two GOST algorithms.
GOST
28147-89 is for symmetric block cyphering and GOST R 34.10-2001 for asymmetric
cyphering and digital signing.
OpenSSL support both algorithms.
I mean GOST
R 34.10-2001 here.
Best Regards
We saw this earlier with another build product.
I think the 'ar' program in some of these build environments (oh all
right IDEs) is just adding entries to an existing libcrypto.a. I suspect
that the build environment extracts 'libcrypto.a' plus some other
binaries out of some source control
On Mon, Jul 30, 2012 at 12:17 AM, Saurabh Pandya
er.saurabhpan...@gmail.com wrote:
You need to Add Root CA of your client certificate to BOTH, Chrome
anf Firefox
Saurabh, thanks.
The strange thing is, both browsers do have the Root CA.
I am still trying to fiddle with details of the CSR and
On Mon, Jul 30, 2012, Albers, Thorsten wrote:
Thanks Steve! Unfortunately your hint couldn't help me. I know that in TLS
1.2 the hash and signature algorithms can be chosen during the handshake. I
chose to use Sha256 with RSA for the signature, and therefore adding the
corresponding algorithm
On Fri, Jul 27, 2012 at 08:05:58AM -0700, Sanford Staab wrote:
It really looks to me like the openssl documentation needs improvement as
well as a better tool besides CA.pl to help people use openssl in common
scenarios. I suspect there is a strong demand for creative private CA
support
On Mon, Jul 30, 2012 at 5:15 AM, Erwann Abalea
erwann.aba...@keynectis.com wrote:
GOST is not a block cipher, it's the acronym for GOsudarstvennyi STandard,
which means State Standard. It's not dedicated to cryptography.
My apologies. I thought you were referring to the GOST block cipher.
(I've
Look at this example:
$openssl x509 -subject -nameopt oneline,-esc_msb,utf8 -noout -in 13/13_cert.pem
... CN = 13#ტესტერიN13
$openssl x509 -subject -noout -in 13/13_cert.pem
...
CN=13#\xE1\x83\xA2\xE1\x83\x94\xE1\x83\xA1\xE1\x83\xA2\xE1\x83\x94\xE1\x83\xA0\xE1\x83\x98N13
This certificate was
On Sun, Jul 29, 2012, Dave Thompson wrote:
Note that X.509 certs (and ASN.1 generally) don't actually support
UTF8. They support several 1-byte codes (some now obsolete), BMPString
which is 2-byte UCS-2, and UniversalString which is 4-byte UCS-4.
I believe OpenSSL selects the smallest of
I am trying to set it up with PayPal to accept credit cards with a shopping
cart on my website. I had gotten another response that all I needed to send
them was the certificate.
Thanks for your help!
Rita S.
-Original Message-
From: owner-openssl-us...@openssl.org
From: owner-openssl-us...@openssl.org On Behalf Of Pica Pica Contact
Sent: Monday, 30 July, 2012 13:47
Look at this example: snip
This certificate was signed by openssl ca without changing subject,
and openssl req did not use BMPString and UCS-2 in this
case. CN string contains Georgian
From: owner-openssl-us...@openssl.org On Behalf Of Albers, Thorsten
Sent: Monday, 30 July, 2012 03:43
snip
I also debugged the openssl-server when receiving the message
above. The server recognized the correct hash and signature
algorithms, but while following the functions to the point
Fiddler.
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Santosh N Dumbre
Sent: Monday, July 30, 2012 12:14 AM
To: openssl-users@openssl.org
Subject: code/function for Round Trip Time
H i,
Is there any function available in Open SSL library
14 matches
Mail list logo