Hello,
My application uses openssl 1.0.0, and it uses X509_check_ca() to find
out if an X509 certificate is a CA certificate, or an End-entity (EE)
certificate.
The below are the possible return codes.
/* return codes of X509_check_ca():
* 0 not a CA
* 1 is a CA
Hi All,
I am planning to upgrade my openssl from old version to openssl-0_9_8za.
But from website I came to know that this release is not FIPS complaint.
Please let me know when openssl-0.9.8zb will release. or is there any patch
to avoid this issue in za version.
Thanks,
Gayathri
If you don't know or care what FIPS 140-2 is then count yourself lucky
and skip this message.
For those who do, and masochists, brace yourselves and read on.
Back in January we submitted a formal request to the FIPS 140-2
cryptographic module validation bureaucracy to remove Dual EC DRBG from
On Jul 7, 2014, at 5:40 AM, Sanjaya Joshi joshi.sanj...@gmail.com wrote:
Hello,
My application uses openssl 1.0.0, and it uses X509_check_ca() to find out
if an X509 certificate is a CA certificate, or an End-entity (EE) certificate.
The below are the possible return codes.
From: owner-openssl-us...@openssl.org On Behalf Of Barbe, Charles
Sent: Sunday, July 06, 2014 22:42
I have the following certificates and associated private keys:
A - certificate A generated with one version of my software not using
openssl
B - certificate B generated with a new version of
On 7/6/2014 7:41 PM, Barbe, Charles wrote:
Does anybody have any suggestions on where to look to figure this out? A tool
to use?
I realize that actually attaching the certa might be helpful but I do not
have them handy as I write this. Please let me know if that might help
somebody help
On 7/7/2014 2:40 AM, Sanjaya Joshi wrote:
Hello,
My application uses openssl 1.0.0, and it uses X509_check_ca() to
find out if an X509 certificate is a CA certificate, or an End-entity
(EE) certificate.
The below are the possible return codes.
/* return codes of X509_check_ca():
You could try examining both PEM-encoded certificates using an ASN.1
decoder, such as the one here - http://lapo.it/asn1js
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Barbe, Charles
Sent: Sunday, July 6, 2014 8:42 PM
To:
Hi all,
I've got a small snippet of code to decode some aes-128-cbc data.
The encrypted data 16 bytes long, decoding to 7 bytes \x02\x00hallo.
Decoding using BIO's, works ok when the input BIO is a file BIO but fails when
the input is a memory buffer BIO. In the latter case the BIO_read from
Try using BIO_new_mem_buf() instead.
https://www.openssl.org/docs/crypto/BIO_s_mem.html
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Ico
Sent: Monday, July 07, 2014 2:17 PM
To: openssl-users
Subject: Decrypting from
On Mon, Jul 07, 2014, Ico wrote:
Hi all,
I've got a small snippet of code to decode some aes-128-cbc data.
The encrypted data 16 bytes long, decoding to 7 bytes \x02\x00hallo.
Decoding using BIO's, works ok when the input BIO is a file BIO but fails when
the input is a memory buffer
I am positive that I am installing the ca in the correct spot because
connections to server B correctly show the CA cert as the trusted root when I
view the certificate for the connection in the web browser.
To be clear, openssl verify says that both certificates A and B are ok when I
provide
As I said in another note, I will try to send the certs tomorrow. Thanks for
the help!
CHAD
On Jul 7, 2014, at 4:42 PM, Kyle Hamilton aerow...@gmail.com wrote:
On 7/6/2014 7:41 PM, Barbe, Charles wrote:
Does anybody have any suggestions on where to look to figure this out? A
tool to
I will try an ASN.1 decoder tomorrow. Thanks for the suggestion!
One thing I did try today was to have both servers generate their certificates
using the same private key. Theoretically I would expect the two certs to then
be exactly the same to the bit... I am not providing any domain or ip
From: owner-openssl-us...@openssl.org On Behalf Of Barbe, Charles
Sent: Monday, July 07, 2014 21:59
I will try an ASN.1 decoder tomorrow. Thanks for the suggestion!
One thing I did try today was to have both servers generate their
certificates
using the same private key. Theoretically I
On Mon, Jul 7, 2014 at 9:59 PM, Barbe, Charles
charles.ba...@allworx.com wrote:
I will try an ASN.1 decoder tomorrow. Thanks for the suggestion!
One thing I did try today was to have both servers generate their
certificates using the same private key. Theoretically I would expect the two
CHAD
On Jul 7, 2014, at 11:11 PM, Jeffrey Walton noloa...@gmail.com wrote:
On Mon, Jul 7, 2014 at 9:59 PM, Barbe, Charles
charles.ba...@allworx.com wrote:
I will try an ASN.1 decoder tomorrow. Thanks for the suggestion!
One thing I did try today was to have both servers generate their
CHAD
On Jul 7, 2014, at 11:03 PM, Dave Thompson dthomp...@prinpay.com wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Barbe, Charles
Sent: Monday, July 07, 2014 21:59
I will try an ASN.1 decoder tomorrow. Thanks for the suggestion!
One thing I did try today was to have both
On 7/7/2014 8:24 PM, Barbe, Charles wrote:
CHAD
On Jul 7, 2014, at 11:11 PM, Jeffrey Walton noloa...@gmail.com wrote:
On Mon, Jul 7, 2014 at 9:59 PM, Barbe, Charles
charles.ba...@allworx.com wrote:
I will try an ASN.1 decoder tomorrow. Thanks for the suggestion!
One thing I did try
Hi;
I am using encryption to broadcast messages in Linux environment. When using
FIPS_mode_set(1) I get the error message of undefined reference to
FIPS_mode_set'.
How can I fix this error.
Thanks
Kay
20 matches
Mail list logo