Hi Dimitry,
thanks, yes, that's why I'm doing inside the engine as well.
The question was regarding the library that my engine links against that in
turn uses libcrypto again.
That linked library uses the EVP methods with the "default"-engine, which is
however set from the surrounding
Hello Andreas,
I used smth like
===
RSA_METHOD my_rsa_method = {
"My RSA method",
0, /* pub_enc */
0, /* pub_dec */
0, /* priv_enc */
my_priv_dec, /* priv_dec */
0, /*
Currently Ubuntu 18.04 ships with OpenSSL 1.1.0 (
https://packages.ubuntu.com/bionic/openssl) and official Ubuntu packages
depending on OpenSSL link against this version.
1.1.0 will be EOL in September, and after that the decision on which level
of support to provide depends on the Ubuntu project
On 3/19/19 4:38 AM, ramakrushna mishra wrote:
> Hi All,
>
> Thanks for all your response.
> I have tried to set LD_LIBRARY_PATH to the lib path of newly installed
> openssl and still "./openssl version" fails with the same reason.
>
right out of the ld man page we see the option -R passed to
Hello,
I have successfully build OpenSSL 1.1.1b (only libraries, no app) for
WINCE700-ARMV4I, though I don't do any tests. Here is what I did. I hope
original sources will be changed so as there is no need to change.
1. Modify wcecompat.
Add an alias, "_access" for access() in wcecompat io.h as
Hi,
Currently am working with curl 7.58 and openssl 1.0.2 in ubuntu 18.04.
As openssl 1.0.2 support will end this year, I want to upgrade my openssl to
1.1.1 branch.
Right now my code uses curl library with libcurl4 and gnuTLS as SSL backend. Am
using many curl options such as
I know how to add simple extension (oid + str), for example
```
nid = OBJ_create("1.2.3.4", "shortname", "long name");
ASN1_OCTET_STRING_set(os, "ext value", 9);
ex = X509_EXTENSION_create_by_NID( NULL, nid, 0, os );
sk_X509_EXTENSION_push(exts, ex);
```
I want to learn how I can add extension
Hello !
Thanks a lot for sharing this! I will try to compile it with our SDK and let
you know if I get any testing results.
Greetings,
Maxime TORRELLI
Embedded Software Engineer
Conduent
Conduent Business Solutions (France)
1 rue Claude Chappe – BP 345
07503 Guilherand Granges Cedex
De :
On 19 Mar 2019, at 03:22, Viktor Dukhovni wrote:
>> On Mar 18, 2019, at 8:22 PM, Graham Leggett wrote:
>>
>> How would I decode the X509_REQ_INFO structure on the other side, turning it
>> back into X509_REQ?
>
> The function returns the DER form of the CRI, which can then be signed.
> You
On 18/03/2019 23:05, Zeev Tarantov wrote:
> Since openssl verion 1.1.0, code for TLS server can use
> `SSL_CTX_set_dh_auto(ctx, 1);` to let openssl handle choice of DH group which
> will be used to generate ephemeral keys if a DHE cipher suite is negotiated.
>
> TLS 1.3 limits DHE parameters
On 19/03/2019 07:08, 田中創樹 wrote:
> Hello,
>
> I have successfully build OpenSSL 1.1.1b (only libraries, no app) for
> WINCE700-ARMV4I, though I don't do any tests. Here is what I did. I hope
> original sources will be changed so as there is no need to change.
It would be good if you created a
Thanks Matt, the command you listed did succeed. I was hoping to be able to
change our code so that we could connect to any server we were able to connect
to before, but if this is truly a server-side bug, there's only so much we can
do on the client side.
If our customers see this change in
On 19/03/2019 15:15, Perrow, Graeme wrote:
> Thanks Matt, the command you listed did succeed. I was hoping to be able to
> change our code so that we could connect to any server we were able to
> connect to before, but if this is truly a server-side bug, there's only so
> much we can do on the
On Tuesday, 19 March 2019 14:40:19 CET Perrow, Graeme wrote:
> I have an LDAP server that accepts TLS connections, and I can make a
> connection to it using "openssl s_client -showcerts -host :
> -debug". The output shows this is a TLSv1.2 connection using
> ECDHE-RSA-AES128-SHA. This is using
I have an LDAP server that accepts TLS connections, and I can make a connection
to it using "openssl s_client -showcerts -host : -debug". The
output shows this is a TLSv1.2 connection using ECDHE-RSA-AES128-SHA. This is
using OpenSSL version 1.0.2j.
If I run exactly the same command using the
On 19/03/2019 13:40, Perrow, Graeme wrote:
> TLS: error: accept - force handshake failure: errno 11 - moznss error -12162
>
> TLS: can't accept: TLS error -12162:Unsupported hash algorithm used by TLS
> peer..
Just to confirm - you've not configured client authentication?
Assuming not, the
On Tue, Mar 19, 2019 at 02:04:14PM +0200, Graham Leggett wrote:
> > Why do you need to do the encode and decode? What's wrong with the original
> > request object?
>
> The code is a modular ca, and different modules communicate with each other
> generically using the standard DER encoded
Following scenario:
I have an engine that implements e.g. RSA decryption.
That engine links against a library that links against libcrypto to perform RSA
decryption.
Now if I have an application that sets the default library to be my engine,
won't I end up in an infinite loop ?
Or the other
18 matches
Mail list logo
