I thought the PKCS7 was the way to go thanks.
Yes the command line is confusing as to what the PKCS7 can provide
and thats what was a paradox to me.
Any pointers to PKCS7 example code inserting objects and extracted them
would be appreciated and I do use the men_bio nicely.
--
View this
I took the sign.c example and modified it slightly to use artifacts I have,
but it seems the result just produces a PKCS7 that has a signature?
I want to have the data (PDF or JPG) in there as I need to use it after
validating
that it is trusted.
Basically I have a piece of data and a signature
On 4/25/2013 1:13 PM, redpath wrote:
I took the sign.c example and modified it slightly to use artifacts I have,
but it seems the result just produces a PKCS7 that has a signature?
I want to have the data (PDF or JPG) in there as I need to use it after
validating
that it is trusted.
Basically I
Exactly a non-detached, I see the constant detached and thought thats what it
meant but that road lead nowhere, so if anyone has pointers how to make a
non-detacched or modify below that would be
great.
--
View this message in context:
On Thu, Apr 25, 2013, redpath wrote:
I took the sign.c example and modified it slightly to use artifacts I have,
but it seems the result just produces a PKCS7 that has a signature?
I want to have the data (PDF or JPG) in there as I need to use it after
validating
that it is trusted.
On Thu, Apr 25, 2013, Viktor Dukhovni wrote:
On Wed, Apr 24, 2013 at 10:35:04PM -0400, Dave Thompson wrote:
I am assuming RSA though I would like to do ECDSA.
These APIs will use any privatekey for which a signature
scheme is available; that's RSA DSA ECDSA (or pedantically
EC;
I changed evp_*_ctr to EVPs in cipher.c . Now SSH connection takes place, but
after authentication connection gets closed.
Here is the debug mode log.
[root@PC]# ssh -p 2024 localhost
root@localhost's password:
Write failed: Broken pipe
[root@PC]#
debug1: sshd version OpenSSH_6.1p1
debug1:
Hi Steve,
Thanks for the suggestion. It worked.
*ssh_aes_ctr_iv: no context [preauth]* message was coming because i was
passing EVP type to that function. Now its fine after passing evp.
Thanks,
Cipher
--
View this message in context:
Hi Steve,
Thanks for the suggestion. It worked.
*ssh_aes_ctr_iv: no context [preauth]* message was coming because i was
checking against EVP_aes_128_ctr for the type.
It should be:
Cipher.c:385 if (c-evptype == evp_aes_128_ctr)
ssh_aes_ctr_iv(cc-evp, 0, iv, len);
Thanks,
Hi All,
This is Anil. I have few questions related to AES encryption:
---
1. Does the size of encrypted data depends on the size of the plain
text(considering plain text = block size) ?
Ex:
Hi All,
This is Anil. I have few questions related to AES encryption:
---
1. Does the size of encrypted data depends on the size of the plain
text(considering plain text = block size) ?
Ex:
Hi,
For FIPS work, we are planning to support only TLSv1.2 ciphers. Is there a
configuration option to use *only* TLSv1.2 ciphers?
we are using apache/mod_ssl engine(v 2.2.16). *SSLProtocol* directive does
not support TLSv1.1/TLSv1.2 option.
if there is no config option, which functions need to
Openssl s_server is allowing Session Reuse on the same tcp connection
When a second client hello is sent with session id of first handshake it
is reusing i.e it is doing a session resumption instead it should do
Renegotiation
--
View this message in context:
I looked at the latest smsign.c shown below modified with a large data item.
The result is still a detached and quite small like a signature. The flag
changed
and yet nothing different. It should be quite large. All I see is the API to
soign
p7 = PKCS7_sign(scert, skey, NULL, in, flags);
and
-Original Message-
From: sajualways
Openssl s_server is allowing Session Reuse on the same tcp connection
Yes, of course. Why not? The ssl protocol is taking place on a higher OSI level
than tcp, so it doesn't matter whether it's the same or a different tcp
connection.
When a
Just to update - I found the section in one of the apps that copies the
extensions from the request. I was able to enable the EXT_COPY_ADD and was
able to get my SANS in the cert as well as the request.
On Wed, Apr 24, 2013 at 6:44 PM, Derek Cole derek.c...@gmail.com wrote:
Hello,
I have
Hello,
I am acting as my own cert authority so the index.txt file is constantly
being updated as I generate new certs. However, I have noticed that things
like the DB_file field are never used in the CA program.
Is it safe for me to write some custom code that will take advantage of
that field?
Hi:
First post to the list.
I've been using OpenSSL with avariation of the source code from
http://www.codeproject.com/Articles/98355/SMTP-Client-with-SSL-TLS
And it works fine with all SMTP servers I've tested it but the microsoft
live.com SMTP.
smtp.live.com is for all email addresses from
Thank you!
Hey guys,
I was using the low level aes APIs and now have switched to EVP ones. My
string encryption and decryption always work fine. But when it comes to
files, I am getting malloc errors: malloc: *** error for object : incorrect
checksum for freed object - object was probably modified after
On 25 April 2013 21:42, Taraniteja Vishwanatha taranit...@gmail.com wrote:
Hey guys,
I was using the low level aes APIs and now have switched to EVP ones. My
Good. That is (in most cases) the correct approach.
string encryption and decryption always work fine. But when it comes to
files, I
From: owner-openssl-us...@openssl.org On Behalf Of Taraniteja Vishwanatha
Sent: Thursday, 25 April, 2013 16:43
I was using the low level aes APIs and now have switched to EVP ones.
My string encryption and decryption always work fine. But when it comes
to files, I am getting malloc errors:
From: owner-openssl-us...@openssl.org On Behalf Of aniluvce06
Sent: Thursday, 25 April, 2013 07:31
This is Anil. I have few questions related to AES encryption:
1. Does the size of encrypted data depends on the size of the plain
text(considering plain text = block size) ?
Ex: If
Thank you Matt and Dave.
Matt,
Yes I agree that I should be calling EncryptInit and EncryptFinal only
once. That is one of the mistakes. The reason why I did that was, I am
exposing a encryption API to other functions in the project.
They dont care how encryption is done. They have a buffer (
24 matches
Mail list logo