[openssl-users] OpenSSL - unable to get certificate CRL

Hi, I hope you can help me to understand why OpenSSL doesn't act as expected when I try to verify a certificate chain. On my server the certificate files are stored in the following directory structure: /usr/local/ssl/certs -> certificate files /crl -> CRL files

Re: [openssl-users] Porting to OpenSSL 1.1

On Tue, Oct 11, 2016, Bernhard Rosenkraenzer wrote: > > > Also from Qt 5.7: > rsa = RSA_new(); > memcpy(rsa, EVP_PKEY_get1_RSA(pkey), sizeof(RSA)); > [breaks because sizeof(RSA) is no longer known] > for EC, there's EC_KEY_dup -- for RSA and DSA, not so much. > That wouldn't work because the

Re: [openssl-users] Building an application with OpenSSL and FIPS support.

On Mon, Oct 10, 2016, Matthew Heimlich wrote: > $openssl version > > returns: > > OpenSSL 1.0.2j-fips > > My FIPS module version is openssl-fips-2.0.13 > > $OPENSSL_FIPS=1 openssl md5 /dev/null > > returns: > > Error setting digest md5 > 140066569107136:error:060A80A3:digital envelope >

Re: [openssl-users] socket change with SSL_set_fd

> Sorry for bumping/reposting, but does have anyone experience with > changing SSL object's socket on the background? Is the new socket connected to the exact same process, library, and state on the other side? Then it will probably work (but why) If you're talking about moving the TLS

[openssl-users] Questions on internal-buffers being used

Hi All. a) In the call, int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2); are internal-buffers malloc'ed for each of "bio1" and "bio2"? If yes, is there a way to pass buffers from the application-layer? I ask this, because not all systems

Re: [openssl-users] Questions on internal-buffers being used

On 10/11/2016 02:06 PM, Ajay Garg wrote: > Hi All. > > > a) > In the call, > int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t > writebuf2); are internal-buffers malloc'ed for each of "bio1" and "bio2"? > If yes, is there a way to pass buffers from the application-layer? I >

[openssl-users] Is there any tool for verification of cryptography?

Hi All, I'd like to verify all of cryptographic algorithms on OpenSSL. But I could not get any way like tool. Do you have any tools for this? BR, KH.Lee. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] socket change with SSL_set_fd

Sorry for bumping/reposting, but does have anyone experience with changing SSL object's socket on the background? I would appreciate any feedback. Thanks, Ales On 7.10.2016 11:05, Ales Stibal wrote: Hi folks, I have a small, but important question which affects my project design. May I

Re: [openssl-users] socket change with SSL_set_fd

> On Oct 11, 2016, at 1:56 AM, Ales Stibal wrote: > > Sorry for bumping/reposting, but does have anyone experience with changing > SSL object's socket on the background? > I would appreciate any feedback. If it is not documented to work, then you can't rely on it working, even

Re: [openssl-users] Porting to OpenSSL 1.1

Hi Bero, Just based on the questions it sounds like you might be trying to port Qt. I've already done this, and the branch is here: https://github.com/richmoore/qtbase/commits/openssl11 It'll be added as a new backend once the configure changes that are underway are completed. See