Query in EVP_PKEY_cmp for a particular value of .crt and .key

Hi all. I have been trying lately to debug a startup issue in APACHE's httpd service; and the last logs I receive in /etc/httpd/logs_error_log is # [error] SSL Library Error:

Re: Query in EVP_PKEY_cmp for a particular value of .crt and .key

). Thanks again. Regards, Ajay On Fri, Mar 23, 2012 at 8:40 PM, marek.marc...@malkom.pl wrote: Hello, owner-openssl-us...@openssl.org wrote on 03/23/2012 03:10:47 PM: Ajay Garg ajaygargn...@gmail.com Sent by: owner-openssl-us...@openssl.org Hi all. I have been trying lately

[openssl-users] SSL Signalling

Hi All. We wish to exhange data over sockets in embedded-environments, and unfortunately can't afford to use the de-facto openssl implementation, which I believe uses dynamic memory allocations/deallocations in its code (we intend to deploy our solution using bare-metal C, in environments where

Re: [openssl-users] SSL Signalling

that are independent of the TLS-Algorithm and Cipher-Suite). I know I sound incredibly clueless, kindly bear with me ... Thanks and Regards, Ajay On Sun, Aug 16, 2015 at 11:08 PM, Viktor Dukhovni openssl-us...@dukhovni.org wrote: On Sun, Aug 16, 2015 at 02:44:54PM +0530, Ajay Garg wrote: We wish to exhange

Re: [openssl-users] Are double-quotes valid characters in certifcates/keys?

Thanks everyone for the quick and generous help !! I am really thankful to everyone's time. Thanks and Regards, Ajay On Tue, Apr 12, 2016 at 7:08 PM, Salz, Rich wrote: > >> Except when you want more people (usually everybody) access to the CRT, >> but few people (usually one

Re: [openssl-users] Are double-quotes valid characters in certifcates/keys?

the question becomes obsolete. Anyhow, I am thanks (and sorry at the same time) for everyone's time. Thanks and Regards, Ajay On Mon, Apr 11, 2016 at 8:56 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > On Mon, Apr 11, 2016 at 10:01:33AM +0530, Ajay Garg wrote: > >

[openssl-users] Are double-quotes valid characters in certifcates/keys?

Hi. Could not find a definitive answer on google, so thought it would be best to ask the experts :) Thanks and Regards, Ajay -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Issues while "configuring before compiling" OpenSSL on Raspberry-Pi

Hi Experts !!! Any help, please ?!!! On Sun, Jan 15, 2017 at 9:14 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: > Hi All. > > I am getting stuck on the first step of configuring OpenSSL. > Following are some of the diagnostics :: > > >

Re: [openssl-users] Issues while "configuring before compiling" OpenSSL on Raspberry-Pi

loa...@gmail.com> wrote: > On Sun, Feb 12, 2017 at 8:13 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: > > Any ideas please? > > Is compiling openssl even possible on Raspberry-Pi? > > > > Try 'config' rather than 'Configure'. It looks like it does the job. >

Re: [openssl-users] Issues while "configuring before compiling" OpenSSL on Raspberry-Pi

Any ideas please? Is compiling openssl even possible on Raspberry-Pi? On Sat, Jan 28, 2017 at 10:50 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: > Hi Experts !!! > > Any help, please ?!!! > > On Sun, Jan 15, 2017 at 9:14 AM, Ajay Garg <ajaygargn...@gmail.com> wro

Re: [openssl-users] Root-Level queries while using SSL-connections wrapping "sockets"

On Fri, Oct 7, 2016 at 11:17 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > On Fri, Oct 07, 2016 at 10:30:06PM +0530, Ajay Garg wrote: > >> Ok, so for sending app-payload-bytes, we do a bio_write() to "bio1", >> and if "bio1" requires rea

Re: [openssl-users] Root-Level queries while using SSL-connections wrapping "sockets"

Thanks for the reply Viktor. On Fri, Oct 7, 2016 at 8:27 PM, Jakob Bohm <jb-open...@wisemo.com> wrote: > On 07/10/2016 16:35, Ajay Garg wrote: >> >> Hi Viktor. >> >> Thanks for your reply, and I am sorry for being idiotic, OpenSSL does >> seem daunting,

Re: [openssl-users] Root-Level queries while using SSL-connections wrapping "sockets"

elp so far. Thanks and Regards, Ajay On Fri, Oct 7, 2016 at 3:25 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > On Fri, Oct 07, 2016 at 12:28:46PM +0530, Ajay Garg wrote: > >> I realise I am still stuck with the original issue. > > Failure to read the document

[openssl-users] Root-Level queries while using SSL-connections wrapping "sockets"

Hi All. I understand the basic gist of setting up SSL-connections using OpenSSL, as per http://stackoverflow.com/questions/7698488/turn-a-simple-socket-into-an-ssl-socket However, I am a bit unsure about certain implementations. In particular (let's talk only about the client-side), I wonder how

Re: [openssl-users] Root-Level queries while using SSL-connections wrapping "sockets"

;bio2" (after "bio1" has internally-transferred the bytes to "bio2") ? * Reading from network via "bio2" (after which "bio1" can internally-pick-up the bytes from "bio2") ? Also, how do "bio1" and "bio2" communicate in case

Re: [openssl-users] Root-Level queries while using SSL-connections wrapping "sockets"

On Fri, Oct 7, 2016 at 9:19 AM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > On Fri, Oct 07, 2016 at 08:51:24AM +0530, Ajay Garg wrote: > >> However, I am a bit unsure about certain implementations. >> In particular (let's talk only about the client-side), I wonder

Re: [openssl-users] Getting the retry reason for a "failed" BIO_write/BIO_read

On Mon, Oct 10, 2016 at 2:47 PM, Ajay Garg <ajaygargn...@gmail.com> wrote: > > > On Mon, Oct 10, 2016 at 1:31 PM, Viktor Dukhovni < > openssl-us...@dukhovni.org> wrote: > >> >> > On Oct 10, 2016, at 3:52 AM, Ajay Garg <ajaygargn...@gmail.com> wro

Re: [openssl-users] Root-Level queries while using SSL-connections wrapping "sockets"

Hi Viktor. On Fri, Oct 7, 2016 at 11:17 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > On Fri, Oct 07, 2016 at 10:30:06PM +0530, Ajay Garg wrote: > >> Ok, so for sending app-payload-bytes, we do a bio_write() to "bio1", >> and if "bio1"

Re: [openssl-users] Root-Level queries while using SSL-connections wrapping "sockets"

On Sun, Oct 9, 2016 at 10:55 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > >> On Oct 9, 2016, at 10:47 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: >> >>> However, it might sometimes return SSL_ERROR_WANT_READ, in which >>> c

[openssl-users] Sequence of steps to initialize a ssl-session (only client-mode)

Hi All. We are just dealing with the client-side, and following are the steps :: SSL_library_init(); OpenSSL_add_ssl_algorithms(); OpenSSL_add_all_algorithms(); SSL_load_error_strings(); ERR_load_crypto_strings(); solitary_ssl_ctx = SSL_CTX_new(TLSv1_2_client_method());

[openssl-users] [PLEASE IGNORE] Re: Sequence of steps to initialize a ssl-session (only client-mode)

Sorry, the "send" button was clicked accidentally :( On Mon, Oct 10, 2016 at 10:55 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: > Hi All. > > We are just dealing with the client-side, and following are the steps :: > > SSL_library_init(); &

[openssl-users] [Version-2] Sequence of steps to initialize a ssl-session (only client-mode)

[Thanks Viktor, I made the change as suggested by you in the other incomplete email that I sent accidentally]. Hi All. We are just dealing with the client-side, and following are the steps :: #

Re: [openssl-users] Root-Level queries while using SSL-connections wrapping "sockets"

ries in step a), step b) and 8-point-story in step c) as per my previous email. Thanks and Regards, Ajay On Mon, Oct 10, 2016 at 2:39 AM, Michael Wojcik <michael.woj...@microfocus.com> wrote: >> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf >> Of A

Re: [openssl-users] [Version-2] Sequence of steps to initialize a ssl-session (only client-mode)

Damn the semicolon at the end :( Sorry for the noise. Thanks and Regards, Ajay On Mon, Oct 10, 2016 at 11:23 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: > [Thanks Viktor, I made the change as suggested by you in the other > incomplete email that I sent accidentally]. > >

Re: [openssl-users] Problem in compiling OpenSSL on Windows-7-32-bit

. On Mon, Nov 7, 2016 at 9:52 PM, Ajay Garg <ajaygargn...@gmail.com> wrote: > Oops.. sorry. > OpenSSL-version is 1.0.2d, and nasm-version is 2.12.02. > > > > On Mon, Nov 7, 2016 at 9:31 PM, Jeremy Farrell <jeremy.farr...@oracle.com> > wrote: > >> What version

Re: [openssl-users] Problem in compiling OpenSSL on Windows-7-32-bit

Hi Kim. Thanks for the reply. On 8 Nov 2016 11:59 a.m., "Kim Gräsman" <kim.gras...@gmail.com> wrote: > > On Tue, Nov 8, 2016 at 6:26 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: > > > > Is compiling on windows always such a pain? :( > > On Linu

Re: [openssl-users] Problem in compiling OpenSSL on Windows-7-32-bit

information. > > Regards, >jjf > > On 07/11/2016 11:42, Ajay Garg wrote: > > Oops... pardon me. > The e) step was not done. > > The errors came right after step d) > > On 7 Nov 2016 3:36 p.m., "Ajay Garg" <ajaygargn...@g

[openssl-users] Problem in compiling OpenSSL on Windows-7-32-bit

Hi All. Following are the steps I followed : ### a) Downloaded nasm.exe from internet, and placed it in the include-path. b) *perl Configure VC-WIN32* c) *ms\do_nasm.bat* d) *nmake -f ms\nt.mak* e) *make*

Re: [openssl-users] Problem in compiling OpenSSL on Windows-7-32-bit

Oops... pardon me. The e) step was not done. The errors came right after step d) On 7 Nov 2016 3:36 p.m., "Ajay Garg" <ajaygargn...@gmail.com> wrote: > Hi All. > > Following

[openssl-users] Where to find definitions of certain functions

Hi All. I plan to integrate openssl in our client-side-framework, so that we can remove all the unneeded stuff (as the TLS-versions, and certificate-management is controlled by the server only, which is only a limited subset amongst the vast feature-set of openssl). As part of this, I am first

Re: [openssl-users] Code-Architecture questions while compiling OpenSSL for STM32-processors

Ping !!! Upon code-browsing, I am beginning to feel that OpenSSL uses program-buffer, which is used for malloc/free. Am I right? If yes, is there a place where the maximum-size of "in-program-buffer-heap" is defined? On Tue, Nov 22, 2016 at 7:33 PM, Ajay Garg <ajaygargn...@gma

[openssl-users] Code-Architecture questions while compiling OpenSSL for STM32-processors

Hi All. I wish to compile openssl libraries for a STM32-processor (which would then be linked statically with our application-framework code). Now. I believe that OpenSSL uses tonnes of "malloc"s and "free"s. But for bare-metal-systems (without any formal OSes), we generally don't have any

[openssl-users] Questions on internal-buffers being used

Hi All. a) In the call, int BIO_new_bio_pair(BIO **bio1, size_t writebuf1, BIO **bio2, size_t writebuf2); are internal-buffers malloc'ed for each of "bio1" and "bio2"? If yes, is there a way to pass buffers from the application-layer? I ask this, because not all systems

Re: [openssl-users] Questions on internal-buffers being used

. */ } } What am I doing wrong? On Wed, Oct 12, 2016 at 12:59 AM, Benjamin Kaduk <bka...@akamai.com> wrote: > On 10/11/2016 02:06 PM, Ajay Garg wrote: > > Hi All. > > > a) > In the call, > > int BIO_new_bio_pair(BIO **bio1, size_t writebuf1

[openssl-users] Getting the retry reason for a "failed" BIO_write/BIO_read

Hi All. Taking the socket-structure as :: # SSL *ssl; BIO *ssl_bio; // app-payload-bytes will be written by app into it. BIO *inter_bio;

Re: [openssl-users] Getting the retry reason for a "failed" BIO_write/BIO_read

ket->inter_bio, socket->inter_bio); BIO_set_ssl(socket->ssl_bio, socket->ssl, BIO_NOCLOSE); On Mon, Oct 10, 2016 at 12:19 PM, Viktor Dukhovni < openssl-us...@dukhovni.org> wrote: > > > On Oct 10, 2016, at 2:20 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: > >

Re: [openssl-users] Root-Level queries while using SSL-connections wrapping "sockets"

Hi All. I guess all my theories are bang on, as the entire framework was integrated seamlessly making use of the above "theories". Thanks a ton to everyone, and extra thanks to Viktor  Thanks and Regards, Ajay On 10 Oct 2016 6:34 a.m., "Ajay Garg" <ajaygargn...@gmai

Re: [openssl-users] Getting the retry reason for a "failed" BIO_write/BIO_read

Following works : If(BIO_should_read(socket->ssl_bio) != 0) If(BIO_should_write(socket->ssl_bio) != 0) With this, I could get the entire end-to-end workflow to work Thanks a ton for all the help !!! On Mon, Oct 10, 2016 at 11:50 AM, Ajay Garg <ajaygargn...@gmail.com> wrot

Re: [openssl-users] Getting the retry reason for a "failed" BIO_write/BIO_read

On Mon, Oct 10, 2016 at 1:31 PM, Viktor Dukhovni <openssl-us...@dukhovni.org > wrote: > > > On Oct 10, 2016, at 3:52 AM, Ajay Garg <ajaygargn...@gmail.com> wrote: > > > > If(BIO_should_read(socket->ssl_bio) != 0) > > > > If(BIO_should_write(socket

Re: [openssl-users] Where to find definitions of certain functions

I am bringing in the relevant sources from the cloned openssl-repository, and comping each "c unit" separately. Also, I am not using Makefiles, rather compiling each "c unit" using gcc using first-principles. Could that be an issue? On Sun, Oct 16, 2016 at 8:10 PM, Salz, Rich

Re: [openssl-users] Where to find definitions of certain functions

Thanks Salz. I get a lot of linking-errors like :: ex_data.c:(.text+0xaa6): undefined reference to `sk_num' ex_data.c:(.text+0xb06): undefined reference to `sk_value' ex_data.c:(.text+0xc5e): undefined reference to `sk_free' Doing, *nm -o /usr/lib/i386-linux-gnu/libssl.a | grep

Re: [openssl-users] Where to find definitions of certain functions

Aah... I guess I was being an idiot. I just realize that the recommended/best/easier way is to compile openssl as a separate library (enabling/disabling/removing features as required), and then link this library to our application-binary. Thanks a ton Salz, you have saved me a LOT of hours

Re: [openssl-users] Where to find definitions of certain functions

uild fails at link time with unresolved function references. > > > > *From:* openssl-users [mailto:openssl-users-boun...@openssl.org] *On > Behalf Of *Ajay Garg > *Sent:* Sunday, October 16, 2016 10:16 PM > *To:* openssl-users@openssl.org > *Subject:* Re: [openssl-users] Where

Re: [openssl-users] Where to find definitions of certain functions

PM, Matt Caswell <m...@openssl.org> wrote: > > > On 15/10/16 13:43, Ajay Garg wrote: > > Hi All. > > > > I plan to integrate openssl in our client-side-framework, so that we can > > remove all the unneeded stuff (as the TLS-versions, and > > certificat

Re: [openssl-users] Where to find definitions of certain functions

Hardly helps :( *nm -o /usr/lib/i386-linux-gnu/libcrypto.a | grep ASN1_TIME_t* nm: ebcdic.o: no symbols /usr/lib/i386-linux-gnu/libcrypto.a:a_time.o:0230 T ASN1_TIME_to_generalizedtime /usr/lib/i386-linux-gnu/libcrypto.a:ocsp_srv.o: U ASN1_TIME_to_generalizedtime On Sat, Oct 15,

[openssl-users] Is there a way to get the numeric-value for a openssl-cipher-suite

Hi All. I am using the following script at myu laptop, to test for the available cipher-suites : #!/usr/bin/env bash # OpenSSL requires the port number. SERVER=server.ip.com:12345 DELAY=1 ciphers=$(openssl ciphers 'ALL:eNULL' | sed -e 's/:/

[openssl-users] Issues while "configuring before compiling" OpenSSL on Raspberry-Pi

Hi All. I am getting stuck on the first step of configuring OpenSSL. Following are some of the diagnostics :: OpenSSL-Version : *1.0.2d* # pi@raspberrypi:~/instamsg-c/third_party/openssl $ *uname -a* Linux raspberrypi

Re: [openssl-users] How to compile for ARM-Cortex M4?

Help please... experts ?!! On Fri, Nov 10, 2017 at 12:52 PM, Ajay Garg <ajaygargn...@gmail.com> wrote: > Hi All. > > I am using bleeding-edge openssl code, and wish to compile it for > https://www.digikey.com/product-detail/en/microchip- > technology/ATSAM4E8CA-AUR/ATSAM4

[openssl-users] How to compile for ARM-Cortex M4?

Hi All. I am using bleeding-edge openssl code, and wish to compile it for https://www.digikey.com/product-detail/en/microchip-technology/ATSAM4E8CA-AUR/ATSAM4E8CA-AURCT-ND/4140758 What is the best/recommended way to accomplish this? Will be grateful for a reply. Thanks and Regards, Ajay --