in advance.
--
SY, Dmitry Belyavsky
gost as engine. I followed the instructions as
mentioned in readme file. But I can't see the ciphers in the list. What
else should I do?
On Saturday, February 8, 2014 5:06 PM, Dmitry Belyavsky
beld...@gmail.com wrote:
Hello!
You can take the ccgost engine as example.
On Sat, Feb 8
to establish a secure
connection between s_server and s_client involving gost engine in order to
get more familiar with gost as a written engine. What should I do?
On Sunday, February 9, 2014 10:38 AM, Dmitry Belyavsky
beld...@gmail.com wrote:
Hello!
You should call, for example, the
openssl
it?
Thank you.
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
, that the content of the message could've been
altered.
Anyone knows why this is happening?
We had such problem. It happened because of endlines in headers.
To avoid problems, we use smime -sign -crlfeol.
--
SY, Dmitry Belyavsky (ICQ UIN 6575
, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
OR-req.pem -days 3650'
Whether right quote is at place expected or it shoul be before keyout?
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http://www.openssl.org
User Support
for openssl ciphers AES+DES?
Using specification, it shouldn't return any cipher suite. But it
returns both DES and AES cipher suites. What is wrong?
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project
was from
OpenSSL 0.9.7e 25 Oct 2004
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated
at is very
interested in cooperation with OpenSSL Team. We'll be happy to
contribute the work we have made to upstream.
Thank you.
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http
OpenSSL 0.9.7e binary, I get the same result. But when cert
and key are used by apache with mod_ssl, pages are displayed normally.
What is wrong?
Thank you.
--
SY, Dmitry Belyavsky (ICQ UIN 6575)-BEGIN CERTIFICATE-
MIICuDCCAngCAQEwCQYHKoZIzjgEAzBFMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
doesn't.
You should add -bugs argument to allow IE talk. In this context -bugs refers
to bugs in another SSL implementation, not bugs in OpenSSL.
Thank you! It works.
May be IE should be metioned in s_server manpage according to this key?
--
SY, Dmitry Belyavsky (ICQ UIN 6575
Greetings!
What shall I look at whether I want to enumerate all, for example,
digest algorithms supported in a particular build?
Thank you!
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project
().
hope it could help.
No, that is not what I need. I need an enumeration.
Thank you!
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
OPENSSL_EXTERN or as
function.
What should I do?
Thank you!
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl
understanding of RAND_pseudo_bytes() semantics, or
there is an error in OpenSSL?
Thank you!
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
same syntax when used with an RSA key works fine. What am I doing
wrong? Am I missing something completely obvious?
EC requires SHA1, and SHA512 does not allow EC as key.
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL
, I successfully get the page I
request.
openssl-0.9.7 s_client doesn't get an error anyway.
What's wrong?
Thank you!
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http
Greetings!
On Tue, 29 Nov 2005, Victor Duchovni wrote:
On Tue, Nov 29, 2005 at 05:32:45PM +0300, Dmitry Belyavsky wrote:
Greetings!
We use openssl 0.9.8a, apache 1.3.34 with mod_ssl 2.8.25 (Debian etch).
The URL we request requires client certificate.
4119:error:1408F455:SSL
Greetings!
Is there a simple way to switch SSL compression off run-time?
Thank you!
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http://www.openssl.org
User Support Mailing
lh_doall_arg
doall_util_fn
func_arg(a-data,arg); // Error inside this method
Can anyone help me resolve this problem so that I can understand my memory
leakage problem?
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project
through the manual request to get the script to do it itself?
-batch, and place necessary info into the req.conf file.
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project http
Hello!
We implement custom engine registering some NIDs via OBJ_create(). We
have problems using this engine in openssl commands calling
OBJ_cleanup() before apps_shutdown() such as req, ca, x509. It causes a
segfault inside EVP_cleanup() function.
Now we use 20041207 snapshot.
--
SY, Dmitry
Hello!
I'm using openssl smime to sign and verify data.
openssl ca is used to make cert for usage.
How should I provide trust chain with openssl ca as CA?
Thank you.
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL
[MIME-SECURE]. The
values to be placed in the micalg parameter SHOULD be from the
following:
Algorithm Value
used
MD5 md5
SHA-1 sha1
Any other unknown
---
So, is the hard-coded value a bug or a feature?
--
SY, Dmitry Belyavsky (ICQ UIN 6575
Hello!
We are implementing custom engine providing GOST algorithms.
We get a SEGFAULT on app_shutdown.
We didn't find out what is wrong with our code. Engine code is attached.
We use 20050112 snapshot of 0.9.8 branch.
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
#include string.h
#include
at, for example,
demos/engines/rsaref/ for a working example to look at?
Thank you very much. Should we call ENGINE_unregister_ciphers any time
really? What are they for?
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
__
OpenSSL Project
Hello!
On Tue, 18 Jan 2005, Dmitry Belyavsky wrote:
That's because of the call to ENGINE_unregister_ciphers() in
cce_destroy(). Can I suggest you take a look at, for example,
demos/engines/rsaref/ for a working example to look at?
Unfortunately that's not only because
without
libefence.
Engine source code is attached.
Please, tell me where is my mistake. Thank you.
--
SY, Dmitry Belyavsky (ICQ UIN 6575)
#include string.h
#include openssl/err.h
#include openssl/evp.h
#include openssl/bn.h
#include openssl/engine.h
#include openssl/objects.h
static int
);
}
if(flags PKCS7_DETACHED)PKCS7_set_detached(p7, 1);
if (!PKCS7_dataFinal(p7,p7bio)) {
PKCS7err(PKCS7_F_PKCS7_SIGN,PKCS7_R_PKCS7_DATASIGN);
return 0;
}
BIO_free_all(p7bio);
return 1;
It seems that BIO_write doesn't calc digest at all. Where is my mistake?
--
SY, Dmitry
, Dmitry Belyavsky
not even officially on the agenda yet, because we haven't
figured out when to meet.
We'll try, tho.
--
Principal Security Engineer, Akamai Technologies
IM: rs...@jabber.me Twitter: RichSalz
--
SY, Dmitry Belyavsky
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
--
SY, Dmitry Belyavsky
!
Thanks,
BW
___
openssl-users mailing list
openssl-users@openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-users
--
SY, Dmitry Belyavsky
___
openssl-users mailing list
causes default_RAND_meth to change.
Thanks,
BW
On Tue, Dec 9, 2014 at 1:52 PM, Dmitry Belyavsky beld...@gmail.com
wrote:
Hello!
Do you set your RNG as default when the engine is loaded?
On Tue, Dec 9, 2014 at 10:44 PM, Brian Watson bwats9...@gmail.com
wrote:
Hi,
I am doing
the
rsa_pkcs1_eay_meth, as other engines do. But the rsa_pkcs1_eay_meth does
not provide a rsa_sign callback.
What is the correct way to implement the rsa_sign callback?
Thank you!
--
SY, Dmitry Belyavsky
___
openssl-users mailing list
To unsubscribe: https
for me this way.
--
SY, Dmitry Belyavsky
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
,
Reinier
On 6/26/15 12:51 PM, Dmitry Belyavsky wrote:
Hello Reinier,
On Fri, Jun 26, 2015 at 7:47 PM, Reinier Torenbeek
reinier.torenb...@gmail.com wrote:
Hi,
The mechanism for implementing ECDSA in my own engine is unclear to me.
Unfortunately, none of the example engines implement
callback?
--
SY, Dmitry Belyavsky
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hello all,
Any suggestions?
On Thu, Apr 30, 2015 at 1:06 PM, Dmitry Belyavsky beld...@gmail.com wrote:
Hello all!
I'm implementing a custom engine providing its own RSA method.
I need to provide the rsa_sign callback, which is required to call my own
code in case when ex_data is set
, funct_ref = 3, and it seems strange
to me.
It also seems to me that it should be a call to ENGINE_free at the end of
openssl app call to free the resources (e.g. engine error strings), but
there is no one.
Could you explain my mistakes?
Thank you!
--
SY, Dmitry Belyavsky
Dear Rich,
> Just to emphasize one important point: Our next release is planned to be
> Beta-1, in about a month. After that, no new API's or features will be
> added to OpenSSL 1.1
>
>
If so, could you take a look at RT#4267?
Thank you!
--
SY, Dmitry Belyavsky
--
openss
ger then the
input.
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
rom my email address ?
>
> The latter.
>
> We have seen some more reports of this recently, and are increasing the
> logging to determine the cause. Interestingly, it's all from gmail.com
> addresses.
>
I confirm the receiving the similar message.
--
SY, Dmitry Bely
CEJydXNzZWxzMSEwHwYDVQQKExhOYXRpb25hbCBCYW5rIG9mIEJlbGdp
> dW0xITAfBgNVBAsT
>
> GERhdGEgU2VjdXJpdHkgTWFuYWdlbWVudDEcMBoGA1UEAxMTTkJCIFNlY3Vy
> ZSBFbWFpbCBDQTEc
>
> MBoGCSqGSIb3DQEJARYNZHNtb3BzQG5iYi5iZQICAKgwCQYFKw4DAhoFAKCB
> sTAYBgkqhkiG9w0B
>
> CQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0xNjA3MDEwODI2MTVa
> MCMGCSqGSIb3DQEJ
>
> BDEWBBRs4Ik9waWLNU/4OZ9TfT4yZZ0EljBSBgkqhkiG9w0BC
> Q8xRTBDMAoGCCqGSIb3DQMHMA4G
>
> CCqGSIb3DQMCAgIAgDANBggqhkiG9w0DAgIBQDANBggqhkiG9w0DAgIBKDAH
> BgUrDgMCBzANBgkq
>
> hkiG9w0BAQEFAASCAQCSP5/h1v6feRr+ekK19tlI4zvm1Wy7hUtN+
> XmbWLJHOxSU4wJUBRj6ptph
>
> Mb7AOm1JYy8+wWRQhgOcIegD74eXZoYfws+O3ADZ//feXYJAF/
> jqAyhs0r9CoGw2eUUeZR4KYILy
>
> ZG5I3lcFJLDPHcElSe3NgRBOmfuFWD/mSLE2B2S+PqbnbugYPSN7mCSOqMZODPBlop9wcz
> BUD1BI
>
> K+kM1fP28541RfCFS6tGUXamWnKOdbxoHbPmnQDT1zzcbRIUvnLCV6MZ4KFNAX
> f5YxwggV3jjPiQ
>
> vyzr8EdFzmaWpoOFEtCLmQw4hpSEPJO8yGxQ5/29MWg6Ypy62bjMfs54
>
> --=_Part_1_6142443.1467361575963--
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
:
> Dear Dmitry,
>
>
>
> The result must be as mentionned below?
>
>
>
> *Van:* openssl-users [mailto:openssl-users-boun...@openssl.org] *Namens
> *Dmitry
> Belyavsky
> *Verzonden:* donderdag 27 oktober 2016 19:09
> *Aan:* openssl-users@openssl.org
> *Onderwerp:*
S_GOSTR341001_WITH_28147_CNT_IMIT'
> -- OpenSSL: error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher
> match
> -- Failed to set restricted TLS cipher list: GOST2001-GOST89-GOST89
> -- Exiting due to fatal error
>
> Please help with this problem
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
functions.
Is there any way to distinguish whether engine is configured via the config
file or via direct calls to ENGINE_ctrl* functions?
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Dear Stephen,
On Tue, Oct 3, 2017 at 12:16 AM, Dr. Stephen Henson <st...@openssl.org>
wrote:
> On Mon, Oct 02, 2017, Dmitry Belyavsky wrote:
>
> > Hello,
> >
> > I have a question regarding engine configuration.
> >
> > We need to implement such behavio
Hello,
Is there a way to convert ASN1_TIME to time_t or smth compatible? Quick
googling does not show good results.
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Dear Matt,
On Wed, Sep 6, 2017 at 11:16 AM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 06/09/17 09:12, Dmitry Belyavsky wrote:
> > Hello,
> >
> > Is there a way to convert ASN1_TIME to time_t or smth compatible? Quick
> > googling does not show
Hello,
What happens if I call the ERR_add_error_data twice? Will it add the
arguments or replace them?
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
TH = /usr/local/lib/yubihsm_pkcs11.dylib
>
>init = 0
>
>
>
>
>
> Thanks!
>
> --
>
> Regards,
>
> Uri Blumenthal
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
with it after that.
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
ent connections with SSL_CTX_set_client_cert_engine
> but nothing similar exists for a server connection. Can this be done?
>
>
> I solved this problem for my purpose by writing a custom RSA method.
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
notifications from the openssl
> github project to notice them? that's really suboptimal
>
Totally agree.
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
ed way ( ./config; make; make test; make install) does
not work?
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Dear Richard,
On Thu, Feb 15, 2018 at 11:48 AM, Richard Levitte
wrote:
> In message
Dear Richard,
On Fri, Feb 16, 2018 at 12:26 PM, Richard Levitte <levi...@openssl.org>
wrote:
> In message <CADqLbzLoBAo5w7XVBnUoRzuyyLKvo9+A8pZN3-hWPj4HBiU+nA@mail.
> gmail.com> on Fri, 16 Feb 2018 10:59:04 +0300, Dmitry Belyavsky <
> beld...@gmail.com> said:
>
unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
to EVP_PKEY_print_public and EVP_PKEY_print_private.
Could you please clarify whether it's a bug in my engine or something
incompatible in openssl code?
Thank you!
--
SY, Dmitry Belyavsky
a.pem
Description: application/x509-ca-cert
tmp.pem
Description: application/x509-ca-cert
--
openssl
906E0855E9
> Parameter set: id-GostR3410-2001-CryptoPro-A-ParamSet
>
>
> On Fri, 17 Aug 2018 at 18:15, Dmitry Belyavsky wrote:
>
>> Hello,
>>
>> I use my engine providing gost algorithms (
>> https://github.com/gost-engine/engine). It seems not to have
use that pointer to reference the composite_pkey_st (at least for the
>user-space implementation) ?
>
> Yes.
>
>
> Thanks for any help for understanding all these details... :D
>
> Cheers,
> Max
> --
> Best Regards,
> Massimiliano Pala, Ph.D.
> OpenCA
catched by existing regression testing.
>
> I'll open a proper PR to fix this as soon as we finish to test the
> alternative implementation.
>
Thank you very much!
>
> In the meantime you might open a proper issue in Github for this problem
> so that the bug will be properly
routines:tls_construct_cke_gost:library
bug:ssl/statem/statem_clnt.c:2436:
The error does not occur when using the master openssl branch.
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hello,
Is there any description how to use openssl macros describing the necessary
ASN1 structures?
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
be avoided
- the limitation has been made too generic
- the implementation seems to be AEAD-specific.
So does not it make sense to provide this limitation at least at the
ciphersuite level? It can provide more straightforward way to manage such
limitations.
Thank you!
--
SY, Dmitry Belyavsky
Hello,
Has anybody tried to build OpenSSL using ARM C compiler (armcc/armclang)
and got a success?
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Well, you can use opaque pointer and own structure containing a flag and
switch between native and custom implementations depending on it.
I've tried it and it works
пн, 15 окт. 2018 г., 23:13 Selva Nair :
> Hi,
>
> How to override the evp_pkey_sign method in EVP_PKEY_METHOD structure for
> a
On Thu, Nov 8, 2018 at 4:02 PM Matt Caswell wrote:
>
>
> On 08/11/2018 12:44, Dmitry Belyavsky wrote:
> > Hello,
> >
> > can anybody clarify what for the abbreviations AVA and RDN stand for?
>
> RDN == Relative Distinguised Name
> AVA == Attribute
characters. If no field separator is specified then sep_comma_plus_space is
used by default.
=
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hello,
https://github.com/openssl/openssl/pull/7614
On Thu, Nov 8, 2018 at 4:57 PM Dmitry Belyavsky wrote:
>
>
> On Thu, Nov 8, 2018 at 4:02 PM Matt Caswell wrote:
>
>>
>>
>> On 08/11/2018 12:44, Dmitry Belyavsky wrote:
>> > Hello,
>> >
>>
Hello
вс, 6 янв. 2019 г., 21:55 Antonio Iacono ant...@gmail.com:
> Hi,
>
> I sign a text file with:
> openssl cms -sign -signer cert.pem -inkey 01 -keyform engine -engine
> pkcs11
> in openssl.cnf
> [pkcs11_section]
> engine_id = pkcs11
> dynamic_path = /path/pkcs11.so
> MODULE_PATH =
Hello,
Is it possible to send empty renegotiation_info extension instead of
TLS_EMPTY_RENEGOTIATION_INFO_SCSV using openssl s_client?
If yes, is it possible to test secure renegotiation afterward?
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https
Hello,
Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are
unused in this function?
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
here isn't a cipherlist property that specifically selects CBC, so to
>>> get *only* CBC, you need to exclude AESGCM (and perhaps also AESCCM).
>>>
>>> --
>>> Viktor.
>>>
>>> --
>>> openssl-users mailing list
>>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>>>
>> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hello,
On Wed, Jan 2, 2019 at 12:41 PM Matt Caswell wrote:
>
>
> On 27/12/2018 08:37, Dmitry Belyavsky wrote:
> > Hello,
> >
> > Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are
> unused in
> > this function?
>
> Looks that way
Dear Jakob,
On Wed, Jan 2, 2019 at 1:14 PM Jakob Bohm via openssl-users <
openssl-users@openssl.org> wrote:
> On 02/01/2019 10:41, Matt Caswell wrote:
> >
> > On 27/12/2018 08:37, Dmitry Belyavsky wrote:
> >> Hello,
> >>
> >> Am I right supposi
ng the check down into the algorithm implementations
> makes sense. A more generic mechanism at the EVP would.
>
>
>
>
>
>
>
> Pauli
>
> --
>
> Oracle
>
> Dr Paul Dale | Cryptographer | Network Security & Encryption
>
> Phone +61 7 3031 7217
>
>
Hello,
Sorry, I've just found similar checks in all _CGM functions.
On Fri, Sep 14, 2018 at 1:30 PM Dmitry Belyavsky wrote:
> Dear Paul,
>
> Could you please clarify?
> The code seems to be related to s390 platform. Do I miss something?
>
> On Thu, Sep 13, 2018 at 1:55 A
as I would have expected) "unsigned int". Is there a
> possibility that EVP would set to a negative value and if so,
> what would that mean? Do I need to check for this in my code? Same
> with inl; why isn't it "unsigned int"? Is there ever a reason to pass
> in a
Dear Richard,
On Sat, Feb 23, 2019 at 8:47 AM Richard Levitte wrote:
> On Thu, 21 Feb 2019 17:20:53 +0100,
> Matt Caswell wrote:
> > On 21/02/2019 15:02, Dmitry Belyavsky wrote:
> > > Dear Matt
> > >
> > >
> > >
> > > On Wed, Feb 13, 2
t; Pauli
> --
> Dr Paul Dale | Cryptographer | Network Security & Encryption
> Phone +61 7 3031 7217
> Oracle Australia
>
>
>
> On 25 Feb 2019, at 5:02 pm, Dmitry Belyavsky wrote:
>
>
>
> On Sun, Feb 24, 2019 at 11:31 PM Viktor Dukhovni <
> openssl-us
ly_ external users. But sometimes, providing new
algorithms,
there appear some parts that should go into the core part. And regulation
creates similar problems.
All other users can call OBJ_obj2nid() or OBJ_txt2nid() to get a NID,
> and we can figure out how to allocate things dynamically if this makes
> sense. I don't know which APIs are currently NID-only.
AFAIK, no external API, but there are some cases when external API does not
cover all.
--
SY, Dmitry Belyavsky
gt; NIDs in the private space at runtime. The key question is whether
> such NIDs are global or valid only if returned to the same engine
> (provider, ...). If not global, the allocation might be static
> within the engine, and not require any locks.
>
Totally agree. OBJ_create() and similar functions exist, but do not solve
our problems.
--
SY, Dmitry Belyavsky
Hello,
We've started porting our 1.0.2 application to 1.1.1.
What is a way to get an engine reference? I did not find a function like
EVP_PKEY_get1_engine
Thank you!
--
SY, Dmitry Belyavsky
On Mon, Feb 25, 2019 at 5:23 PM Matt Caswell wrote:
>
>
> On 25/02/2019 13:28, Dmitry Belyavsky wrote:
> > Hello,
> >
> > We've started porting our 1.0.2 application to 1.1.1.
> > What is a way to get an engine reference? I did not find a function like
&
s a patch to extend
3-5 internal lists.
If it could be done dynamically, it will be great.
3. Do you have plans to make some callback structures created by providers?
I mean such structures as SSL key exchange/authentication methods, X.509
extensions etc.
Thank you very much!
--
SY, Dmitry Belyavsky
ttr(&(p8->attributes), attr) != NULL, 0,
CRYPTOCOM_R_NO_MEMORY);
}
==
The code is intended to add a custom attribute to PKCS8 attributes.
How do I do it in 1.1.1?
Thank you!
--
SY, Dmitry Belyavsky
Hello Andreas,
I used smth like
===
RSA_METHOD my_rsa_method = {
"My RSA method",
0, /* pub_enc */
0, /* pub_dec */
0, /* priv_enc */
my_priv_dec, /* priv_dec */
0, /*
branch
usually cause numerous merge conflicts. So any advice is appreciated.
Thank you!
--
SY, Dmitry Belyavsky
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Dear Hubert,
On Mon, Feb 4, 2019 at 6:52 PM Hubert Kario wrote:
> On Thursday, 31 January 2019 11:09:00 CET Dmitry Belyavsky wrote:
> > Hello,
> >
> > What is best practice to add own object identifiers to the
> crypto/objects/*
> > files?
> >
> > I
extracting from memory/swap/etc? Am I wrong?
Many thanks in advance!
--
SY, Dmitry Belyavsky
h different flag combination as well. But all in vain. Please help
>
> Thanks
> Subrata
>
--
SY, Dmitry Belyavsky
It's worth trying to run make update before running make.
пт, 14 июн. 2019 г., 20:13 Giovanni Fontana :
> A little bit further...with my problem in trying to build a tailored
> version of openSSL.
>
> If I do make I get at the end of building (trying to make .map file
> before the .so files )
>
3 -CAfile cert.pem -key key.pem -cert cert.pem -trace
--
SY, Dmitry Belyavsky
cert.pem
Description: application/x509-ca-cert
key.pem
Description: application/x509-ca-cert
;
>
99,9% you'll have to fix your openssl calls. Most of data structures became
opaque and you'll need to fix access to separate fields if any.
If you used algorithm-specific methods instead of EVP, you probably have to
rewrite this calls.
It's only a part of the changes happened since 0.9.7.
--
SY, Dmitry Belyavsky
'ф' I want. But the encoding of it is not UTF8, as the utf8 encoding of a
cyrillic letter is 2 bytes long.
Am I wrong? If the behavior I see is desired one, how can I convert the
result of the encoding to UTF8 using openssl internal API?
--
SY, Dmitry Belyavsky
Dear Victor,
On Mon, Apr 22, 2019 at 9:23 PM Viktor Dukhovni
wrote:
> On Sun, Apr 21, 2019 at 06:58:53PM +0300, Dmitry Belyavsky wrote:
>
> > When I use a command
> >
> > openssl asn1parse -genstr "UTF8String:ф" -out content
> >
> > I get a 6-b
Hello,
On Tue, Apr 23, 2019 at 12:21 AM Dmitry Belyavsky wrote:
> Dear Victor,
>
> On Mon, Apr 22, 2019 at 9:23 PM Viktor Dukhovni <
> openssl-us...@dukhovni.org> wrote:
>
>> On Sun, Apr 21, 2019 at 06:58:53PM +0300, Dmitry Belyavsky wrote:
>>
>> &
1 - 100 of 162 matches
Mail list logo