July 26, 2016 12:07 PM
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] PKCS7_sign conflict with PKCS7_decrypt?
>
> On Tue, Jul 26, 2016, Jim Carroll wrote:
>
> > Steve -- thanks, but I don't think I was clear enough.
> >
> > I am trying to get back the
Perfect. thanks
> -Original Message-
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On
> Behalf Of Salz, Rich
> Sent: Tuesday, July 26, 2016 2:27 PM
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] PKCS7_sign conflict with PKCS7_decrypt?
>
>
> > What is
: openssl-users@openssl.org
> Subject: Re: [openssl-users] PKCS7_sign conflict with PKCS7_decrypt?
>
> On Tue, Jul 26, 2016, Jim Carroll wrote:
>
> > After experimenting, I can confirm this is the same issue we're
> seeing,
> > although experiencing it very differently from
on
> Sent: Thursday, July 21, 2016 3:00 PM
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] Help finding replacement for
> ASN1_seq_unpack_X509
>
> On Thu, Jul 21, 2016, Jim Carroll wrote:
>
> > Steve,
> >
> > I ran into problems with swig when I tri
I've run into what appears to be a change to defaults between 0.9.8 and
1.1.0, and I wanted to make sure it's not a bug we've introduced.
While reviewing unittests, we see that calls to X509_REQ_new() generate an
X509 object with the version set to -1. When we write this object to a PEM
file
Running into trouble -- any attempt to PKCS7_decrypt() S/MIME content that
was created with PKCS7_sign()+PKCS7_encrypt() yields an empty result set. I
have the distinct impression I'm doing something dumb -- but several days of
debugging I'm completely stuck.
I've created an MVCE and included it
Dr. Stephen Henson
> Sent: Tuesday, July 26, 2016 11:22 AM
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] PKCS7_sign conflict with PKCS7_decrypt?
>
> On Tue, Jul 26, 2016, Jim Carroll wrote:
>
> > Running into trouble -- any attempt to PKCS7_decrypt() S
s-boun...@openssl.org] On
> Behalf Of Dr. Stephen Henson
> Sent: Thursday, July 21, 2016 9:53 AM
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] Help finding replacement for
> ASN1_seq_unpack_X509
>
> On Wed, Jul 20, 2016, Jim Carroll wrote:
>
> > Thanks much..
inding replacement for
> ASN1_seq_unpack_X509
>
> On Tue, Jul 19, 2016, Jim Carroll wrote:
>
> > OpenSSL 1.1.0 has upgraded the safestack.h macro system, but I'm
> having
> > difficulty understanding the changes. I'm porting a piece of code
> from
> > OpenSSL 0.9.8 that
We are porting M2Crypto which is a python swig wrapper around OpenSSL. It
currently supports OpenSSL 0.9.8 and we are porting it to 1.1.0. The 1.1.0
branch is really cool (clean, elegant code), but there were a few
refactoring's that affected M2Crypto. Most were trivial getter/setter type
Thanks Rich!
> -Original Message-
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On
> Behalf Of Salz, Rich
> Sent: Thursday, July 21, 2016 8:57 AM
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] Help finding replacement for
> ASN1_seq_unpack_X509
>
>
> >
OpenSSL 1.1.0 has upgraded the safestack.h macro system, but I'm having
difficulty understanding the changes. I'm porting a piece of code from
OpenSSL 0.9.8 that uses ASN1_seq_unpack_X509. In 0.9.8, safestack.h had this
definition.
#define ASN1_seq_unpack_X509(buf, len, d2i_func, free_func) \
We have a non-blocking windows app that we are migrating to from OpenSSL
1.0.2i to 1.1.0-pre7-dev. We move data from sockets to SSL via BIO_s_mem()
objects.
rbio = BIO_new(BIO_s_mem());
wbio = BIO_new(BIO_s_mem());
ssl = SSL_new(ssl_ctx);
SSL_set_bio(ssl, rbio, wbio);
Using OpenSSL 1.1.0-pre7-dev, our SSL server app is reporting:
10308:error:1417A0C1:SSL routines:tls_post_process_client_hello:no shared
cipher:ssl\statem\statem_srvr.c:1420:
Client & server both set to use TLS_method() with default ciphers. With
-DCIPHER_DEBUG enabled in our OpenSSL
penSSL-1.1.0-pre7-dev
>
>
>
> On 06/08/16 02:32, Jim Carroll wrote:
> > We have a non-blocking windows app that we are migrating to from
> OpenSSL
> > 1.0.2i to 1.1.0-pre7-dev. We move data from sockets to SSL via
> > BIO_s_mem() objects.
> >
> >
&
My bad - needed to initialize SSL_CTX_set_tmp_dh() BEFORE calling SSL_new().
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Jim Carroll
Sent: Saturday, August 06, 2016 6:59 AM
To: openssl-users@openssl.org
Subject: [openssl-users] 'no shared cipher', TLS_method
16 matches
Mail list logo
