[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Saturday, January 31, 2009 8:11 AM
To: openssl-users@openssl.org
Subject: RE: Openssl signature verification
From: owner-openssl-us...@openssl.org On Behalf Of Ajeet kumar.S
Sent: Friday, 30 January, 2009 00:07
In openssl
Dear All,
In openssl API X509_verify(X509 *a, EVP_PKEY *r) is used to verify the
signature of certificate. I have some doubt please help me.
1. Is in this API we are passing the CA certificate and public key of
CA certificate?
2. What is data over SSL compute the HASH?
3. SSL
Dear All,
In Openssl for signature verification we are using API
ASN1_item_verify().
Let me know the data which is used for finger print (signature)
creation is the CA public key or some thing else data .
Please clarify this doubt. How we are verifying the signature?
Thank
Dear all,
I want to verify server certificate signature. So please tell me how to
verify server certificate signature using Openssl API. What API I need to
use for signature verification?
Thank you.
Regards,
--Ajeet Kumar Singh
Dear All,
I have one doubt how to check the signature. And I saw server is sending the
server certificate, can we check this certificate or what is use of
this(certificate come from server side) certificate.
In peer verification, at client side checking the system time, which is
lying in the
Dear All,
Thank you Ger Hobbelt for your help.
I want to validate only the signature of the server certificate.
For example in peer verification, ssl will check time of client
system(6:28PM 23 Jan 2009) to Ca root certificate validity time after
client hello process.
Validity
Yes.
Thank you.
Regards,
--Ajeet Kumar Singh
_
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Leo, Liangyou Wang
(liangwan)
Sent: Monday, January 19, 2009 7:40 AM
To: openssl-users@openssl.org
Subject: openssl 0.9.4
Hi Wang,
It will support AMD also. Openssl only depends upon OS like window, unix
etc.
Please check what OS you are using.
Regards,
--Ajeet Kumar Singh
_
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Leo, Liangyou Wang
U should enable require Preprocessor for Encryption and Auth. Algorithm.
Thank you.
Regards,
--Ajeet Kumar Singh
Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve Bhadrani Pashyantu , Maa
Kaschit Dukha Bhagh Bhavet
-Original Message-
From: owner-openssl-us...@openssl.org
Dear All,
Thank you Dr. Stephen Henson for your Help.
I want to enable some selected cipher suite like
TLS_RSA_WITH_AES_256_CBC_SHA.
Can it is possible. I selected some specific Algorithm RSA, 3DES, AES,DES,
SHA and MD5.
So I want to enable cipher suite which support to above algorithms only.
Dear All,
Thank you Ger Hobbelt for your help. Actually I tried using your suggestion.
I have doubt it is necessary to use HASH Algorithm(SHA and MD5) for SSL
connection. We can not use only DES, 3DES and AES, RSA Algorithms.
Please clarify doubt.
Thanks allot.
Thank you.
Regards,
--Ajeet
Hi All,
I want to enable only DES/3DES, AES and RSA Algorithm.So please tell me any
preprocessor definition by using which we can enable only DES/3DES, AES and
RSA algorithm. I don't want to use other algorithm except above three.
Thank you.
Regards,
--Ajeet Kumar Singh
Dear All,
I want to enable only DES/3DES, AES and RSA Algorithm.So please tell me any
preprocessor definition by using which we can enable only DES/3DES, AES and
RSA algorithm. I don't want to use other algorithm except above three. Is
any macro kind of thing is there by which we can enable only
Please take refrence file s_client.c and s_server.c from openssl project in
folder apps.
Thank you.
Regards,
--Ajeet Kumar Singh
_
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of vinni rathore
Sent: Monday, November 17, 2008 2:10 PM
To:
Please check time function gtime()or gtime_r() return some time that is
going to compare certificate time before and after time. Then it will return
expire or going to expire. Please check it.
Thank you.
Regards,
--Ajeet Kumar Singh
Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve
Please check time function gtime()or gtime_r() return some time that is
going to compare certificate time before and after time. Then it will return
expire or going to expire. Please check it.
Thank you.
Regards,
--Ajeet Kumar Singh
Thank you.
Regards,
--Ajeet Kumar Singh
Hi all,
Actually we have one CA certificate is provided by service server (That is
root certificate in .pem format and .crt format). I used that certicate to
verify the peer. I got unknown CA. I saw that certificate was coming from
service server having thawte CA and having issuer and subject
Dear All,
I have self signed root certificate. I want to verify the peer certificate.
In API static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509
*issuer).
I saw function calling X509_check_issued(issuer, x); where they are
matching issuer and subject. But I saw server is sending the
I think it is depend upon how you configured.
Thank you.
Regards,
--Ajeet Kumar Singh
Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve Bhadrani Pashyantu , Maa
Kaschit Dukha Bhagh Bhavet
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Dear All;
Thank you all of you for your support. When I called
SSL_CTX_load_verify_locations() and SSL_CTX_set_verify() to verify the peer
certificate but I got fetal error unkown certificate authority. Please let
me know what is reason behind it. But I have CA certificate, client
Dear All,
I have self signed root certificate I want to verify the peer certificate.
Please tell me how to verifying. What API I need to call.
Thank you.
Regards,
--Ajeet Kumar Singh
Dear All;
Thank you all of you for your support. When I called
SSL_CTX_load_verify_locations() and SSL_CTX_set_verify() to verify the peer
certificate but I got fetal error unkown certificate authority. Please let
me know what is reason behind it. But I have CA certificate, client
certificate and
.
Regards,
--Ajeet Kumar Singh
_
From: Dan Ribe [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 01, 2008 5:41 PM
To: Ajeet kumar.S
Subject: Re: Reading certificate and public key from memory
Hey,
How are u doing ?
Was trying to read my private key from the mem buffer like
Hi All,
Can we convert .der to .crt file? Please suggest me. How we can
convert it using open ssl?
Thank you.
Regards,
--Ajeet Kumar Singh
image002.jpg
Dear All,
I want to verify the peer certificate (server certificate). For
that we need CA Certificate, Let me know we required ROOT CA certificate in
PEM format or in any other format, open ssl will support.
Actually I called SSL_CTX_load_verify_locations() after that I called
..
On Wed, Sep 24, 2008 at 3:12 PM, Ajeet kumar.S
[EMAIL PROTECTED] wrote:
Hi All,
Can we convert .der to .crt file? Please suggest me. How we
can
convert it using open ssl?
Thank you.
Regards,
--Ajeet Kumar Singh
--
regards,
Vineeta Kumari
Software engg
Mobera
Dear All;
Thank you Marek Marcola for your help.I tried your suggestion. I got out put
but it displayed in command window. But I want to save it in form of file
.crt. Please advice me on that also.
Thank you.
Regards,
--Ajeet Kumar Singh
Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve
Hi all;
Thanks all of you for your support. I have cert.der file and I want to
convert it cert.pem file using open ssl. How I can convert it. Please Tell
me.
Thank you.
Regards,
--Ajeet Kumar Singh
image002.jpg
x509 -inform DER -in filename -outform PEM -out filename
or look at www.openssl.org
LQ
Ajeet kumar.S ha scritto:
Hi all;
Thanks all of you for your support. I have cert.der file and I want to
convert it cert.pem file using open ssl. How I can convert it. Please
Tell me.
Thank you
: How to convert .der file to .pem
Hi,
Try out this:
openssl x509 -in cert.der -inform DER -out cert.pem -outform
PEM
Regards,
Shivakumar
- Original Message -
From: Ajeet kumar.S mailto:[EMAIL PROTECTED]
To: openssl-users@openssl.org
Sent: Monday, September 22
Dear All,
I tried to connect to stream server through using https (using open
ssl).But I got response from server nothing means only zero content length
of data and headers.
Let me know why server was not sending data. Is any problem related to ssl
due to delay time out happen towards server side
Dear All;
When I compiled openssl-0.9.8g on VDSP and run \demos\ssl\cli.cpp .And I
tried to connect https://www.gmail.com https://www.gmail.com/ .At that
time I saw client sent client hello and server sent server hello
successfully. But After that Client is not sending MASTER_KEY message. I
Dear All;
When I compiled openssl-0.9.8g on VDSP and run \demos\ssl\cli.cpp .And I
tried to connect https://www.gmail.com https://www.gmail.com/ using
sslv2.0 .At that time I saw client sent client hello and server sent
server hello successfully. But After that Client was not sending
Dear All;
I am compiling the openssl that time I got some function and mapping of
function which is not in openssl source. This is as follows:
PKCS8_PRIV_KEY_INFO_it() // This function is not available in
openssl ;
PKCS8_PRIV_KEY_INFO_new () // this function is not going to
Dear All;
Please tell me how COMP_CTX_free(COMP_CTX *ctx) will work. Actually I
saw in function COMP_CTX_free(COMP_CTX *ctx) we are using function
OpenSSL_free().But I saw no definitions of OpenSSL_free(). Then how this
function is working.How UNIX and Window Platform taking(Mapping)
Hi all;
I want to port open ssl on VDK(VDSP compiler, BF533
Processor).For that purpose I down load Open ssl from openssl.org
(openssl-0.9.8g).
Actually above project having so man folder like crypto, apps, cert, engine,
demo, etc. Let me know which folder I will port in
Hi All;
Thanks to you for your suggestions. I followed your suggestion and removed
ssl/ssl_task.c and compiled it but I got one problem which is as follows:
/***
***/
crypto\sha\sha1s.cpp, line 72: cc0020: error:
Hi all;
I am working on BF-533 Processor(Blackfin Processor, VDK rtos,VDSP4.5
compiler).
I am trying to port openssl-0.9.8g on VDK(BF-533,VDSP4.5).but this is
giving some error.
It is not able to open #include iodef.h and #include
descrip.h in ssl_task.c.
If I
Dear All;
I am new user of open ssl.I am trying to port open ssl on VDK
RTOS (Which is not VMS OS, Which is RTOS developed by Analog Devices).For
porting OPEN SSL I got openssl-0.9.8g from http://www.openssl.org/. I am
trying port whole project openssl-0.9.8g but this project having
Hi All;
I am trying to port Open SSL on VDSP4.5 (VDK RTOS).But open ssl
having 5 types of terminal interface supported,
* TERMIO, TERMIOS, VMS, MSDOS and SGTTY
*/
But VDK is not supporting it. So please tell me how to bypass it. here
sgtty.h header is not in open ssl
40 matches
Mail list logo