Convert a Windows CA to a Linux CA
Hello all, actually I'm using a windows server for a CA authority to issue primary certificates for applications. These certificates are issued with a specific OID: 1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2 Can I migrate my CA to Linux, moving the already issued certificates and using linux tu create certs with that OID ? Thanks Stefano __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
OpenSSL client through proxy
Hello. I have to connect to my OpenSSL server through proxy server. How can I establish this connection? Thanks. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
No Shared Cipher
Hi Friends, I am facing some difficulties with OpenSSL implementation and am stuck at handshake failure. I have created a normal .exe (which acts as a server) which opens port 36003 and loads the required certificate and private key and waits for any incoming connection. Once I recieve connection request from the client and connection is accepted using the funtion BIO_do_accept, the handshake process fails. I am using the function BIO_do_handshake() for this. The reason for failure I get is No shared cipher. I found a function which allows us to set the list of ciper suites that we authorize our SSL object to use. The function is SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) where ctx is the context and *str is the list of ciper suites for e.g. str could be ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH. I found that the client uses RC4_MD5 RC4_SHA cipher suites. How to ensure that my SSL context object uses the same cipher suite. What string should I pass to SSL_CTX_set_cipher_list??? For e.g. SSL_CTX_set_cipher_list(ctx, MD5!SHA) ??? Do let me know, if I have not been clear on the above issue Thanks, Parag The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments. WARNING: Computer viruses can be transmitted via email. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email. www.wipro.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
CMPV2
Does OpenSSL support the CMPv2 protocol on the server-side adn client-side for certificate request/generation? thanks, Vasanthi ---
Algorithm usage in the world.
Dear OpenSSL team, I'd like to use OpenSSL package, and its internal components as SSLeay, in many parts of the world (as UE and USA). Are there some restriction problem about?...can I use all algorithms in that nations (the first one could be France)? Thanks in avantage. Daniele Di Lorenzo
OpenSSL Error
Dear All, I am facing some problem when I tried to compile the application. This application was building fine, but after adding a file called digestclient.c (to support HTTPs), it's throwing the following error. Can anyone give some input on this. digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] Subhankar Kumar Katyayan =-=-= Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you
Re: CMPV2
Hi Vasanthi, so far there is no official CMP support in OpenSSL. I am in the process of implementing the client site interoperable with available CMP capable CAs. So far, it is possible to do the IR and KUR sequences with Cryptlib and IR with Insta Certifier. More compatibility and seqences will be implemented soon, any collaboration including code review is welcome! Please check out my website where you'll also get the directions how to download the full source code through SVN: http://www.izac.de/cmp/ Best regards, Martin On 2/25/08, Raghuram Vasanthi-VRAGHUR1 [EMAIL PROTECTED] wrote: Does OpenSSL support the CMPv2 protocol on the server-side adn client-side for certificate request/generation? thanks, Vasanthi --- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
How to use the HMAC() function
Hello everybody, I have a doubt about how to use the HMAC() function. I developed this code in C language: (abridged) ... unsigned char *auth = NULL; unsigned char *session_auth_key; unsigned char *auth_tag; . . auth = HMAC(EVP_sha1(), session_auth_key, auth_key_length, length, auth_tag, auth_tag_length); . . Is the first argument in HMAC correct? When i run my program with GDB (GNU Project Debugger ) i get the string EVP_DigestFinal_ex () from /usr/lib/i686/cmov/libcrypto.so.0.9.8 as result. I think that the problem deals with the HMAC function. I use also the AES_ctr128_encrypt in my program. Can it have an influence? Thanks for your help! _ Ti piace giocare con le lettere? Prova ABCLive! http://messengergiochi.it.msn.com/__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
0.9.8 version that is fips compliant?
All, Is there a 0.9.8 version of OpenSSL that is fips compliant? Steve thought there would be one available possibly around February/March timeframe of this year. After looking closer, it appears that 0.9.7m does not have the following vulnerability http://www.openssl.org/news/secadv_20071012.txt. Am I reading this correctly? Thanks in advance. Jerry
Re: 0.9.8 version that is fips compliant?
Blasdel, Jerry wrote: All, Is there a 0.9.8 version of OpenSSL that is fips compliant? Steve thought there would be one available possibly around February/March timeframe of this year. Alas, that schedule has slipped. We lost a month plus due to the unexpected ordeal of getting the vulnerability patch to the v1.1.1 validated product approved. In addition the number of test platforms (eight) for the ongoing v1.2 validation has consumed much more time than I'd estimated due to difficulties with procuring necessary hardware and software. Unfortunately the formal submission for government review doesn't happen until *all* testing is completed on *all* platforms. We're almost done with the last platform, 64 bit Windows. That caused an inordinate amount of delay and in hindsight I would have dropped it from the validation. Then the real wait begins. I'm hesitant to even guess at a final completion date. The backlog for CMVP review is apparently running at six months or more, that would take us out until August at the earliest. Still fast compared to the first validation which took over five years. I had hoped to get the cycle down to under a year, but FIPS 140-2 validations will never be fast compared to software product life cycles. -Steve M. -- Steve Marquess Open Source Software Institute [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: How to use the HMAC() function
Hello,
I have a doubt about how to use the HMAC() function. I developed this
code in C
language: (abridged)
...
unsigned char *auth = NULL;
unsigned char *session_auth_key;
unsigned char *auth_tag;
.
.
auth = HMAC(EVP_sha1(), session_auth_key, auth_key_length, length,
auth_tag, auth_tag_length);
.
.
Is the first argument in HMAC correct?
When i run my program with GDB (GNU Project Debugger ) i get the string
EVP_DigestFinal_ex () from /usr/lib/i686/cmov/libcrypto.so.0.9.8 as
result.
I think that the problem deals with the HMAC function.
I use also the AES_ctr128_encrypt in my program. Can it have an
influence?
Code like this:
HMAC(EVP_md5(), pass, strlen(pass),
(u_char *) ctx-chal, strlen(ctx-chal), buff, len);
works (pass and chal are normal strings)
As a result you will get hmac (here of MD5 size = 16bytes) but as binary
buffer.
You may convert this buffer to hex with code:
for (i = 0; i len; i++) {
sprintf((digest[i * 2]), %02x, buff[i]);
}
digest[2 * len] = 0;
and use for example for ascii compare or so.
(from performance point of view sprintf() should be replaced
with simple function which covert byte to hex form).
Best regards,
--
Marek Marcola [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL Error
Hello, I am facing some problem when I tried to compile the application. This application was building fine, but after adding a file called digestclient.c (to support HTTPs), it's throwing the following error. Can anyone give some input on this. digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] Add -lcrypto -lssl libraries to linking process. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: No Shared Cipher
Hello, I am facing some difficulties with OpenSSL implementation and am stuck at handshake failure. I have created a normal .exe (which acts as a server) which opens port 36003 and loads the required certificate and private key and waits for any incoming connection. Once I recieve connection request from the client and connection is accepted using the funtion BIO_do_accept, the handshake process fails. I am using the function BIO_do_handshake() for this. The reason for failure I get is No shared cipher. I found a function which allows us to set the list of ciper suites that we authorize our SSL object to use. The function is SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str) where ctx is the context and *str is the list of ciper suites for e.g. str could be ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH. I found that the client uses RC4_MD5 RC4_SHA cipher suites. How to ensure that my SSL context object uses the same cipher suite. What string should I pass to SSL_CTX_set_cipher_list??? For e.g. SSL_CTX_set_cipher_list(ctx, MD5!SHA) ??? Server enforces allowable ciphers. You set at server side ciphers that you trust and client must support one of your ciphers or you disconnect. You may just add using SSL_CTX_set_cipher_list() supported by server ciphers. To list/test ciphers strings you may user openssl command. For example to list what ALL means you may execute: $ openssl ciphers -v ALL or to test what ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH means: $ openssl ciphers -v 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' and next you may build your own ciphers list. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL client through proxy
Hello, I have to connect to my OpenSSL server through proxy server. How can I establish this connection? Establish tcp connection through proxy (connect, socks5, transparent, reverse or any other) and next run SSL on this tcp connection. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: 0.9.8 version that is fips compliant?
All, Is OpenSSL version 0.9.7m vulnerable to this security notice http://www.openssl.org/news/secadv_20071012.txt? Reading through the notice it sounds like they recommend upgrading to 0.9.8g but that only those versions PRIOR to 0.9.7m are affected. We must build a fips compliant OpenSSL and I'm just trying to find out if we are still ok with the version that we are currently building (0.9.7m). Thank you, Jerry -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Marquess Sent: Tuesday, February 26, 2008 01:48 PM To: openssl-users@openssl.org Subject: Re: 0.9.8 version that is fips compliant? Blasdel, Jerry wrote: All, Is there a 0.9.8 version of OpenSSL that is fips compliant? Steve thought there would be one available possibly around February/March timeframe of this year. Alas, that schedule has slipped. We lost a month plus due to the unexpected ordeal of getting the vulnerability patch to the v1.1.1 validated product approved. In addition the number of test platforms (eight) for the ongoing v1.2 validation has consumed much more time than I'd estimated due to difficulties with procuring necessary hardware and software. Unfortunately the formal submission for government review doesn't happen until *all* testing is completed on *all* platforms. We're almost done with the last platform, 64 bit Windows. That caused an inordinate amount of delay and in hindsight I would have dropped it from the validation. Then the real wait begins. I'm hesitant to even guess at a final completion date. The backlog for CMVP review is apparently running at six months or more, that would take us out until August at the earliest. Still fast compared to the first validation which took over five years. I had hoped to get the cycle down to under a year, but FIPS 140-2 validations will never be fast compared to software product life cycles. -Steve M. -- Steve Marquess Open Source Software Institute [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: 0.9.8 version that is fips compliant?
On Tue, Feb 26, 2008 at 03:06:17PM -0600, Blasdel, Jerry wrote: All, Is OpenSSL version 0.9.7m vulnerable to this security notice http://www.openssl.org/news/secadv_20071012.txt? Reading through the notice it sounds like they recommend upgrading to 0.9.8g but that only those versions PRIOR to 0.9.7m are affected. The SSL_get_shared_ciphers() problem was resolved in 0.9.7m. Many applications don't call SSL_get_shared_ciphers(), and are not vulnerable even with older libraries. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: 0.9.8 version that is fips compliant?
Viktor, http://www.securityfocus.com/bid/25831/info has 0.9.7m as being vulnerable. I'm not sure how one can try to get them to correct it on their list. Thanks, Jerry -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni Sent: Tuesday, February 26, 2008 03:10 PM To: openssl-users@openssl.org Subject: Re: 0.9.8 version that is fips compliant? On Tue, Feb 26, 2008 at 03:06:17PM -0600, Blasdel, Jerry wrote: All, Is OpenSSL version 0.9.7m vulnerable to this security notice http://www.openssl.org/news/secadv_20071012.txt? Reading through the notice it sounds like they recommend upgrading to 0.9.8g but that only those versions PRIOR to 0.9.7m are affected. The SSL_get_shared_ciphers() problem was resolved in 0.9.7m. Many applications don't call SSL_get_shared_ciphers(), and are not vulnerable even with older libraries. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: 0.9.8 version that is fips compliant?
On Tue, Feb 26, 2008 at 05:02:27PM -0600, Blasdel, Jerry wrote: Viktor, http://www.securityfocus.com/bid/25831/info has 0.9.7m as being vulnerable. I'm not sure how one can try to get them to correct it on their list. Sorry, my mistake, not theirs, the fix for this issue has not yet been released as part of a 0.9.7x patch release. 0.9.7 stable fix, not released: http://cvs.openssl.org/chngview?cn=16642 0.9.8 fix, released. http://cvs.openssl.org/chngview?cn=16643 -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: How to reestablish a DTLS connection?
Datagram is stateless, so to be able to detect a broken session, the application will need to support heart-beat. Alex On Wed, Feb 20, 2008 at 5:31 AM, João Pedro Patriarca [EMAIL PROTECTED] wrote: Hi, After a DTLS connection established a peer fails (e.g. the client). The other peer (e.g. the server) maintains the connection state ignoring client's failure. When the client starts up and tries to establish a new connection, the server ignore the received packets because they aren't processed with the previous security parameters. How the DTLS protocol can be used to reestablish a new connection when the clients starts up again? Thanks in advance, João Pedro Patriarca
Session resumption with DTLS - does it work?
Hi, When I hit R on openssl s_server and s_client, the session is torn down and not resumed. May I assume DTLS session resumption is broken? Or not supported in s_server and s_client? Thanks, alex.
Problem on compilation of Openssl
Dear All; I am compiling the openssl that time I got some function and mapping of function which is not in openssl source. This is as follows: PKCS8_PRIV_KEY_INFO_it() // This function is not available in openssl ; PKCS8_PRIV_KEY_INFO_new () // this function is not going to map X509_EXTENSION_free () // this function is not available in openssl; PKCS8_PRIV_KEY_INFO_new()// This function is not available in openssl X509_EXTENSION_it// This function I did not get whole openssl source file d2i_PKCS8_PRIV_KEY_INFO // this function is not available in openssl; i2d_PKCS8_PRIV_KEY_INFO // this function is not available in openssl; i2d_X509_EXTENSION // this function is not available in openssl; Please tell me how(and where) I will find this function or I will map this function. Some other error on compilation of openssl is given below : [Error li1021] The following symbols referenced in processor 'p0' could not be resolved: 'PKCS8_PRIV_KEY_INFO_it [_PKCS8_PRIV_KEY_INFO_it]' referenced from 'Debug\p12_asn.doj' 'PKCS8_PRIV_KEY_INFO_it [_PKCS8_PRIV_KEY_INFO_it]' referenced from 'Debug\p12_p8d.doj' 'PKCS8_PRIV_KEY_INFO_it [_PKCS8_PRIV_KEY_INFO_it]' referenced from 'Debug\p12_p8e.doj' 'PKCS8_PRIV_KEY_INFO_new [_PKCS8_PRIV_KEY_INFO_new]' referenced from 'Debug\evp_pkey.doj' 'PKCS8_PRIV_KEY_INFO_new [_PKCS8_PRIV_KEY_INFO_new]' referenced from 'Debug\x_all.doj' 'X509_EXTENSION_dup [_X509_EXTENSION_dup]' referenced from 'Debug\x509_v3.doj' 'X509_EXTENSION_free [_X509_EXTENSION_free]' referenced from 'Debug\ocsp_ext.doj' 'X509_EXTENSION_free [_X509_EXTENSION_free]' referenced from 'Debug\t_req.doj' 'X509_EXTENSION_free [_X509_EXTENSION_free]' referenced from 'Debug\v3_conf.doj' 'X509_EXTENSION_free [_X509_EXTENSION_free]' referenced from 'Debug\v3_lib.doj' 'X509_EXTENSION_free [_X509_EXTENSION_free]' referenced from 'Debug\v3_utl.doj' 'X509_EXTENSION_free [_X509_EXTENSION_free]' referenced from 'Debug\x509_req.doj' 'X509_EXTENSION_free [_X509_EXTENSION_free]' referenced from 'Debug\x509_v3.doj' 'X509_EXTENSION_it [_X509_EXTENSION_it]' referenced from 'Debug\ocsp_asn.doj' 'X509_EXTENSION_it [_X509_EXTENSION_it]' referenced from 'Debug\x_crl.doj' 'X509_EXTENSION_it [_X509_EXTENSION_it]' referenced from 'Debug\x_x509.doj' 'X509_EXTENSION_new [_X509_EXTENSION_new]' referenced from 'Debug\ocsp_ext.doj' 'X509_EXTENSION_new [_X509_EXTENSION_new]' referenced from 'Debug\x509_v3.doj' 'd2i_PKCS8_PRIV_KEY_INFO [_d2i_PKCS8_PRIV_KEY_INFO]' referenced from 'Debug\pem_pk8.doj' 'd2i_PKCS8_PRIV_KEY_INFO [_d2i_PKCS8_PRIV_KEY_INFO]' referenced from 'Debug\pem_pkey.doj' 'd2i_PKCS8_PRIV_KEY_INFO [_d2i_PKCS8_PRIV_KEY_INFO]' referenced from 'Debug\x_all.doj' 'd2i_X509_EXTENSION [_d2i_X509_EXTENSION]' referenced from 'Debug\x509_req.doj' 'i2d_PKCS8_PRIV_KEY_INFO [_i2d_PKCS8_PRIV_KEY_INFO]' referenced from 'Debug\pem_pk8.doj' 'i2d_PKCS8_PRIV_KEY_INFO [_i2d_PKCS8_PRIV_KEY_INFO]' referenced from 'Debug\x_all.doj' 'i2d_X509_EXTENSION [_i2d_X509_EXTENSION]' referenced from 'Debug\x509_req.doj' 'lseek [_lseek]' referenced from 'Debug\bss_fd.doj' 'stat [_stat]' referenced from 'Debug\by_dir.doj' Linker finished with 1 error cc3089: fatal error: Link failed Tool failed with exit/exception code: 1. Build was unsuccessful. Please give me suggestion. How I will remove this error. Thank you sir. Regards; Ajeet Kumar Singh
Re: OpenSSL Error
Where I'll get these libraries -lcrypto and -lssl. I am using Win32OpenSSL-0_9_8g.exe and I couldn't able to find those libraries you've mentioned. Subhankar Kumar Katyayan Tata Consultancy Services Mailto: [EMAIL PROTECTED] Website: http://www.tcs.com Experience certainty. IT Services Business Solutions Outsourcing [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 02/27/2008 01:38 AM Please respond to openssl-users@openssl.org To openssl-users@openssl.org cc openssl-users@openssl.org, [EMAIL PROTECTED] Subject Re: OpenSSL Error Hello, I am facing some problem when I tried to compile the application. This application was building fine, but after adding a file called digestclient.c (to support HTTPs), it's throwing the following error. Can anyone give some input on this. digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] Add -lcrypto -lssl libraries to linking process. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ForwardSourceID:NT4BDE =-=-= Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you
Re: OpenSSL Error
To add on in my prev mail. The C file which I am trying to compile on window having some linking issue, but at the same time when I tried to build it on Linux it was building fine. Where I'll get these libraries -lcrypto and -lssl. I am using Win32OpenSSL-0_9_8g.exe and I couldn't able to find those libraries you've mentioned. Subhankar Kumar Katyayan Tata Consultancy Services Mailto: [EMAIL PROTECTED] Website: http://www.tcs.com Experience certainty. IT Services Business Solutions Outsourcing Subhankar Katyayan/CHN/TCS Sent by: Subhankar Katyayan 02/27/2008 12:15 PM To openssl-users@openssl.org cc openssl-users@openssl.org, [EMAIL PROTECTED] Subject Re: OpenSSL Error Where I'll get these libraries -lcrypto and -lssl. I am using Win32OpenSSL-0_9_8g.exe and I couldn't able to find those libraries you've mentioned. Subhankar Kumar Katyayan Tata Consultancy Services Mailto: [EMAIL PROTECTED] Website: http://www.tcs.com Experience certainty. IT Services Business Solutions Outsourcing [EMAIL PROTECTED] Sent by: [EMAIL PROTECTED] 02/27/2008 01:38 AM Please respond to openssl-users@openssl.org To openssl-users@openssl.org cc openssl-users@openssl.org, [EMAIL PROTECTED] Subject Re: OpenSSL Error Hello, I am facing some problem when I tried to compile the application. This application was building fine, but after adding a file called digestclient.c (to support HTTPs), it's throwing the following error. Can anyone give some input on this. digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] Add -lcrypto -lssl libraries to linking process. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] ForwardSourceID:NT4BDE ForwardSourceID:NT4C1E =-=-= Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you
Help regarding error
when i compile the program p192.c i get following error
[EMAIL PROTECTED] ~]# gcc p192.c
/tmp/ccicrxZV.o: In function `main':
p192.c:(.text+0x12): undefined reference to `DH_new'
p192.c:(.text+0x31): undefined reference to `BN_bin2bn'
p192.c:(.text+0x3e): undefined reference to `BN_new'
p192.c:(.text+0x5c): undefined reference to `BN_set_word'
p192.c:(.text+0x71): undefined reference to `PEM_write_DHparams'
collect2: ld returned 1 exit status
the source code for this is given below
#include stdio.h
#include openssl/bn.h
#include openssl/asn1.h
#include openssl/dh.h
#include openssl/pem.h
unsigned char data[]={
0xD4,0xA0,0xBA,0x02,0x50,0xB6,0xFD,0x2E,
0xC6,0x26,0xE7,0xEF,0xD6,0x37,0xDF,0x76,
0xC7,0x16,0xE2,0x2D,0x09,0x44,0xB8,0x8B,
};
main()
{
DH *dh;
dh=DH_new();
dh-p=BN_bin2bn(data,sizeof(data),NULL);
dh-g=BN_new();
BN_set_word(dh-g,3);
PEM_write_DHparams(stdout,dh);
}
system configuration :
i am using fedora 4 , and i have installed openssl-0.9.8g
