Need money for school?
Hi! Have a look... http://progressingpromotion.com/r/?r=2cc9283a-330f-1029-8d2f-00132060c3d9&i=gmail&z=1&tc=15 Talk soon! __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Loading CRL to Client
On 1/13/06, am0ykam0te (sent by Nabble.com) <[EMAIL PROTECTED]> wrote: my version of openssl does not have the constant flags you included.. (X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL).. View this message in context: Re: Loading CRL to ClientSent from the OpenSSL - Dev forum at Nabble.com. Can u show me the full code ?
Re: Loading CRL to Client
On 1/13/06, am0ykam0te (sent by Nabble.com) <[EMAIL PROTECTED]> wrote: I tried using these 3 code snippets but my client still accepts the server certificate I included in the CRL.BTW Im using OpenSSL 0.9.6h pStore = SSL_CTX_get_cert_store(ctx); pLookup = X509_STORE_add_lookup(pStore, X509_LOOKUP_file()); ret = X509_load_cert_crl_file(pLookup,clientCRL,X509_FILETYPE_PEM); pStore = SSL_CTX_get_cert_store(ctx); crl = d2i_X509_CRL_fp(fCRL,NULL); ret = X509_STORE_add_crl(pStore, crl); pStore = SSL_CTX_get_cert_store(ctx); pLookup = X509_STORE_add_lookup(pStore, X509_LOOKUP_file()); ret = X509_load_crl_file( pLookup, clientCRL,X509_FILETYPE_PEM); View this message in context: Re: Loading CRL to Client Sent from the OpenSSL - Dev forum at Nabble.com. Do X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK); X509_STORE_CTX_set_flags (csc, X509_V_FLAG_CRL_CHECK_ALL); After loading CRL in context. - RSJ
Re: Loading CRL to Client
On 1/13/06, am0ykam0te (sent by Nabble.com) <[EMAIL PROTECTED]> wrote: Can any body tell me API's on loading crl's on a client. View this message in context: Loading CRL to ClientSent from the OpenSSL - Dev forum at Nabble.com. int X509_STORE_add_crl(X509_STORE *ctx, X509_CRL *x)
Re: Verify a signed & private key pair
Hi Prakash, #openssl rsa -in ksbkey.pem -check I think above comaand just verify the consistency of the private key. Wjat i have to verify is that Certificate & private key pair is genuine. One method i know is RSA sign & verify and i m looking for some more options. njoy!!! On 8/30/05, prakash babu <[EMAIL PROTECTED]> wrote: Hello Rajeshwar , let cacert.pem be your CA certificatelet ksbcert.pem and ksbkey.pem be your certificate and private/public key pair To verify you certificate #openssl verify -CAfile cacert.pem ksbcert.pem To verify the consistency of your private key#openssl rsa -in ksbkey.pem -check -- Prakash Rajeshwar Singh Jenwar <[EMAIL PROTECTED]> wrote: Hi, How to verify a signed certificate by a CA(.pem) & coresponding private key(.pem) ? It is just to verify that someone has played with private key or not. Thx. Rajeshwar Singh Start your day with Yahoo! - make it your home page
OPENSSL_gmtime() is not ported for pSOS
Hi ALL, OPENSSL_gmtime() defines in O_time.c internally calls "struct tm* " through gmtime() but in pSOS gmtime() always retuen NULL. So can we say OPENSSL_gmtime() will always fails fro pSOS ? Can anyone suugest proper porting ! __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
RSA_privtae_eccrypt() is causing the STACK DUMP !!!
Hi All, I am using pSOS on ARM 7.0 LE board. RSA_private_encrypt() which is needed to "signing the private key with hash" is causing a "STACK CRASH" ? The Function trace is :- RSA_private_encrypt() -> RSA_eay_private_encrypt() -> loop of ( BN_mod_exp_mount() -> BN_from_montgomery() ) and it is crashing the stack in BN_from_montgomery(). I think problem is there BIGNUM is not ported properly for board in OpenSSL. Please help in this regard or give any hints. Thanks in advance. Thanks & Regards, Rajeshwar Singh __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]