Michael Schmidt via RT wrote:
Richard Levitte via RT schrieb:
Well, that depends on what you mean with number of bits. Take a number
like 0x0432, how many bits does it have? You could view it as a word,
and say it has 16 bits, or you could look at it more closely, and find
out that it has 11
On Tue, Feb 24, 2004 at 01:39:26AM +0100, Dr. Stephen Henson wrote:
On Mon, Feb 23, 2004, Lev Walkin wrote:
Dr. Stephen Henson wrote:
On Mon, Feb 23, 2004, Chris Brook wrote:
Is there any support in crypto-x509(v3) for certificate policy
processing/checking as described in X.509
On Fri, Feb 20, 2004 at 03:52:00PM -0700, Swaminathan P wrote:
Hi,
Can someone help me with info on this question?
Is there some significance to encrypt the MAC along with the message?
Is there some pitfall in leaving the MAC in the cleartext and encrypt the
message alone...
thanks,
swami
Dear OpenSSL team,
please consider a patch attached.
It adds 2 binary curves defined in RFC 2409 and 2412.
It unclear whether any well-known OID was ever assigned
and I'm not quite sure what are the right cofactor values
regards,
Vadim
- Forwarded message from Vadim Fedukovich [EMAIL
OIDs
regards,
Vadim
On Sun, Nov 16, 2003 at 12:48:43PM +0100, Nils Larsch wrote:
On Saturday 15 November 2003 22:59, Nils Larsch wrote:
Hi Vadim,
On Saturday 15 November 2003 13:34, Vadim Fedukovich wrote:
Dear OpenSSL team,
please consider a patch attached.
It adds 2 binary
OIDs
regards,
Vadim
On Sun, Nov 16, 2003 at 12:48:43PM +0100, Nils Larsch wrote:
On Saturday 15 November 2003 22:59, Nils Larsch wrote:
Hi Vadim,
On Saturday 15 November 2003 13:34, Vadim Fedukovich wrote:
Dear OpenSSL team,
please consider a patch attached.
It adds 2 binary
Dear OpenSSL team,
please consider a patch attached.
It adds 2 binary curves defined in RFC 2409 and 2412.
It unclear whether any well-known OID was ever assigned
and I'm not quite sure what are the right cofactor values
regards,
Vadim
- Forwarded message from Vadim Fedukovich [EMAIL
On Thu, Aug 21, 2003 at 03:15:10PM -0400, Bala Pitchandi wrote:
Hello,
Does the following method of assigning the value of P g (which are in hex
representation in a string) look okay?
code snippet
a = DH_new();
if (a == NULL)
goto err;
BN_hex2bn
are quite good at helping signatures verification.
And yes, certificate current status check is required in some environments.
However one might want to see the whole picture.
Regards
Amar
Vadim Fedukovich wrote:
On Thu, Jul 17, 2003 at 10:56:06PM +0200, Dr. Stephen Henson wrote
and parameters.
Hint wanted: what exactly is a 1.3.6.1.4.311.21.1 object listed as
the last extension there?
thank you,
Vadim Fedukovich
--
Naina library: http://www.unity.net/~vf/naina_r1.tgz
__
OpenSSL Project
.
Hint wanted: what exactly is a 1.3.6.1.4.311.21.1 object listed as
the last extension there?
thank you,
Vadim Fedukovich
--
Naina library: http://www.unity.net/~vf/naina_r1.tgz
certnew.cer
Description: Binary data
--- crypto/objects/objects.txt.orig Fri Dec 20 11:39:42 2002
+++ crypto
hi Axelle,
simple google.com search on sliding window montgomergy shows
at least two pointers:
http://citeseer.nj.nec.com/kaya96analyzing.html
http://users.belgacom.net/dhem/these/
Hope one can read that papers to better understand OpenSSL code
best wishes,
Vadim
On Tue, Apr 01, 2003
On Thu, Jan 16, 2003 at 03:37:04PM +0100, Massimiliano Pala wrote:
Hi all,
I have one question for you. I want to check extensions added to a CRL
entry but I do not know how to access informations. Actually I use the
code:
rev = X509_CRL_get_REVOKED(crl);
for(i = 0; i
Dear OpenSSL team,
Naina merchant, CCA and hierarchy generator were tested to run
registration and shopping sessions for Mastercard Wallet version 2.1.5.0
It was tested on linux-i386 (debian 3.0), openssl target linux-elf
Naina use new ASN.1 openssl code heavily to parse and create messages
decision
best wishes,
Vadim Fedukovich
[EMAIL PROTECTED]
consulting and software development
Dnepropetrovsk Ukraine
On Tue, Dec 10, 2002 at 08:24:09AM +0100, Jeyalakshmi via RT wrote:
hi
we would like to apply SSL to our Web site. Now most of our pages are using
Request.Querystring object. I
I'm sorry for sending that to the list
On Tue, Dec 10, 2002, Vadim Fedukovich via RT wrote:
Dear Jeyalakshmi,
[...]
__
OpenSSL Project http://www.openssl.org
Development Mailing List
On Tue, Nov 12, 2002 at 11:04:17PM +0100, Frédéric Giudicelli via RT wrote:
Well IETF didn't answer...
I'm guessing that M$ is wrong, that would not be the first time, howerver
the real question now, is how do you contact M$, the report the bug, the guy
I was in contact with, is:
krish
On Sun, Nov 03, 2002 at 01:56:31AM +0100, Massimiliano Pala wrote:
Hi,
I am trying to decrypt some data in a pkcs7 env structure. The problem comes
when I try to use the PKCS7_decrypt (I guess the problem to be in
PKCS_dataDecode that is actually called -- see pk7_doit.c and pk7_smime.c).
On Fri, Nov 01, 2002 at 12:51:24AM +0100, Frédéric Giudicelli via RT wrote:
Well Microsoft support tells me it's openssl's fault, and you tell me it's
microsoft's ?
It's dead end, what am I supposed to tell my clients ?
Well, Microsoft and openssl are not the only code available.
Would you
On Mon, Oct 21, 2002 at 11:30:32PM +0900, Kiyoshi WATANABE wrote:
Dear list,
I have a question on the NULL parameter in algorithm Identifier
in CertID of OCSP Request. When I create a ocsp request, NULL is
set in algorithm Identifier parameter. Is this necessay?
I use
On Mon, Oct 14, 2002 at 04:14:17PM +0900, Maya wrote:
Hello!
I am using smime-tool for creating SMIME messages. I found and option which I can
use to extract signer's certificate when verifying the message.
How I can extract encryption Certificates used to encrypt the message?
PKCS7
On Fri, Oct 11, 2002 at 03:54:39PM +0200, [EMAIL PROTECTED] wrote:
Dear openssl hackers,
Attached is a new applet for /usr/bin/openssl that we developped.
It may be used to decode Oracle Wallet Manager 2.1's nonstandard
dear Dominique,
is it Secure Electronic Transactions[tm] -aware
On Tue, Oct 08, 2002 at 03:01:43PM +0200, Frederic DONNAT wrote:
Hi all,
I'd like to know the better way to be fault tolerant when using a cryto accelerator
through an engine.
In fact, we want to redirect all crypto computations provided by our engine to soft
ones when an error occured
On Wed, Aug 14, 2002 at 05:05:27PM +0300, Arne Ansper wrote:
On Wed, 14 Aug 2002, Ben Laurie wrote:
The point is that the application is now in an inconsistent state and
cannot reliably know anything. Even returning from a function could
cause an exploit. The only safe thing to do is
On Fri, Jul 19, 2002 at 09:37:22AM +0200, Michael Schmidt wrote:
Hi,
For a research project I'm working on, I want to use OpenSSL with
ADH-DES-CBC3-SHA (TLSv1). This means I want to use neither a server-side
nor a client-side certificate; and the pre-master secret shall be
established
hi Michael,
On Fri, Jul 19, 2002 at 12:17:23PM +0200, Michael Schmidt wrote:
Hi Vadim,
Vadim Fedukovich schrieb:
For a research project I'm working on, I want to use OpenSSL with
ADH-DES-CBC3-SHA (TLSv1). This means I want to use neither a
server-side nor a client-side certificate
On Thu, Jun 27, 2002 at 08:46:52AM +0200, [EMAIL PROTECTED] via RT wrote:
When I try to set up an SSL connection between two invocations of
the openssl command, I get a no shared cipher error. Since I can
set up SSL connections to web servers, I suspect that the problem is
with the openssl
On Wed, Jun 12, 2002 at 09:07:40AM +0200, Michael Bell wrote:
Vadim Fedukovich schrieb:
On Tue, Jun 11, 2002 at 01:46:40PM +0200, Michael Bell wrote:
Hi,
I start a simple implementation of othername only for strings in the
subject alternative name. Actually I have a problem
On Tue, Jun 11, 2002 at 01:46:40PM +0200, Michael Bell wrote:
Hi,
I start a simple implementation of othername only for strings in the
subject alternative name. Actually I have a problem with the resolving
of the ASN1_TYPE.
OTHERNAME is defined like this in crypto/x509v3/x509v3.h:
On Mon, Jun 10, 2002 at 05:42:42PM +0200, Lutz Jaenicke via RT wrote:
On Wed, Jun 05, 2002 at 09:33:25AM +0200, Vadim Fedukovich via RT wrote:
patch to add SET-specific objects is attached. It's rather large,
still it would let to build Naina without modifying openssl code.
I have made
]
Subject: Re: Naina announce (was: [ANNOUNCE] OpenSSL 0.9.1 beta 1 released)
On Wed, Jun 05, 2002 at 03:35:31AM +0300, Vadim Fedukovich wrote:
hi list,
Naina library may be considered an ASN.1 test; it handles some
Secure Electronic Transactions messages.
http://www.unity.net/~vf/naina_r1.tgz
On Fri, 17 May 2002, Madis Janson via RT wrote:
Probable bug causes SEGFAULT due to access to pointers in
uninitialized EVP_CIPHER_CTX structure given to EVP_CipherInit_ex
Most likely, OpenSSL_add_all_algorithms() was not run, yet
function by PKCS5_pbe2_set function, when using
On Tue, 16 Apr 2002, Michael Bell wrote:
Vadim Fedukovich schrieb:
On Mon, 15 Apr 2002, Michael Bell wrote:
Hi,
we found today a big problem with the DNs which OpenSSL displays because
our application (OpenCA) produce DNs which are conform to the
directorystandards
On Mon, 15 Apr 2002, Michael Bell wrote:
Hi,
we found today a big problem with the DNs which OpenSSL displays because
our application (OpenCA) produce DNs which are conform to the
directorystandards but OpenSSL interprets them in the opposite order.
What does this mean?
Here an example:
On Wed, 13 Mar 2002, Jeff Roberts wrote:
I have heard that the reason that Microsoft bought a large part of
Coral is to have them put .NET on Linux !
Yes, they also buy hotmail to prove it cant be running on nt.
Could we keep on .NET please when they manage to make some code?
On Sun, 23 Dec 2001, Michael Pogrebisky wrote:
Hi all,
Recently I needed to perform the following task: given a certificate request
(PKCS10 structure), make another one, with just a different public key.
So, I've written the following piece of code to do this:
// Declarations
EVP_PKEY
On Tue, 28 Aug 2001, Gurudas wrote:
HI ,
I am trying to send a HTTP POST request to server . For this method it
is giving segmentaion fault. What is reason? But it is working in GET
method. Please suggest a solution for this.
One should say not much info to suggest a solution.
Still,
On Tue, 17 Apr 2001, [iso-8859-1] Götz Babin-Ebell wrote:
Andy Brown wrote:
I believe I've found a bug with the UNIX command-line "openssl enc"
...
This leads me to believe it's an allocation problem.
It is not.
If no IV is set, it is undefined and some random value is used.
(an
Hi,
here's a code at 0.9.5a apps/pkcs12.c print_attribs()
case V_ASN1_OCTET_STRING:
hex_prin(out, av-value.bit_string-data,
probably it can be fixed easy
thanx for great tool,
Vadim
__
OpenSSL Project
. This code is based on Dan Boneh and Matthew Franklin's
paper and many thanx for the good and smart trick.
Please consider this as contribution,
Vadim
/*
Copyright (C) 2000 Vadim Fedukovich ([EMAIL PROTECTED])
All rights reserved
No warranties
HOWTO compute private RSA key while distributed
On Fri, 11 Aug 2000, Ian Upright wrote:
Does OpenSSL directly support prng?
There's a quite good prng implemented by OpenSSL library.
What would be the advantage of using a
named socket, over using a simple ordinary socket like the EGD?
The point is to pickup good randomness source(s)
On Thu, May 11, 2000 at 10:45:45AM +0200, Florian Munz wrote:
Hi
some problems with make:
...
/usr/include/bits/errno.h:25: linux/errno.h: No such file or directory
install glibc-development.rpm
--vf
__
OpenSSL Project
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
On Fri, Mar 10, 2000 at 10:31:57AM -0600, Mark E. Schoneman wrote:
...
Using pkcs7 command, went looking for some certs. Found
...
Found a vaild cert but no request. What did you do different to find the
request?
Request should be in pkcs7 payload and the cert you found is self-signed.
On Sun, Mar 05, 2000 at 10:26:43PM -0800, dave madden wrote:
Hi.
I'm trying to use OpenSSL to create certificates for a Cisco PIX
firewall/vpn box. I've been able to download my CA cert to the PIX,
and (thanks to Matt Burgoon!) I've extracted the PIX's certificate
request from the PKCS7
On Fri, Feb 11, 2000 at 01:04:09PM -0800, vijay karthik wrote:
...
I ran the command,
openssl verify mycertificatename
...
error 20 at 0 depth lookup:unable to get local issuer
certificate
Seems this one goes to "top 10 of FAQ"
Any idea on what the problem could be ?
Trusted self-sined
Hi Alex,
do you have symlink hash.0 pointing to your trusted cert?
yours,
Vadim
On Mon, Feb 07, 2000 at 06:31:41PM +1100, Alex Cosic wrote:
Hi,
I used the code which is more or less standard for verification of
certificates:
SSL_CTX_set_verify(ctx,SSL_VERIFY_PEER,server_verify_cb)
Hi Raul,
do you have text editor??
--vf
On Tue, Feb 01, 2000 at 09:52:20AM -0600, Raul Gutierrez Rodriguez wrote:
When i sign a client certifificate with the comand:
openssl ca -name ca -config ./openssl.cnf -out file.pem -infiles
file_req.pem
The file file.pem have the following
48 matches
Mail list logo