organizationName field mismatch?

2003-06-19 Thread Eric Johnson
Title: organizationName field mismatch? Hi I was wondering if I could get some help from the community. I am having a problem processing a certificate request generated from a Nortel Contivity Switch to various versions of an OpenSSL CA (0.9.6 24 Sept 2000 and 0.9.6j April-2003). I have

RE: organizationName field mismatch?

2003-06-19 Thread Eric Johnson
Title: RE: organizationName field mismatch? I can also confirm that changing the policy to optional or supplied will result in successfully processing the request. The problem with making this change exists with processing requests from the existing pki environment. Meaning the policy match

PKCS12_key_gen

2003-06-19 Thread óÁÛËÁ
Hi, all. Sorry for a little bit naive question, but anyway. Is the PKCS12_key_gen(..) call : PKCS12_key_gen(pwd, strlen(pwd), IV, IVlen, PKCS12_KEY_ID, 1024, /* iters */ 24, /*DES3_KEY_L */

RE: openssl for windows ce tchar problem

2003-06-19 Thread Steven Reddie
Can you give me an example of an OpenSSL function that uses a char type where you expect to be able to use a TCHAR type? Regards, Steven -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Antonio d'Errico Sent: Thursday, 19 June 2003 7:48 PM To: [EMAIL

RE: openssl for windows ce tchar problem

2003-06-19 Thread Steven Reddie
In anticipation of your response... char is the type that has been used to represent a character in C for a very long time now, in fact I've read that it dates back to the same time as C's if keyword. TCHAR is a newish type defined by Microsoft that is equivalent to a char when doing a

errors processing PKCS12 file

2003-06-19 Thread Todd A. Oberly
Hello, Yesterday I installed OpenSSL 0.9.7b on my Athlon system with Debian Linux and a 2.2.20 kernel. As far as I can tell, the compile, test, and install were all flawless, but so far I've been unable to use it for anything useful. I wanted to try processing a binary PKCS12 file (ie. split

question about seeding the PRNG, plz help!

2003-06-19 Thread Michelle Li
Hi all, I posted this message few days ago, haven't got any feedback yet. Since I don't know anywhere else I can ask this, I'm posting it again. Please help: I just wrote a program using OpenSSL crypto library (version 0.9.7b). Everything works fine. But I have concerns about whether I

Re: question about seeding the PRNG, plz help!

2003-06-19 Thread Richard Levitte - VMS Whacker
In message [EMAIL PROTECTED] on Thu, 19 Jun 2003 13:40:19 -0700 (PDT), Michelle Li [EMAIL PROTECTED] said: xiaowei I just wrote a program using OpenSSL crypto library (version xiaowei 0.9.7b). Everything works fine. But I have concerns about xiaowei whether I should seed the PRNG and exactly how

Re: question about seeding the PRNG, plz help!

2003-06-19 Thread Brian Hatch
In my program, I have calls to RSA_generate_key and also RAND_bytes which is used to generate a DES key. It's obvious that these functions require source of randomness, and in the documentation it also said to seed the PRNG before calling them. However, because I couldn't figure out

Re: question about seeding the PRNG, plz help!

2003-06-19 Thread Brian Hatch
Unless you're very concerned about entropy, I'd be happy with the stuff that OpenSSL finds on it's own. I haven't looked at the source recently - what sources are searched on Windows by default? In the environments I'm used to, the screen is static (the machine is headless anyway) and the

RE: question about seeding the PRNG, plz help!

2003-06-19 Thread David Schwartz
I posted this message few days ago, haven't got any feedback yet. Since I don't know anywhere else I can ask this, I'm posting it again. Please help: I just wrote a program using OpenSSL crypto library (version 0.9.7b). Everything works fine. But I have concerns about whether I should seed

Re: question about seeding the PRNG, plz help!

2003-06-19 Thread Brian Hatch
Linux should have /dev/urandom and Windows should have CryptGenRandom Is CryptGenRandom suitable? I haven't heard anyone authoritatively say yes, it's as good as the Linux /dev/urandom anywhere. You can take anything that is unpredictable and use it. What's the exact time, to the

RE: question about seeding the PRNG, plz help!

2003-06-19 Thread David Schwartz
Linux should have /dev/urandom and Windows should have CryptGenRandom Is CryptGenRandom suitable? I haven't heard anyone authoritatively say yes, it's as good as the Linux /dev/urandom anywhere. It is supposedly suitable, that is, Microsoft claims it is. You can take

No shared cipher?

2003-06-19 Thread Jay Cornwall
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi I've just started my first project involving SSL, but sadly all is not rosy in the OpenSSL garden. Perhaps you can help me out? My server performs these OpenSSL library calls: 1. sslctx = SSL_CTX_new( SSLv3_server_method() ); 2.

Re: From BSAFE to Openssl

2003-06-19 Thread Wu Junwei
(B (B (BHi, (B As I know, even the length of the text you will encrypt (Bis multiple of block size, BSAFE will add the padding itself. (BIn this case, BSAFE will add a whole block attached to the end of the (Btext. (BAnd when decrypting, BSAFE will delete the padding. (B (BSo , if you

read private key out

2003-06-19 Thread Wu Junwei
(B (B (BHi,all (B (BI have a question on reading the private key out from a certificate (Bfile. (B (BI 'd like to read a private key in a certificate file and returns the (Bprivate key data and length in memroy, which functions in OpenSSL should I (Bchoose to use? (B