how to (more manually) verify signature in SignedData ?

2013-01-21 Thread kapetr
Hello, I'm trying to manually verify signature in some SignedData ASN.1 structures, which is used in most cases in signature - e.g. S/MIME, Timestamps, ... using x.509 certificates. Lets see this example: -in file.tsr is Time Stamp reply - it contains SignedData structure (at byte 9 offset)

Re: Can I build the FIPS module with /MT?

2013-01-21 Thread Jakob Bohm
On 1/21/2013 1:29 AM, Jeffrey Walton wrote: On Sun, Jan 20, 2013 at 6:51 PM, jb-open...@wisemo.com wrote: On 18-01-2013 20:26, Jeffrey Walton wrote: On Fri, Jan 18, 2013 at 11:01 AM, Memmott, Lester lester.memm...@landesk.com wrote: All modern Versions of Microsoft's C Runtime are thread

Re: Cert in DNS (DANE, DNSSEC) and OpenSSL

2013-01-21 Thread koichi sugimoto
I'm afraid that implementing DANE cause new certification vendor not to come into the market. - SUGI 2013/1/10 Bry8 Star bry8s...@yahoo.com It would be great to see/know what can be used to enable DANE support in OpenSSL. Those who are interested in bit more info on DANE (and related) :

RE: how to (more manually) verify signature in SignedData ?

2013-01-21 Thread Dave Thompson
From: owner-openssl-us...@openssl.org On Behalf Of kapetr Sent: Monday, 21 January, 2013 05:27 I'm trying to manually verify signature in some SignedData ASN.1 structures, which is used in most cases in signature - e.g. S/MIME, Timestamps, ... using x.509 certificates. Lets see this

RE: no OpenSSL_Applink in Custom Windows Credentials Provider

2013-01-21 Thread Dave Thompson
From: owner-openssl-us...@openssl.org On Behalf Of PA3MEP Sent: Sunday, 20 January, 2013 11:13 I`am creating a Custom Credentials Provider for Windows 7/8, which uses axis2c library with openSSL support to communicate with SOAP service, which provides authentification information. I

RE: Openssl server certificates validation error

2013-01-21 Thread Dave Thompson
From: owner-openssl-us...@openssl.org On Behalf Of Hazrat Shah Sent: Friday, 18 January, 2013 20:02 Pls, see my comments below. -Original Message- From: owner-openssl-us...@openssl.org On Behalf Of Dave Thompson Sent: Friday, January 18, 2013 7:55 PM To: openssl-users@openssl.org

Verify Failing for some CA's with 19 X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN, Cert in question is in the store.

2013-01-21 Thread David Hinkle
So I've got my ssl client working pretty well. It does great with most websites, but some of them it doesn't verify the certificate chain for, returning the above error. The CA root cert in question is in the certificate store, and the server isn't actually sending the root so I'm pretty sure

RE: Openssl server certificates validation error

2013-01-21 Thread Hazrat Shah
With openssl s_client -connect yourhost:port -CAfile xx.cert I am getting error 21. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson Sent: Monday, January 21, 2013 6:34 PM To: openssl-users@openssl.org Subject: