RE: FIPS 14-2 vs MD5

Remove --- En date de : Mar 18.8.09, David Schwartz dav...@webmaster.com a écrit : De: David Schwartz dav...@webmaster.com Objet: RE: FIPS 14-2 vs MD5 À: openssl-users@openssl.org Date: Mardi 18 Août 2009, 1h40 Roger No-Spam wrote: When building openssl in FIPS 140-2 mode, the MD5

remove

Re : ocsp from C program

1) See openssl-0.9.8g/apps/ocsp 2) See also http://www.openssl.org/docs/apps/ocsp.html#     Best regards, Abderrahmane,   --- En date de : Jeu 10.7.08, Sergio Yébenes Moreno [EMAIL PROTECTED] a écrit : De: Sergio Yébenes Moreno [EMAIL PROTECTED] Objet: ocsp from C program À:

RE : Generation of DES key

Hello Driss, I think, it will be theDESCheckResult = DES_set_key_checked(theDESKey1, theSchedule); DES_ecb_encrypt((DES_cblock *) buff, (DES_cblock *) theOutput, theSchedule, DES_ENCRYPT); Namely that DES_ecb_encrypt is described like that : void

RE : Generation of DES keys

Hello Driss, I'll hope that may help See http://www.openssl.org/support/faq.html : Why do I get a PRNG not seeded error message? Cryptographic software needs a source of unpredictable data to work correctly. Many open source operating systems provide a randomness device

RE : Re: 3des algorithm

See www.dis.uniroma1.it/~alberto/didattica/JCE_3DES.java as an example en mode ede: encrypt-decrypt-encrypt Abderrahmane, Dr. Stephen Henson [EMAIL PROTECTED] a écrit : On Thu, Nov 08, 2007, Lidia Fernndez wrote: Hello all!! I have an application that interact with Linux and

Re: How to buld a public RSA key from modulus and exponent ?

Hi, see openssl-0.9.7g/crypto/rsa/rsa_test.c . good luck. Abdou, _ Découvrez le nouveau Yahoo! Mail : 1 Go d'espace de stockage pour vos mails, photos et vidéos ! Créez votre

Re: Verifying a signature

I think that the format of the signature make problem, normally the standard format of signature is a DER format. Abdou, __ Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour

Re: Verifying a signature

make this test to see exactly what you have as errors. if (err != 1) { ERR_print_errors_fp (stderr); exit (1); } Abdou, __ Découvrez le nouveau Yahoo! Mail : 250 Mo

Re: Loading RSA keys from file.

try pubKey=*PEM_read_RSA_PUBKEY(file, NULL,NULL,NULL); in the place of PEM_read_RSAPublicKey. if it doesn't work try to use the load_key function with a PEM format in apps.c , i didn't remember where you can find it , im not sure . good luck. Abdou,

Re: AES ( Advanced Encryption Standard)

Hi, Yes openssl supports AES encryption, see the directory "crypto" in openssl. Abdou,"CHIN, LEY-HUA (Ginger), ALABS" [EMAIL PROTECTED] wrote: Hi, DoesOpenSSL support AES? If it does, where can I find the document for AES API? I checked on www.openssl.org, no luck!If it doesn't, then will it

Question about IMPLICIT Tagging .

Hi friends, Im dealing with decoding a BER format, and i want to know if we can have an implicit tag in a constructive method, insted of explicit tag, or it can be used just for primitive method, because i don't have the keyword EXPLICIT or IMPLICIT in a tag [0]{ as an example , wich is tagged as

Re: Question about IMPLICIT Tagging .

--- Frank Balluffi [EMAIL PROTECTED] a écrit : Abdou, I will try to answer at least some of your questions ... If the sixth most significant bit of the identifier octet is 1, the encoding is constructed. Otherwise, the encoding is primitive. when i said that i have a constructed

Re: Question about IMPLICIT Tagging .

Think you Egon. I will see the mailing list, I've tried some modules but it doesn't work :) . have a nice day . Abdou, Vous manquez d’espace pour stocker vos mails ? Yahoo! Mail vous offre GRATUITEMENT 100 Mo ! Créez votre Yahoo! Mail sur

Re: signedandenveoped + encryption from commandline

--- Alok [EMAIL PROTECTED] a écrit : But when you sing with your public key, and encrypt with your public key, how will he decrypt it if he does not have your private key? you sign with the private key existed in mycert.pem or in a separate file priv_key.pem , after you use this private

Re: signedandenveoped + encryption from commandline

--- Lars [EMAIL PROTECTED] a écrit : El hallabi-Kettani Abderrahmane schrieb: try this : openssl smime -sign -in ml.txt -signer mycert.pem -text | openssl smime -encrypt -outform der -out mail.der -aes256 mycert.pem I'm afraid this doesn't work either

Re: signedandenveoped + encryption from commandline

--- Alok [EMAIL PROTECTED] a écrit : I think there is a reason why you cant encrypt a message without 1st signing it using smime By your logic, any preshared key would do the trick , why bother with the cert ? (in other words, hiscert or mycert, if all you are doing is using it as

Re: signedandenveoped + encryption from commandline

--- Alok [EMAIL PROTECTED] a écrit : El hallabi-Kettani Abderrahmane wrote: --- Alok [EMAIL PROTECTED] a écrit : I think there is a reason why you cant encrypt a message without 1st signing it using smime By your logic, any preshared key would do the trick , why bother

Re: Regd ASN1_ITEM_rptr( )

First it's not a function it's a macro , you'll find it in asn1/asn1.h #define ASN1_ITEM_rptr(ref) (ref##_it()) Normally the IMPLEMENT_ASN1_FUNCTIONS(X509) will do the trick . Else the macro will help : #define DECLARE_ASN1_ITEM(name) OPENSSL_EXTERN const ASN1_ITEM name##_it;

Re: Regd ASN1_ITEM_rptr( )

try this DECLARE_ASN1_FUNCTIONS(name) . DECLARE_ASN1_ITEM(name) may be used for The Platforms that can't easily handle shared global variables , then are declared as functions returning ASN1_ITEM pointers. see that too: #define DECLARE_ASN1_ITEM(name) \ const ASN1_ITEM *

Re: Problem with reading a RSA public ey

Use this : if ((bio_err=BIO_new(BIO_s_file())) != NULL) BIO_set_fp(bio_err,stderr,BIO_NOCLOSE|BIO_FP_TEXT); pkey = load_key(bio_err,argv[1],FORMAT_PEM, 1, NULL, NULL, Private Key); if (pkey != NULL) rsa = pkey == NULL ? NULL : EVP_PKEY_get1_RSA(pkey);

Re: Problem with reading a RSA public ey

--- Sid Hegde [EMAIL PROTECTED] a écrit : Hi, Thanks for the tip. Your code did not work, but it work after being modified. Below is the modified code fp = BIO_new_file(private.pem, r); pkey = PEM_read_bio_PrivateKey(fp, 0, 0, 0); if (pkey != NULL) key =

Re: bio_ber.c

Good morning Doctor, this is the structure : typedef struct structure_st { ASN1_OBJECT *type; X509 *x509; union { char *ptr; /* NID_structure_data */ ASN1_OCTET_STRING *data; /*

Re:bio_ber.c

Thank you Doctor for your reply. Is there any example who's applied to BER format. I want to deploy the d2i_PKCS7_bio for another structure which is like a PKCS7 but in BER encoding to load it, and i have to use item to represent it . I use this function : struct *d2i_struct_bio(BIO *bp, struct

Re: Problem with including DER extentions

--- Craig Gleadall [EMAIL PROTECTED] a écrit : Hello, I am trying to get my CA to issue a user certificate with the privateKeyUsagePeriod extention (2.5.29.16). This extension includes a notBefore and notAfter GeneralizedTime attribute. I saw in the openssl.cnf file that I can

Re: bio_ber.c

you have right Doctor, IMPLEMENT_ASN1_FUNCTIONS(stname) call IMPLEMENT_ASN1_FUNCTIONS_fname(stname, stname, stname) wich call IMPLEMENT_ASN1_FUNCTIONS_fname(stname, itname, itname) wich calls 1) IMPLEMENT_ASN1_FUNCTIONS_ENCODE_name(stname, itname) 2)

i find it .

Im sorry it's in the x509 directory :) . Vous manquez d’espace pour stocker vos mails ? Yahoo! Mail vous offre GRATUITEMENT 100 Mo ! Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/ Le nouveau Yahoo! Messenger est arrivé ! Découvrez toutes les

extract an IV and Key session from a DER file.

Hello friends, I want to extract an IV and a key session from a DER file for decryption, and wich corresponds for example to aes-256-cbc algorithm . i dumpasn1 the file , so i have an ASN1 format,from that i want to extract them not manually :), may be the function EVP_CIPHER_asn1_to_param is