OpenSSL command line HMAC

2009-01-30 Thread Young, Alistair
Hi, To generate an HMAC key using SHA-256, I can issue the following command: openssl dgst -sha256 -hmac -binary < message.bin > mac.bin I realised (eventually!) that the key is not supplied as a hex string (0a0b34e5.. etc.) but in a binary format. Obviously this leads to some fairly unplea

get server certificate after handshake failed

2009-01-30 Thread Roman Aspetsberger
Hi. I have got the following problem in my application: - I have added an own callback function for certificate verification, which will let the handshake fail if the verification fails. - But if a verification process fails, I need the presented server certificate outside the callback functio

Re: Errors in openssl-SNAP-20090130

2009-01-30 Thread Michael S. Zick
tion it appears in.) > s2_pkt.c:518: warning: unused variable `size' > *** Error code 1 > > Stop. > *** Error code 1 > > Stop. > doctor.nl2k.ab.ca//usr/source/openssl-SNAP-20090130$ exit > exit Mike

RE: Openssl signature verification

2009-01-30 Thread Dave Thompson
> From: owner-openssl-us...@openssl.org On Behalf Of Ajeet kumar.S > Sent: Friday, 30 January, 2009 00:07 > In openssl API X509_verify(X509 *a, EVP_PKEY *r) is used to verify > the signature of certificate. I have some doubt please help me. > Is in this API we are passing the CA certificate and

Openssl: bio/crypto orthoganalization

2009-01-30 Thread terr
I've not looked at the OpenSSL code for a few years now. Last time I looked the only way to do things was via a "BIO" and the BIO functions did the crypto. This is totally inappropriate for many server designs. I would like to ask if the crypto/bio functions have been factored apart so the