Re: Loading RSA keys from file.

Hello: I send you a function that read RSA public and private key from a file: RSA *RecuperaClavesRSA(int type, char *pemfile){ FILE *fp; RSA *key=NULL; switch (type){ case READPUB: if((fp = fopen(pemfile,"r")) == NULL) { fprintf(stderr,"Error: Public Key file doesn't exists.\n");

Re: SHA2

Milan Tomic wrote: I'm trying to generate self signed certificates with sha256, sha384 and sha512 algorithms for testing purposes. It seems openssl.exe doesn't understand it, although I have downloaded latest version (openssl-0.9.7g). try a recent snapshot from 0.9.8-dev (the cvs head) Nils

Re: Verifying a signature

Andreas Hoffmann wrote: ... md_ctx = EVP_MD_CTX_create(); EVP_VerifyInit_ex(md_ctx, EVP_sha1(), NULL ); EVP_VerifyUpdate(md_ctx, data, data_length); sig_err = EVP_VerifyFinal(md_ctx, signature, signature_length, pkey); if (sig_err == -1) { printf(An error occured while verifying the

Re: Problem to cipher/decypher a struct with RSA

Angel Martinez Gonzalez wrote: Hello: I want to cypher/decypher an struct: struct PeticionSeudonimo { char *mensaje; int id_peticion; DES_cblock *clave_simetrica; }peticion_seudonimo; To do this, I first convert this struct to char *: char *ptrPeticionSeudonimo = (char

Re: Verifying a signature

Nils Larsch wrote: Andreas Hoffmann wrote: ... md_ctx = EVP_MD_CTX_create(); EVP_VerifyInit_ex(md_ctx, EVP_sha1(), NULL ); EVP_VerifyUpdate(md_ctx, data, data_length); sig_err = EVP_VerifyFinal(md_ctx, signature, signature_length, pkey); if (sig_err == -1) { printf(An error occured while

Re: Problem to cipher/decypher a struct with RSA

Hello: Thanks Nils for you help, but I obtain the problem. I have tried your advice: RSA_public_encrypt(sizeof(texto)+1, texto, textocifrado, claveRSA, RSA_PKCS1_PADDING); but the problem is the same. - Original Message - From: Nils Larsch [EMAIL PROTECTED] To:

Re: Verifying a signature

I think that the format of the signature make problem, normally the standard format of signature is a DER format. Abdou, __ Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour

Re: Problem to cipher/decypher a struct with RSA

I'm afraid sizeof(texto) returns the size of the pointer itself (4 in case of IA-32), not the data length. sizeof(struct PeticionSeudonimo) would be more effective. Also, you are using pointers in your struct (like char *mensaje), which means you are ciphering the pointer only, not the data it

Re: Verifying a signature

The signature contains the value which is extracted from the socket-datastream and is 128Bytes (1024bit) long. What is in a signature in DER format? - Is it just the signature itself or is there additional information? What do the error-messages mean - - Is there some problem while verifying

Re: Verifying a signature

make this test to see exactly what you have as errors. if (err != 1) { ERR_print_errors_fp (stderr); exit (1); } Abdou, __ Découvrez le nouveau Yahoo! Mail : 250 Mo

Re: Verifying a signature

make this test to see exactly what you have as errors. if (err != 1) { ERR_print_errors_fp (stderr); exit (1); } Abdou, That's almost exactly how I got the errors I did: sig_err = EVP_VerifyFinal(md_ctx, signature, signature_length, pkey); printf(Signature-Verification:

Re: Verifying a signature

On Wed, May 11, 2005, Andreas Hoffmann wrote: The signature contains the value which is extracted from the socket-datastream and is 128Bytes (1024bit) long. What is in a signature in DER format? - Is it just the signature itself or is there additional information? What do the

Callback function in c++ methods

Hello, I am implementing an object model for secure communications and secure sessions gestor. I am using the openSSL library for this task. My problem is when I define the callback functions for external SSL sessions, the callback functions cannot methods of a class if these are not static, but

hmac problem in fips mode

Hi! I have a problem with hmac in fips mode. The following code always returns the same fingerprint. It doesn't depend on the data. #includeopenssl/ssl.h #includeopenssl/hmac.h . . . unsigned char data[16384]; unsigned char md[256]; unsigned int no; . . . HMAC_CTX ctx; HMAC_CTX_init(ctx); FILE

Re: Verifying a signature

To see the format used you can do: openssl rsautl -verify -certin -in signature -inkey cert.pem -hexdump and post the result. Also try it with the -asn1parse option instead of -hexdump. # openssl rsautl -verify -certin -in signature -inkey vpn_test_konz.pem -asn1parse Error in encoding

Re: Verifying a signature

On Wed, May 11, 2005, Andreas Hoffmann wrote: To see the format used you can do: openssl rsautl -verify -certin -in signature -inkey cert.pem -hexdump and post the result. Also try it with the -asn1parse option instead of -hexdump. # openssl rsautl -verify -certin -in

No show errors with ERR_print_errors_fp()

Hello: I want to obtain the errors that I have, and I use the function ERR_print_errors_fp(). But , this give a empty file. And I have errors ... My code: ERR_load_crypto_strings(); fp = fopen(fileError, w); ERR_print_errors_fp(fp); fclose(fp); Can somebody help me? Thanks.

Re: hmac problem in fips mode

On Wed, May 11, 2005, Matyas Majzik wrote: Hi! I have a problem with hmac in fips mode. The following code always returns the same fingerprint. It doesn't depend on the data. #includeopenssl/ssl.h #includeopenssl/hmac.h . . . unsigned char data[16384]; unsigned char md[256];

RE: Callback function in c++ methods

Hello, I have also defined an object model and the workaround to this problem is like this. I made a static list of class pointers, thus whenever an object is formed it is put into that list. Now in the callback i had the ssl pointe (SSL*) with me and every class had the ssl pointer. I simply

problems in nt.mak file

There is an error in ms\nt.mak file. I think. The following line is generated improperly: CFLAG= /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 /Fdout32 -DOPENSSL_NO_KRB5 -DOPENSSL_FIPS It should be /MT instead of /MD

Re: hmac problem in fips mode

Check that you have successfully entered FIPS mode. It may be that an error occurred there. Thanks. It was my fault. However I do not understand why I should switch back to non fips mode if failed to switch to fips mode. I thought that if entering fips mode is impossible then it remains in

PKCS12 function problem

Hi there!! I'm trying to use the high level function PKCS12_create in my appto get a p12 file to import it in MSIE and MS Outlook but it seems to be nothing, I mean, I get an empty p12 file. Ifollowed the pkwrite example in \demos\pkcs12 but it doesn't works.. follow mi code: out =

Re: No show errors with ERR_print_errors_fp()

Hi I want to obtain the errors that I have, and I use the function ERR_print_errors_fp(). But , this give a empty file. And I have errors ... My code: ERR_load_crypto_strings(); fp = fopen(fileError, w); ERR_print_errors_fp(fp); fclose(fp); Have you tried to direct the errors to stderr? using:

Re: Callback function in c++ methods

ahmad hassan wrote: Hello, Hello Ahmad, I have also defined an object model and the workaround to this problem is like this. I made a static list of class pointers, thus whenever an object is formed it is put into that list. Now in the callback i had the ssl pointe (SSL*) with me and every class

Re: Using RC4 vs EVP_CIPHER

Steve, Salt shouldn't be predictable so using a fixed string isn't an option but it isn't secret. I'm using rand_bytes() to create the salt. IV. I should really use an IV with some modes. Again, its random bytes, but it doesn't have to be secret. I will also have to transmit the IV