On 2005.05.24 at 14:33:29 +0100, Chris Covell wrote:
> I am now using this command:
>
> $ openssl smime -verify -inform PEM -in signature.pk7 -CAfile
> development_cm.pem -content content.txt
>
> And I get this output:
>
> content
> Verification failure
> 2788:error:21071065:PKCS7 routines:PKC
> Adding to David's response...
>
> MSG_PEEK is problematic on some systems. On Windows for example
> (maybe only
> the 9x series, but a problem none-the-less) using MSG_PEEK will
> effectively
> freeze the contents of the buffered data that can be seen with MSG_PEEK,
> meaning that any further p
Adding to David's response...
MSG_PEEK is problematic on some systems. On Windows for example (maybe only
the 9x series, but a problem none-the-less) using MSG_PEEK will effectively
freeze the contents of the buffered data that can be seen with MSG_PEEK,
meaning that any further peeks will not be
Ken, think of it this way:
1. To send a message for only a specific person to read you want to make it
decryptable with their private key, thus encrypting with their public key.
2. For a signature, the world needs to be able to verify it, so it needs to
be decryptable with the public key, and thus
> Dr Stephen,
> I want to map recv(fd, buffer, SEGMENT_LEN, MSG_PEEK)
> to some kind of SSL_read.
>
> MSG_PEEK
> This flag causes the receive operation
> to return data from the
> beginning of the receive queue without
> removing that data from
> the q
Dr Stephen,
I want to map recv(fd, buffer, SEGMENT_LEN, MSG_PEEK)
to some kind of SSL_read.
MSG_PEEK
This flag causes the receive operation
to return data from the
beginning of the receive queue without
removing that data from
the queue. Thus, a subs
Ken Goldman wrote:
...
RSA_private_encrypt adds only the 0x00 || 0x01 || PS || 0x00 padding
(if padding == RSA_PKCS1_PADDING). If you want to let openssl do the
whole encoding/padding use RSA_sign or if you want to create the T
value manually you need to use i2d_X509_SIG, see RSA_sign.
Correct
> Date: Tue, 24 May 2005 22:46:57 +0200
> From: Nils Larsch <[EMAIL PROTECTED]>
>
> Suram Chandra Sekhar wrote:
> > Hi all,
> > I have a doubt regarding EMSA-PKCS1-v1_5 usage in OpenSSL.
> >
> > My requirement is that I want to sign some data using a specific Hash
> > Algorithm (SHA1).
> >
> >
Suram Chandra Sekhar wrote:
Hi all,
I have a doubt regarding EMSA-PKCS1-v1_5 usage in OpenSSL.
My requirement is that I want to sign some data using a specific Hash
Algorithm (SHA1).
For this Iam trying to do the following steps instead of calling
rsa_sign() function directly.
1. Calculate
prakash babu wrote:
Hello All,
I am using OpenSSL version 0.9.8 beta. I built this
version successfully in HPUX.
While using the engine command I am able to load *all the engines*
except *libgmp.so*
*1. openssl engine - dynamic -pre
SO_PATH:/usr/lib/engines/lib4758_cca
> From: [EMAIL PROTECTED]
> Date: Tue, 24 May 2005 09:24:19 -0700
>
> I am new to SSL and am currently converting our application's
> communication layer over to used SSL. For the time
> being I do not want to go through an official CA to get a signed
> certificate so I am currently generating
On Tue, 24 May 2005, Dr. Stephen Henson wrote:
>If you don't get an error you just configure it to use my.crt and
>my.nopass.key, or concatenate the two and just point it at that one file.
Thanks greatly. It solved my problem.
Regards,
Ben Kim
Developer
College of Education
Texas A&M Universit
On Tue, May 24, 2005, Ben Kim wrote:
>
> Hi,
>
> I'm trying to create a certificate for a test with qpopper on sslwrap. I'd
> appreciate any advice.
>
> I used this command to create a certificate for sslwrap.
>
> (A) openssl req new -x509 -nodes -out my.pem -keyout my.pem -days 365.
>
> I
Hi,
I'm trying to create a certificate for a test with qpopper on sslwrap. I'd
appreciate any advice.
I used this command to create a certificate for sslwrap.
(A) openssl req new -x509 -nodes -out my.pem -keyout my.pem -days 365.
It works OK. Now, we have a certificate from Thawte available
Hi,
My current System is:
OS:
Windows
XP SP2
Compiler:
MSVC++ 6 SP5
OpenSSL:
0.9.7e 25 Oct 2004
I am new to SSL and am currently converting
our application's communication layer over to used SSL. For the time
being I do not want to go through
On Tue, May 24, 2005, Madhu Sudhan Reddy wrote:
>
> Is there any support for RFC2630 now in OpenSSL?
>
> Your comment on this will be greatly appreciated.
>
No, OpenSSL doesn't support S/MIME v3 at present. Interest has been expressed
from time to time but so far no one has been prepared to fu
Hello All,
I am using OpenSSL version 0.9.8 beta. I built this version successfully in
HPUX.
While using the engine command I am able to load all the
engines except libgmp.so
1. openssl engine - dynamic -pre
SO_PATH:/usr/lib/engines/lib4758_cca.so -pre LOAD(dynamic) Dy
On Tue, May 24, 2005, pana wrote:
> I found the manual page but when I try to use the command "openssl
> asn1parse -genstr ..." the system answers me with "unknown option
> -genstr" !!
> How is it possible? bad insatallation?
>
Are you still calling the old version of OpenSSL? Check with:
open
On Tue, May 24, 2005, dan wrote:
> Nauman Akbar wrote:
> >Dear Users
> >
> >
> >
> >I am having this problem for a long time. Initially I thought it was an
> >issue with configuration of multi-threading but the problem seems to
> >remain with multi-threading removed.
> >
> >
> >
> >I have deve
Hi all,
I have a doubt regarding EMSA-PKCS1-v1_5 usage in OpenSSL.
My requirement is that I want to sign some data using a specific Hash
Algorithm (SHA1).
For this Iam trying to do the following steps instead of calling rsa_sign()
function directly.
1. Calculate SHA1 Hash on the data to be
Hello Users,
I want to update the software (OpenSSL 0.9.7g) but why it stopped in somewhere the file. Here what i did:
/* AIX 5100-06 */
# ./Configure aix-gcc zlib
(done)
# make
gcc -c -I.. -I../.. -I../../include -DOPENSSL_SYSNAME_AIX -DZLIB -DOPENSSL_THREADS -D_THREAD_SAFE -DDSO_
Steven Bade wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ken Goldman wrote:
| Referring to http://www.openssl.org/docs/crypto/threads.html
|
| 1
|
| "id_function(void) is a function that returns a thread ID. It is not
| needed on Windows nor on platforms where getpid() returns a differen
Nauman Akbar wrote:
Dear Users
I am having this problem for a long time. Initially I thought it was an
issue with configuration of multi-threading but the problem seems to
remain with multi-threading removed.
I have developed a simple ssl based multi-threaded server application.
Previ
I have an app that communicates over the Internet. I'm using the
libeay32.dll for encryption. As we all know from WEP, using encryption
doesn't mean its secure. Can you take a min. at look at how I've
implemented this and tell me if its secure? Thanks!
The user has a fixed 8 character password
Victor, many thanks, I have got a bit further !
> > I am sure I am nearly there, can anyone help me please ?
>
> It asks for local (i.e. trusted) certificate of security authority,
> who've issued (i.e. signed) signer's certificate.
>
> Either provide path to the place where your trusted certifi
Hi !
Currently I'm searching for a way to sign a pdf file. All work that builds
the signature part in the pdf file is done. Now I stuck on the signature
part and I'm searching for the right tool for me. Let me explain my problem:
I hava a prepared pdf-file that only includes the data which have t
I found the manual page but when I try to use the command "openssl
asn1parse -genstr ..." the system answers me with "unknown option
-genstr" !!
How is it possible? bad insatallation?
bye
pana
2005/5/20, Dr. Stephen Henson <[EMAIL PROTECTED]>:
> On Thu, May 19, 2005, pana wrote:
>
> > Hi,
> > I
Hi,
I have written an app that encrypts pages on a web server, and a module to
decrypt them. The cipher routines are in a number of c++ classes compiled
into a library used by other apps, and they appear to work correctly when
invoked from the command line. However, when running the apache mod
On 2005.05.24 at 11:14:08 +0100, Chris Covell wrote:
> But if I try and verify the signature using (as described in the
> OpenSSL command line manual):
>
> openssl smime -verify -inform PEM -in signature.pk7 -signer
> signer_pub.key -certfile certs.pem -content content
>
> I get the message:
>
Dear madhu,
Have you worked at Disc Technology
Services Private Limited previously. Just got confused
by the name. Please don't mind.
Regards,
Suchi
__
Do you Yahoo!?
Yahoo! Small Business - Try
Hello there,
I have a signature signed using FireFox browser and want to verify the
signature using OpenSSL.
The signature seems to be in PEM format (i.e. base 64 encoded).
I can see the certificates that were used in the signature using:
openssl pkcs7 -print_certs -noout -in signature.pk7
But
I was wondering if openssl-0.9.8 is going to be API/ABI compatible
with the current stable branch of openssl-0.9.7
I think keeping API/ABI compatible is a good idea and makes programmer
and users life easier.
Anyway, if you are not going to keep API/ABI compatibility in
openssl-0.9.8 with 0.9.7 I'd
Hello All,
RESTRICTIONS
There is no option to print out all the fields of a
PKCS#7 file.
This PKCS#7 routines only understand PKCS#7 v 1.5 as
specified in RFC2315 they cannot currently parse, for example, the new CMS as
described in RFC2630.
Above l
33 matches
Mail list logo