AW: AW: AW: RSA_public_decrypt problem

2007-08-02 Thread Wockenfuß , Frank
Thanks, This test programs works fine, so I think I need to check my signatures (as David Schwartz mentioned too). Best regards, Frank Wockenfuß -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Marek Marcola Gesendet: Donnerstag, 2. August

Re: AW: AW: AW: AW: RSA_public_decrypt problem

2007-08-02 Thread Marek Marcola
Hello, RSA_NO_PADDING leads to the same error. Exactly, this fails on first stage. Maybe you can send (n,e) pair ? Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project

AW: AW: AW: AW: RSA_public_decrypt problem

2007-08-02 Thread Wockenfuß , Frank
RSA_NO_PADDING leads to the same error. Frank Wockenfuß -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Marek Marcola Gesendet: Donnerstag, 2. August 2007 15:05 An: openssl-users@openssl.org Betreff: Re: AW: AW: AW: RSA_public_decrypt problem

Re: AW: AW: AW: RSA_public_decrypt problem

2007-08-02 Thread Marek Marcola
Hello, This test programs works fine, so I think I need to check my signatures (as David Schwartz mentioned too). Signature is not important when you do RSA_public_decrypt(). First you must decode data and after that you may try to interpret them. Function RSA_public_decrypt() first performs

Question re: V3_alt.c in 9.7d

2007-08-02 Thread Eric Johnson
Hi. I need to pull out the subject alternative name from the certificate and than grab the 'otherName' type. When I look at V3_alt.c in 9.7d I'm walking away with the impression that it isn't supported. Can somebody confirm if this is the case or not? And if so is there a version of OpenSSL

AW: AW: AW: AW: AW: RSA_public_decrypt problem

2007-08-02 Thread Wockenfuß , Frank
N: 008796FB4EAAB5FCC21619608ECB34D4BD82D062BF136A54E7E0BF6B2991C2F0F93A161930D650AF939C8282431D291D0E6E9F69A09AF091345D60439569C5CB5ECA566740B6A69FE4BBF2DB9CC03786AEDF8F9522EB7F6096A1B900140E6AA7AF55198B87E68A69546631E9EF90666984123F5364BE2EA6E067BBAA8831A34B15 E: 004081 Frank Wockenfuß

AW: AW: AW: AW: AW: RSA_public_decrypt problem

2007-08-02 Thread Wockenfuß , Frank
Maybe the leadings 00 is the problem with both? Frank Wockenfuß -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Wockenfuß, Frank Gesendet: Donnerstag, 2. August 2007 16:36 An: openssl-users@openssl.org Betreff: AW: AW: AW: AW: AW:

Re: Question re: V3_alt.c in 9.7d

2007-08-02 Thread Victor Duchovni
On Thu, Aug 02, 2007 at 09:48:39AM -0400, Eric Johnson wrote: Hi. I need to pull out the subject alternative name from the certificate and than grab the 'otherName' type. When I look at V3_alt.c in 9.7d I'm walking away with the impression that it isn't supported. Can somebody confirm if

Re: AW: AW: AW: AW: AW: RSA_public_decrypt problem

2007-08-02 Thread Marek Marcola
Hello, N: 008796FB4EAAB5FCC21619608ECB34D4BD82D062BF136A54E7E0BF6B2991C2F0F93A161930D650AF939C8282431D291D0E6E9F69A09AF091345D60439569C5CB5ECA566740B6A69FE4BBF2DB9CC03786AEDF8F9522EB7F6096A1B900140E6AA7AF55198B87E68A69546631E9EF90666984123F5364BE2EA6E067BBAA8831A34B15 E: 004081 After

RSA_public_decrypt problem UPDATE

2007-08-02 Thread Wockenfuß , Frank
I have found the reason for the problem. Deep inside my program was a bug that switched modulus and exponent, so I set the wrong values to n and e. I've fixed the bug and also removed the leading 00 so that I get a good 128 byte long modulus and a 4 byte long exponent. If I call RSA_verify I

RE: Question re: V3_alt.c in 9.7d

2007-08-02 Thread Eric Johnson
Thank you. I'll give those a shot. Eric Johnson Nortel Networks Sustaining Engineer [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni Sent: Thursday, August 02, 2007 11:23 AM To: openssl-users@openssl.org Subject: Re:

AW: RSA_public_decrypt problem UPDATE

2007-08-02 Thread Wockenfuß , Frank
The problem with the NULL pointer exception was also my mistake. But thanks to your program I found it and now -- ring ring -- I have a decrypted content. BUT The content at my example is 128 byte long (as long as the RSA signature). The original hash that was signed was 32 byte long. I find

Re: AW: RSA_public_decrypt problem UPDATE

2007-08-02 Thread Marek Marcola
Hello, The content at my example is 128 byte long (as long as the RSA signature). The original hash that was signed was 32 byte long. I find the orignial hash inside the decrypted content. It lays on the last 32 byte. Before this is mostly FF. How do I surely get the original hash out of

Re: RSA_public_decrypt problem UPDATE

2007-08-02 Thread Marek Marcola
Hello, I have found the reason for the problem. Deep inside my program was a bug that switched modulus and exponent, so I set the wrong values to n and e. My first suggestion :-) I've fixed the bug and also removed the leading 00 so that I get a good 128 byte long modulus and a 4 byte long

AW: AW: RSA_public_decrypt problem UPDATE

2007-08-02 Thread Wockenfuß , Frank
That's it! Many thanks for the help! Frank Wockenfuß -Ursprüngliche Nachricht- Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Marek Marcola Gesendet: Donnerstag, 2. August 2007 18:25 An: openssl-users@openssl.org Betreff: Re: AW: RSA_public_decrypt problem UPDATE

OpenSSL (FIPS) w/Apache on Windows

2007-08-02 Thread Bennett, Darren L.
I've been working on compiling mod_ssl.so for use with Apache 2.x on Windows. Following the OpenSSLFips install instructions I am able to build the FIPS modules and then build OpenSSL with those modules. I then compile Apache using the OpenSSL built with the modules and it compiles. Unfortunately,

RE: OpenSSL (FIPS) w/Apache on Windows

2007-08-02 Thread Security Admin (NetSec)
Microsoft FIPS implementation is broken. I tried to use it with the GPO enabled for communication between Postfix mail gateway and Exchange 2007 and it did not work. Troubleshooting revealed the FIPS issue. I called into Microsoft and they are aware of the problem, however they have no plans