Re: Unsigned attributes to PKCS#7

Antonio Ruiz Martínez wrote: Hello! I would like to add a TimeStamping to a signed PKCS#7 and I have got some questions: - Is it the TimeStamping structure in asn.1 defined in openssl (or planned)? rfc 3161 timestamps are currently not implemented in OpenSSL, but you can use the Openssl patch

Re: Implementing a Diffie Hellman (DH) key exchange

Sid Hegde wrote: Yes, the same keys are generated when I use the same DH keys in DH_compute_key, but I would guess that this not the same dh keys, but the same dh-parameters beats the purpose of using DH in the first place if even the private keys were shared. the private keys should, of course, no

Re: how do I verify a DSA signature given r and s values of signature

rai mahua wrote: ... So if I take a look at DSA_verify, should I replace the call to d2i_DSA_SIG with the 2 calls to BN_bin2bn. yes Nils __ OpenSSL Project http://www.openssl.org User Support Mailing

Re: how do I verify a DSA signature given r and s values of signature

rai mahua wrote: Hi, I have a case wherein I get the message that has been signed + the R & S value of the DSA generated signature. How do I verify this using openssl lib. put the r and s value into a DSA_SIG structure (i.e. something like: DSA_SIG *dsasig = DSA_SIG_new(); BN_bin2bn

Re: Storing keys and certs on USB tokens using openssl(1)

Ralf Hornik Mailings wrote: ... Aladdin eToken pro 32k. blank ? -v please. ;-) is the token empty (or is there already a filesystem with certs etc. on it) please try a more recent snapshot (and opensc bugs etc. should be send to [EMAIL PROTECTED]). I didn't know whether it was a problem with opens

Re: Storing keys and certs on USB tokens using openssl(1)

Ralf Hornik Mailings wrote: Yes, I know, but I don't find any pointer to this engines. Even, there is no pkcs11 or opensc word in the complete openssl-source! Do I have to include the hw_* files from opensc manually? What engine id will it be? Has anyone done this in practice? Found the solution m

Re: Freeing the x509 struct.

[EMAIL PROTECTED] wrote: Do we need to free the X509 structure returned by d2i_X509() and PEM_read_X509() functions after using it? yes Nils __ OpenSSL Project http://www.openssl.org User Support Ma

Re: d2i_X509() failed.

[EMAIL PROTECTED] wrote: Thanks for the link.. Did you get the dump I have sent? yes, but as Erwann Abalea already wrote is the certificate not correct Nils __ OpenSSL Project http://www.openssl.org

Re: d2i_X509() failed.

[EMAIL PROTECTED] wrote: ... What is dumpasn1? How can I take that? It's nice ASN.1 tool written by Peter Gutmann, see: http://www.cs.auckland.ac.nz/~pgut001/ Nils __ OpenSSL Project http://www.opens

Re: PEM_read_bio:no startline:.\crypto\pem\pem_lib.c:637:Expecting: CERTIFICATE REQUEST

Jim Catty wrote: Hi all, I've been struggling with this one for few weeks now i hope someone here already seen this error. I'm using openssl version OpenSSL 0.9.7d 17 Mar 2004 When i try to sign a certificate i'm getting the following error message: openssl ca -in s.pem Using configuration from C:\

Re: d2i_X509() failed.

[EMAIL PROTECTED] wrote: Hi., I will be getting the certificates in a buffer in DER format.The buffer of 2048 bytes contains the following data I am copying the initial few bytes and then the trailing bytes.: With the start bytes we can identify as DER format. When I pass this buffer to d2i_X509()

Re: d2i_X509() failed.

[EMAIL PROTECTED] wrote: Hi ., Is it possible that to have certificates in other formats like PKCS apart from PEM/DER? In that case how can we convert the PKCS to X509 format?Is there any interface available on openssl? What way we can identify the format of the certificate. According to my unders

Re: openssl-users:Problem BN_exp() for 1024 bytes

[EMAIL PROTECTED] wrote: Hi Nils., BN_mod_exp it works fine. Is there any limitations on number of bits for BN_exp()? there's afaik no real hard coded limit for the size of the arguments in BN_exp besides the time required for the operation and the maximum size of bignums, but as BN_mod_exp should

Re: writing an encrypted string into a buffer instead of a file

dave wrote: Hi, I am very new at this. I want to encrypt a string with des3, change it to base64 and put it into a buffer. I have found code in the man pages which seems to accomplish this execept that it gets written into a file, in this case results.dat. I would really appreciate it if someone

Re: RSA_padding_check_PKCS1_OAEP() again

Ken Goldman wrote: I'm trying to perform a fairly simple operation. I have a 20 byte hash. I want to PKCS1_OAEP pad it to 256 bytes so I can RSA encrypt it. Later, after RSA decrypting, I want to remove the pad to get the 20 bytes back. However, the implementation of RSA_padding_check_PKCS1_OAEP

Re: Example of signing/verifing using ECDSA?

Frank wrote: Does any one have any examples of signing and verifying data using Elliptic Curve DSA? I have something working with DSA but have been asked to look at ECDSA. Can you use the same certs also? I guess certs having a public ec key would be more appropriate ;) If not how do you create

Re: RSA_padding_check_PKCS1_OAEP

Hi Ken, Ken Goldman wrote: Could you be a bit more specific. 7.1.1 doesn't give any examples, and combines padding with encryption in a way that's hard to separate. How can the 'from' length be modulus-1? In my case, I'm receiving a 256 byte value. I decrypt with the private key, and still have

Re: Converting .cer to .pem

[EMAIL PROTECTED] wrote: Hi, Still i am getting the same Error. openssl x509 -inform der -in TF.cer -out TF.pem unable to load certificate 6439:error:0D09F007:asn1 encoding routines:d2i_X509:expecting an asn1 sequence:x_x509.c:102:address=1500880 offset=0 Are you sure that in your *.cer file is a D

Re: Problem with newer snapshots

Frank wrote: I'm writtign this but I know you will probably have no idea how to fix it or what the problem is all I can say is they with a newer snapshot of openssl we have a problem with core dumping and it works when compiled with older versions. Well the BN_CTX code has been changed recently

Re: OAEP for Private Encryption

[EMAIL PROTECTED] wrote: Hi, openssl private_encrypt function does not handle the RSA_PKCS1_OAEP_PADDING. But the public_encrypt () has this PADDING handled. Is there any specific reasons behind this? Well OAEP padding is intended for encryption schemes (not signing) and for encryption normally th

Re: RSA_private_decrypt errors

Janet Pytlik wrote: Hi, Does anyone know what the following error messages mean and/or how I can find out more about what they mean? I am obtaining these error strings via the ERR_get_error and ERR_error_string functions but I can't seem to find any documentation anywhere to further explain ho

Re: Elliptic curve with openssl

[EMAIL PROTECTED] wrote: /* crypto/ec/ec_curve.c */ /* * Written by Nils Larsch for the OpenSSL project. */ Ohh,do you support this code? well, I fell somehow responsible for this code => yes thanks... I am personally implementing curve generation alg. including point counting ? Nils

Re: Elliptic curve with openssl

[EMAIL PROTECTED] wrote: please have a look at 0.9.8-dev I can't find the file 0.9.8-dev to openssl's home. I found only snapshot. where is dev version files? in the snapshots (labeled openssl-SNAP-$DATE.tar.gz or use rsync to get a local copy of the cvs repository) i am interesting /crypto/ec

Re: Elliptic curve with openssl

[EMAIL PROTECTED] wrote: Hi, I have compiled the latest version of openssl. The problem is that the ecparam, ec switches in commands doesn't seem to work. Any idea what am i doing wrong. EC crypto libraries do exist. The man ecparam command also doesn't find any man entries. Any help Akif Jan

Re: Is this abug... ? or i am doing something wrong....

tel dispas wrote: Is this abug... ? or i am doing something wrong see below main() { int len; unsigned char buf[10240],*p, *c; srand(5); RSA *rsa; rsa=RSA_generate_key(1024,RSA_F4,callback,(char *)stdout); //demo example //rsa=RSA_generate_key(2048, 65537,

Re: set an external callback for encryption

david jeanneteau wrote: It is a supplied smarcard and i don't have all docs yet, but is seems that an API is supplied to access it. What kind of API ? (btw: which OS are you using (on your pc) ?). So it looks like i have to create an engine that bind's on the smartcard API. probably I'm a

Re: set an external callback for encryption

david jeanneteau wrote: Hi all, I want to use openssl with a smartcard containing RSA private key and RSA cipher capabilities. Is there a way to tell SSL that it should use a given callback (from smartcard API) for applying private key (the one on the smart card). You need a openssl engine for

Re: loading cert from memory buffer

Aleksey Dorosheff wrote: i got CA cert in header file declarated like this static const unsigned char s_pbCaCertificate[] = { 0x30, 0x82, 0x03, 0x98, 0x30, 0x82, 0x03, 0x01, ...}; try d2i_X509 how can i load it to X509Store? i guess i should use BIO? look how it's done in, for example,

Re: verify the digital signature

Jia L Wu wrote: Hi, I used the following command to creat a signature. "openssl dgst -sign -out " However why the signature can not be verified using corresponding self-signed certificate. "openssl dgst -signature -verify " What's wrong? Thanks. What's the error message ? Btw: the '-verify' o

Re: ECC generated certificate has "nonvalid digital signature"

On Monday 03 November 2003 16:20, Nabil Fanaian wrote: > >Does Win2k support ec cryptography at all ? > > > >Nils > > I believe it does. I have another ECC certificate that was issued by > Certicom and it shows up as being valid in Win2k. Strange, could you please send me the certicom certificate

Re: ECC generated certificate has "nonvalid digital signature"

On Monday 03 November 2003 05:54, Nabil Fanaian wrote: ... > However, for all ECC generated certificates, it's a different story. > For all certificates I've generated and the ones generated by > /openssl-SNAP-20031031/demos/ssltest-ecc/ECCcertgen.sh show up as > invalid in Win2k. The 'General' t

Re: Algorithm used to convert passphase provided in callback to cipher key.

On Thursday 30 October 2003 08:02, Alicia da Conceicao wrote: > Greetings: > > I am working on making some embedded encryption code interop with > openssl. To that end, I would appreciate if someone could please > outline step-by-step how a pass-phase provided in a password > callback is converted

Re: Smartcard logon certificate

Martin Plenk wrote: subject Alternate Name with the Microsoft Universal Principal Name I generated certificates with a Microsoft CA and used the ASN1-parser to get the Strings. I attached a sample File. The problem is, that the length is encoded. So you can change the text in the attached fil

Re: RSA private key encryption & storage doubt

On Friday 17 October 2003 21:15, Daniel Monteiro Ferreira wrote: ... > which works just fine. The problem is that everytime I try to load > the key using the command > > rsa = PEM_read_RSAPrivateKey(fp, &rsa, NULL, (void *)password); > > I get the error message > > error: 0906B072:PEM routines: PEM

creating certs for decryption keys

Hi, how can I create a (x509) certificate for a decryption key generated on a smartcard (of course not extractable) using the standard OpenSSL command line tools ? Creating a pkcs10 cert request is (in general) not possible, as the key can't create the signature needed for the self-signed pkcs10 r

Re: EC_POINT_point2oct() problem

On Thursday 09 October 2003 15:28, Frank wrote: > Want to understand why (or is this wrong). When I call > EC_POINT_point2oct() given a curve of size say 192 or 384. It always > returns a size 1 greater then one would think. i.e. 192 yields 25 and > 384 yields 49. Should it not be 24 bytes and 48

Re: OpenSSL + ECC

Jeroen wrote: Hello, Does OpenSSL still have Sun's non-free ECC cryptography? My Debian/Sid box has: ii openssl0.9.7c-1 Secure Socket Layer (SSL) binary and related OpenSSL 0.9.7c does *not* contain the ec stuff for curves over GF(2^m) from sun (0.9.7 only contains some basic ec ar

Re: EVP_PKEY_size() ??? what does it return?

Frank wrote: Steve, thanks. My understanding is that DSA signatures should be 40bytes not 48 (i.e. 2* the length of q (160 bits) accoridng to the standard). Can you or someone else explain the difference ? The DSA signature is the DER encoding of (the ASN.1 object): SEQUENCE { r In

Re: DSA signatures

On Friday 19 September 2003 21:17, Frank wrote: > Nils Larsch wrote: > > On Friday 19 September 2003 15:28, Frank wrote: > > > What I've seen so far with openssl is that there seems to be 10,000 > > > ways to do the same thing so I want to make sure I understand

Re: DSA signatures

On Friday 19 September 2003 15:28, Frank wrote: > What I've seen so far with openssl is that there seems to be 10,000 ways > to do the same thing so I want to make sure I understand how to do a DSA > signature. My questions are as follows: > > 1. Do you need a separte cert for signing RSA DSA? I c

Re: certificate request

Aintzane Armentia Diaz de Tuesta wrote: Hi, We are using Cyberflex Access e-gate 32K cards from Schlumberger. The pkcs#11 library that we are using is the one that they provide with the cards. We are using windows 2000. Then you might try using a pkcs11 engine (for example see: http://w

Re: error: data too large for key size

Leif Kremkow wrote: Hi, Using my own CA, I've signed two cert. requests. One cert. is for me as a user, the other for my STunnel daemon. The idea is to use x509 for both encrypted and authenticated communication. For testing and playing, I'm trying to use it on Win2K with it's Telnet server. CA an

Re: Segmentation Fault in BN_bn2bin...

On Monday 11 August 2003 21:31, Mateus wrote: > Hi, > > I'm trying to use the function BN_bn2bin to convert a big number > and I had a segmentation fault inside of it. > I have already tried to debug my source and I'm almost shure that > it's ok because it is very simple. > Would

Re: [OpenSC-devel] ssl client authentication

On Monday 04 August 2003 21:15, David Mattes wrote: > hi, > > i'm trying to use OpenSSL s_client with OpenSC PKCS#15 engine. the > engine works for operations such as key generation and PKCS#1 > signatures. i've modified the s_client code to be able to use a private > key on the smartcard via the

Re: Elliptic key length

Nils Larsch wrote: ... (Note: the current OpenSSL EC PKCS#8 format is incorrect, I'm currently testing a patch to fix it, so please don't use the current PKCS#8 format). The pkcs8 ec private key format should be fixed

Re: about the signer file format in OCSP // load_key() in app.c

On Friday 20 June 2003 11:39, Wu Junwei wrote: (B... (B> I would like to know , when use the -signer or -signkey option of the OCSP, (B> is there any format limitation of this signer file or signer key file? (B (Bfrom apps/oscp.c: (B'rkey = load_key(bio_err, rkeyfile, FORMAT_PEM, ...)' => app

Re: read private key out

On Friday 20 June 2003 06:58, Wu Junwei wrote: (B> Hi,all (B> (B> I have a question on reading the private key out from a certificate file. (B (BNormally there's no private key in a certificate (B (B> I 'd like to read a private key in a certificate file and returns the (B> private key data

Re: Elliptic key length

Henrik Nordal Rask wrote: Didn't get an answer the last time I asked this so I thoght i'd try one time more :-) When I create an elleiptic curve key using the command lline ´openssl ecparam -genkey -name ´curve´´ I get a relatively small key file. But if I try to generate a key using the function

Re: EC point multiplication

Frank wrote: I'm sorry you are correct. I thought I had this right but I'm not comming up with the right key on each side. if I want to multiply a pt and an integer is this The way i woudl do it? EC_POINT_mul(group, resultingPt, &(group->order), thePtToMulti, theIntegerToMulti, ctx); No, EC_POINT_

Re: Elliptic Curve cryptography

On Sunday 01 June 2003 20:00, Henrik N. Rask wrote: > I am trying to figure out exactly how much support for elliptic curve > cryptography exists in the 0.9.8 snapshots (the lack of documentation is > making this a bit difficult). Hopefully this will change when 0.9.8 is released :-) > Specifical

Re: Signature Verification problem

Howard Chan wrote: What about using the openssl commands? ie. x509, rsautl, dgst, etc. Can I do all that I specified below strictly using those openssl commands? If so, how? 'openssl rsautl -pubin -verfiy ...' didn't work ? Regards, Nils

Re: Elliptic curve in 9.7a

Prashant Kumar wrote: Hello Group, Hi Prashant, Do we support curves K-163 (Group 7) and B-283 (Group 8) in the Elliptic curve implementation in 9.7a ? . No, OpenSSL 0.9.7 supports only the basic arihtmetic for curves over GF(p). For support of binary curves you must wait for 0.9.8 (try the curr

Re: no-engine broken for Linux on 0.9.7 and 0.9.7a

Andrew Sherman wrote: > Folks, > > Has anybody else seen this? I tried to build using the no-engine > option: > > OpenSSL version: 0.9.7a > Last change: In ssl3_get_record (ssl/s3_pkt.c), minimize > information... > Options: no-idea no-rc5 no-engine shared threads > --prefix=/var/tm

Re: are server certs different from client certs

Chandrasekhar R S wrote: Dear Ebell & All, Indeed what you said is true. I copied the newly created self signed cert to the bundle of CA lists the server would accept, and the connection goes through fine. Now, then I am to make my own private CA and then create a certificate signed by my pri

Re: EVP_VerifyFinal()

Ken Murchison wrote: > What is the correct way to convert a DSA key struct into a u_char buffer > for use with EVP_VerifyFinal()? Is there a generic way to do this > regardless of the signature key algorithm? The value of the EVP > interface seems lost if I have to call different key preparation

Re: Cancelling RSA Key Generation

Aram Perez wrote: Is there a way of cancelling the generation of an RSA key pair when RSA_generate_key(...) is used? I plan to use a callback function. AFAIK it's not possible with 0penSSL <= 0.9.7 . If you use the current head (== 0.9.8-dev) you can use the callback function to abort the key/pa

Re: ciphertext should match length of key?

Wade L. Scholine wrote: > This is almost the same question I have been asking about in the "Strange > rsa_lib application" thread. The danger of using RSA_NO_PADDING seems to be > the problem I ran into, which is that the plaintext can be too big for the > key. ... The reason for using padding is

Re: DER-encoded issuer name

Dmitri Bogutski wrote: Nils Larsch wrote: Dmitri Bogutski wrote: Hello, How to get a DER-encoded of the certificate issuer name? I do the following: BIO *mem; X509 *x; X509_NAME *issuer; /* 'buf' is a buffer the containing certificate read from an ID-card */ /* 'l

Re: Strange rsa_lib application

Wade L. Scholine wrote: ... > > The typical error message in case of PKCS#1 error (in your case) would > > be "RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE". > > I'm not clear on the difference between these. The modulus is n, the > product of the primes p and q that are used for key generation, right? I > wa

Re: Strange rsa_lib application

Wade L. Scholine wrote: > I have an application where I want to encrypt a small (15 octets) plaintext > to a ciphertext of the same size. I was trying to do this with a 120-bit > modulus and calling RSA_private_encrypt() with RSA_NO_PADDING, but some I guess you know that a 120 bit modulus is not

Re: Error loading certificate

Chad Morland wrote: > Hi, > I recently recieved a certificate from Verisign and when I try and > install it into my server I get the following error. > > [11:45am]# openssl verify server.crt 'openssl verify' expects a X509 certificate > server.crt: unable to load certificate file > 18589:err

Re: Unable to load DSA public key?

Paul L. Allen wrote: > Nils Larsch wrote: > > Paul L. Allen wrote: > > > One of our customers showed up with a certificate that OpenSSL's x509 > > > subcommand doesn't appear to like. It complains about the public key: > > > > > > [pa

Re: what is the difference between -passout option and PEM pass phrase?

> I want to generate a rsa encrypted private key file using openssl > commands,and then use the privkey file to retrieve the private key in > my c language program. > I tried the cmd: > 1)openssl genrsa ¨Cpassout stdin -out key.pem the '-des' option (or any other cipher is missing) =>

Re: Examples of RSA/DSA signing of data

Hi Frank, Frank wrote: > Marcus, > Thanks. But that example is a little confussing. First what type of > signature are you doing, RSA, DSA? If your are using the EVP_Sign{Init|Update|Final} functions (as in demos/ sign/sign.c) the type of the signature (RSA, DSA, ECDSA) is specified by the

Re: How can I get the public key from a key file?

[EMAIL PROTECTED] wrote: > Hello! Hi Peter, > > I generate a private key using: > openssl genrsa -out xxx.key 1024 > It contains the private key, but I can get the public key this way: > openssl rsa -in xxx.key -pubout -out yyy.pub > > I can get the private key in a C program using > PEM_read_Pri

Re: Loading a certifcate from file into a X509 struct

On Mittwoch, 2. Oktober 2002 15:13, Radboud Platvoet wrote: > I am sure that works on a Unix machine, but unfortunately I am on Windows. > Could you maybe copy and paste the output of "man pem" in an email? see: http://www.openssl.org/docs/crypto/pem.html or use the pod2html command. Regards, Ni

Re: Loading a certifcate from file into a X509 struct

Radboud Platvoet wrote: [...] > This is the definition (after you resolve the macro): > > (X509 *) PEM_read_X509( FILE *fp, X509 **x, pem_password_cb *cb, void *u ); > > These I figured out: > - fp is most likely an open file pointer to the certificate file. > - x is most likely a double poin

Re: problem in signing documents

On Samstag, 21. September 2002 14:13, Touria Zaddaoui wrote: > dear all, > can anybody help me with this problem? > when i sign document with a signing algorithm different than md5 like md2 > for example, i get an error in the verification, i use the following > commands: > 1- to sign: > openssl d

Re: how to generate a DSA certificate?

On Samstag, 21. September 2002 13:35, Touria Zaddaoui wrote: > hello everybody, hi, > this is the problem i have with generating a dsa certificate: > after generating a CA private keys & certificate, i do the following > command to generate a DSA certificate signed by the already generated CA >

Re: RSA_check_key function cores

On Donnerstag, 29. August 2002 16:58, [EMAIL PROTECTED] wrote: > Hi Nils, Hi Vignesh, [...] > >RSA_Keys->n=BN_new(); > >BN_init(RSA_Keys->n); > > BN_init() is unnecessary, because BN_new() initialize > the BIGNUM structure. > > [...] > > > else if( !(RSA_Keys->n->d = (BN_ULONG *)malloc((

Re: RSA_check_key function cores

[EMAIL PROTECTED] wrote: > > Hi friends, > > RSA_check_key() cores. RSA_check_key() expects a private key => the RSA structure must contain valid rsa->p and rsa->q entries otherwise RSA_check_key() will always produce a core dump ( without p and q you can not verify that a RSA key is valid, bu

Re: Difference between certificates

[...] > The old key file looked like this: > -BEGIN RSA PRIVATE KEY- > MIICXgIBAAKBgQC554Ro+VH. > -END RSA PRIVATE KEY- this private key is NOT encrypted > > The new one looks like this: > -BEGIN RSA PRIVATE KEY- > Proc-Type: 4,ENCRYPTED > DEK-Info: DES-EDE3-CBC,65C2C

Re: RSA_sign

> > The input to RSA_sign() must be smaller than BN_num_bytes(rsa->n) minus > > PKCS#1 padding bytes and some bytes for the asn1 digest encoding. > > where is it written ? The RSA signature generation is specified in the PKCS#1 draft ( http://www.rsasecurity.com/rsalabs/pkcs/pkcs-1/index.html )

Re: RSA_sign

> Hi all, > > thanks for your help on DH stuff :-) > Now I have a pb with RSA_sign(). > > I have a buffer and I want to sign it with my private key. > > So I generate a key: > > openssl genrsa -out key.pem 1024 > > then I have the following code: > > " > rsa = RSA_new(); > get_my_priv_RSA(&rsa);

<    1   2   3