I'm not that good in OpenSSL. How do I create a RSA file if I only have a
modulus and exponent. Programmatically I have set the 2 values with
BN_bin2bn(), buit how do I save this to a file?
I just add a working and a non working example to this mail.
Modulus:
A1 65 EE 74 8F 23 5E A4 4C 85 05
Hi all,
I have the following problem:
I want to verify a signature that was created inside a smartcard. The smartcard
creates a digital signature with RSA 2048 bit over a hash that was created
using SHA-512 (OpenSSL).
To verify the signature I call the OpenSSL-function
RSA_public_decrypt
You're right and I haven't seen it til now.
This could be the problem. This means that the OpenSSL check works fine, but
the signature generation has sometimes a problem.
Thank you very much for now.
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Im
You're right and I haven't seen it til now.
This could be the problem. This means that the OpenSSL check works fine, but
the signature generation has sometimes a problem.
Thank you very much for now.
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Im
Hi,
I have a problem getting some values out of a PKCS#7-file.
I try to write a program that reads out some values from the file. The
PKCS7-file has the NID NID_pkcs7_signed and I have found the functions to call
for the hasalgorithmname and the certificates.
But I haven't found any to get the
Of Wockenfuß, Frank
Sent: Wednesday, March 19, 2008 2:48 PM
To: openssl-users@openssl.org
Subject: Getting Signature and Signaturetime out of PKCS7 Object
Hi,
I have a problem getting some values out of a PKCS#7-file.
I try to write a program that reads out some values from the
file. The PKCS7
I will
give more details about this.
Sunil
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Wockenfuß, Frank
Sent: Wednesday, March 19, 2008 3:35 PM
To: openssl-users@openssl.org
Subject: AW: Getting Signature and Signaturetime out of PKCS7
Hi,
As far as I know OpenSSL does not support CMS in the way you need it.
We had to use a self developed library to create a CMS file. The main problem
is, that there was no private key for input when creating PKCS#7-files (a.k.a.
CMS-files).
Parsing this file is possible with OpenSSL.
Maybe
Hi all,
I have written a class in C++ to easily access functions from OpenSSL from our
products.
In the constructor of my class I do the following lines of code:
threadSetup();
OpenSSL_add_all_digests();
OpenSSL_add_all_ciphers();
OpenSSL_add_all_algorithms();
Thank you for that hint.
I will try to rebuild the class as singleton. This could help, but isn't really
nice.
Best regards
Frank
Wockenfuß wrote:
Hi all,
I have written a class in C++ to easily access functions
from OpenSSL from our products.
In the constructor of my class I do
2008 10:47
An: openssl-users@openssl.org
Betreff: Re: Problem after removing memory leak
* Wockenfuß, Frank wrote on Wed, Apr 02, 2008 at 09:07 +0200:
Thank you for that hint.
I will try to rebuild the class as singleton. This could help, but
isn't really nice.
I think you'd need
Hi all,
I test a chain of certificates by calling
X509_verify_cert( X509_STORE_CTX_variable ).
This function works fine, but it seems to me that it uses the current system
time to check the certificate expiration.
The problem is that I need to check the expiration against a defined checktime.
Hi all,
I have a problem getting the distribution points out of a X509 certificate
programmatically with C++. Does anybody can give me a hint, best with code
examples for C++.
I have a X509-object holding the certificate I want to look for in the CRL. But
how do I go on to get the CRL
: Parsing certificate to find CRL distribution points
Hi Frank
On May 6, 2008 03:57:01 am Wockenfuß, Frank wrote:
Hi all,
I have a problem getting the distribution points out of a X509
certificate programmatically with C++. Does anybody can give me a
hint, best with code examples
Hi all,
I'm writing a program to check a certificate with OCSP in C++.
I'm doing all in the same way as in ocsp.c from the OpenSSL-App, but I get no
useful return from
OCSP_RESPONSE* pOCSPResponse = NULL;
nRet = OCSP_sendreq_nbio( pOCSPResponse, pOCSPContext );
nRet is 0 and
Hi all,
I'm writing a program to check a certificate with OCSP in C++.
I'm doing all in the same way as in ocsp.c from the OpenSSL-App, but I get no
useful return from
OCSP_RESPONSE* pOCSPResponse = NULL;
nRet = OCSP_sendreq_nbio( pOCSPResponse, pOCSPContext );
nRet is 0 and
Hi there,
I have a problem to fill a PKCS#7 (or CMS) structure and I can't find any hints
on the web so I hope someone in this group can help.
How to read or write a PKCS7 file programatically I have managed, but I have
the following problem:
I have a digital signature of a document done by a
Hello everybody,
I want to save a detached signature and I don't know what structure to use and
how to fill it. The signature is created by a smartcardterminal and I want to
save it in a standardized way for later verification.
Any suggestions?
Frank Wockenfuß
2007 12:37
An: openssl-users@openssl.org
Betreff: Re: Detached Signature
You should see the example sign.c in openssl crypto lib. detached signature can
be saved in PKCS7 format.
Good luck!
Hien TTT
On 7/30/07, Wockenfuß, Frank [EMAIL PROTECTED] wrote:
Hello everybody
need to use a private key to create a PKCS7 signature. Beside, you
need to create a certificate which corresponding to your privkey, then this
cert will be used to verify your signature. You can use Openssl command line to
create key and cert
Hien TTT
On 7/30/07, Wockenfuß, Frank [EMAIL
Hi,
I'm trying to use the RSA_public_decrypt function but I need to set up the
public key manually.
I have the public exponent and modulus in the form of an array of 'unsigned
char' and have converted these to BIGNUM format using
BN_bin2bn. I assigned them to the RSA fields n and e.
The I call
You're right, I get RSA_R_BAD_E_VALUE (101). Just took the wrong define for the
mail. ERR_GET_REASON returns 101.
I want to use RSA_public_decrypt to get back the hashvalue that was encrypted
with RSA inside the smartcardterminal. And I don't get the private key of the
card so I have to use
It should be
pRSA-n = BN_bin2bn( pPublicModulus, nPublicModulusLength, NULL );
pRSA-e = BN_bin2bn( pPublicExponent, nPublicExponentLength, NULL );
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Wockenfuß, Frank
Gesendet
I've tested it and it looks good. I get back the values I have set.
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Marek Marcola
Gesendet: Mittwoch, 1. August 2007 11:18
An: openssl-users@openssl.org
Betreff: Re: AW:
Yes, I'm trying to verify a RSA signature.
What can I do to verify it correctly?
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von David Schwartz
Gesendet: Mittwoch, 1. August 2007 11:01
An: openssl-users@openssl.org
Betreff: RE:
I understood, that n should be the modulus and e the exponent.
pRSA-n = BN_bin2bn( pPublicModulus, nPublicModulusLength, NULL );
pRSA-e = BN_bin2bn( pPublicExponent, nPublicExponentLength, NULL );
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
This is the first call in the engine and the set of n and e doesn't raise any
error (I've just tested it). The error occurs on RSA_public_decrypt.
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von David Schwartz
Gesendet: Mittwoch,
I do
ENGINE_load_builtin_engines();
before calling the decrypt function. There is no other engine attached, I use
the standard engines from OpenSSL 0.9.8e.
Are there other way to verify the signature with only the public key?
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL
I tried it and now I get 119 (RSA_F_RSA_VERIFY).
Does this mean that it just failed. How can I get extended error informations?
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von David Schwartz
Gesendet: Mittwoch, 1. August 2007
Same mistake as before: 119 means RSA_R_WRONG_SIGNATURE_LENGTH
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von David Schwartz
Gesendet: Mittwoch, 1. August 2007 13:41
An: openssl-users@openssl.org
Betreff: RE: RSA_public_decrypt
Thanks,
This test programs works fine, so I think I need to check my signatures (as
David Schwartz mentioned too).
Best regards,
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Marek Marcola
Gesendet: Donnerstag, 2. August
RSA_NO_PADDING leads to the same error.
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Marek Marcola
Gesendet: Donnerstag, 2. August 2007 15:05
An: openssl-users@openssl.org
Betreff: Re: AW: AW: AW: RSA_public_decrypt problem
N:
008796FB4EAAB5FCC21619608ECB34D4BD82D062BF136A54E7E0BF6B2991C2F0F93A161930D650AF939C8282431D291D0E6E9F69A09AF091345D60439569C5CB5ECA566740B6A69FE4BBF2DB9CC03786AEDF8F9522EB7F6096A1B900140E6AA7AF55198B87E68A69546631E9EF90666984123F5364BE2EA6E067BBAA8831A34B15
E:
004081
Frank Wockenfuß
Maybe the leadings 00 is the problem with both?
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Wockenfuß, Frank
Gesendet: Donnerstag, 2. August 2007 16:36
An: openssl-users@openssl.org
Betreff: AW: AW: AW: AW: AW
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Wockenfuß, Frank
Gesendet: Donnerstag, 2. August 2007 16:39
An: openssl-users@openssl.org
Betreff: AW: AW: AW: AW: AW: RSA_public_decrypt problem
Maybe the leadings 00 is the problem with both?
Frank Wockenfuß
The problem with the NULL pointer exception was also my mistake.
But thanks to your program I found it and now -- ring ring -- I have a
decrypted content.
BUT
The content at my example is 128 byte long (as long as the RSA signature). The
original hash that was signed was 32 byte long.
I find
That's it!
Many thanks for the help!
Frank Wockenfuß
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im Auftrag von Marek Marcola
Gesendet: Donnerstag, 2. August 2007 18:25
An: openssl-users@openssl.org
Betreff: Re: AW: RSA_public_decrypt problem UPDATE
Hi all,
I have the following problem:
I want to verify a signature that was created by a smartcard. The smartcard
creates a digital signature with RSA 2048 bit over a hash that was created
using SHA-384 (OpenSSL).
To verify the signature I call the OpenSSL-function
RSA_public_decrypt
with
Hi all,
I'm looking for some code examples to realise a X.509 certificate verification
over OCSP with C++.
Is there something to find in the Open SSL package? Or are there other places
were I can find something?
Thanks in advance.
Frank Wockenfuß
Hello everybody,
I'm developing an application to sign and verify files.
The creation of the signature is done by a smartcardterminal. The signature
must be verified on another computer, so I need a suitable file format to
transport the signature. Therefore I found the CMS (PKCS#7) structure
40 matches
Mail list logo