digest of certificate
that you already have, if comparing will be successful you proceed,
if not - simply shutdown SSL connection.
Best regards,
--
Alain Damiral,
I hope this message makes me look like a very intelligent person
!
--
Alain Damiral,
I hope this message makes me look like a very intelligent person
Université Catholique de Louvain - student
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
/openssl_quickguide_create_ca.html
How easy is it to translate this into what I want please?
3. Is openssl the right tool for this scenario?
regards
--
Alain Damiral,
I hope this message makes me look like a very intelligent person
Université Catholique de Louvain - student
@openssl.org
Subject: Testing private key - public key consistency
Hello,
is there a quick way/function to verify that a private (EVP_PKEY) key
matches a X509 certificate's public key?
thanks,
--
Alain Damiral,
I hope this message makes me look like a very intelligent person
Université
Hi,
This question might be slightly silly and out of place but this
conversation brought it up to me. I don't remember seeing the answer...
Is it possible to send several chains, each rooted by a different CA ?
And then let the client determine if he trusts one of those CAs.
Cheers,
-
@openssl.org
Automated List Manager [EMAIL PROTECTED]
--
Alain Damiral,
I hope this message makes me look like a very intelligent person
Université Catholique de Louvain - student
alain.damiral'at'student.info.ucl.ac.be
Automated List Manager [EMAIL PROTECTED]
--
Alain Damiral,
I hope this message makes me look like a very intelligent person
Université Catholique de Louvain - student
alain.damiral'at'student.info.ucl.ac.be
really appreciate ay kind of assistance.
Thanks
Samy
--
Alain Damiral
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List
be vulnerable to a man in the middle type of attack.
I suppose a digest is still included when using the null cipher with
OpenSSL... ?
--
Alain Damiral
__
OpenSSL Project http://www.openssl.org
User
Katie Lucas wrote:
On Thu, Feb 02, 2006 at 05:09:42PM +0100, Alain Damiral wrote:
But with no cryptographic digest you have no guarantee that the data you
receive provides from the person who showed his certificate. I think it
would be vulnerable to a man in the middle type of attack
that this is true even with
no certificate authentication at all ? (Maybe not with a null cipher ?)
--
Alain Damiral
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
[in the context of SSL] an X.509 certification.)
On 2/2/06, Alain Damiral [EMAIL PROTECTED] wrote:
Doesn't Diffie-Hellman key exchange ensure that this is true even with
no certificate authentication at all ? (Maybe not with a null cipher ?)
--
Alain Damiral
--
Alain Damiral
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
--
Alain Damiral
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
--
Alain Damiral,
I hope this message makes me
want. But you get punished harder if you're using
encryption for naughty criminal stuff. I found nothing about limits on
key sizes.
--
Alain Damiral,
I hope this message makes me look like a very intelligent person
Université Catholique de Louvain - student
Hi and welcome,
I haven't thought hardly about what you're trying to do but my first
intuition tells me that encryption also has some part to play in
authentication that you're missing. My knowledge of SSL is limited but I
think it is safe to say that private/public key (assymetric)
,
--
Alain Damiral,
I hope this message makes me look like a very intelligent person
Université Catholique de Louvain - student
alain.damiral'at'student.info.ucl.ac.be
__
OpenSSL Project http
happens then...
- samy
*Alain Damiral [EMAIL PROTECTED]*
Sent by:
[EMAIL PROTECTED]
13.01.2006 12:34
Please respond to
openssl-users@openssl.org
To
openssl-users@openssl.org
cc
Subject
Running ssltest -server_auth
Classification
of a problem for me, but I'm still curious
about the macros:
OPENSSL_THREAD_DEFINES
THREADS
OPENSSL_THREADS
Is the note in http://www.openssl.org/docs/crypto/threads.html still
valid in 0.9.8a ?
Thanks again for your answers,
--
Alain Damiral,
Université Catholique de Louvain - student
that should be made atomically (that OpenSSL thread
support would usually deal with) ?
Thanks for reading and eventually for answering.
--
Alain Damiral,
Université Catholique de Louvain - student
alain.damiral'at'student.info.ucl.ac.be
?? since its the client who
always sends the handshake data first. Can anyone help me solve this
problem??? I check the return values while setting up ssl context and
SSL objects and they all are retuning success.
Thanks in Advance,
Regards,
Usman.
--
Alain Damiral,
Université Catholique de
would appreciate if someone could point me to
another example of BIO pair usage in which the client and server are
under different threads of control.
I thank you all for your time,
--
Alain Damiral,
Université Catholique de Louvain - student
alain.damiral'at'student.info.ucl.ac.be
Automated List Manager [EMAIL PROTECTED]
--
Alain Damiral,
Université Catholique de Louvain - student
alain.damiral'at'student.info.ucl.ac.be
__
OpenSSL Project http
(at the level
of the SSL library) at all for my project so I'm trying to keep my view
on what's going on as clear as possible - whatever that means when
working with Windows.
I thank you for helping me out in this very specific stage of my
perpetual quest of happiness and procreation,
--
Alain Damiral
to the
extent required for my piece of work)
Is there any known similar project, in which OpenSSL has been used to
implement SSL over non-TCP connexions ?
Well that's it for now and I thank you all for your time,
Alain Damiral,
Université Catholique de Louvain - student
Ke suggests, OpenSSL uses a BIO output to send
all those messages regardless of what that BIO is actually encapsulating
? (That would normally be the TCP connexion) If it is so, I believe I
have the answer to my questions.
Thanks again to all those whose time I have stolen
--
Alain Damiral
26 matches
Mail list logo
