Hi again,
shouldn't it be?
static int ext_nid_list[] = { NID_ext_req, NID_ms_ext_req, NID_undef};
instead of
static int ext_nid_list[] = { NID_ms_ext_req, NID_ext_req, NID_undef};
I guess it was a typo.
regards,
aleix
On Fri, 10 Sep 2004 22:29:10 +0200, Dr. Stephen Henson
[EMAIL PROTECTED]
Well, this is great.
Thank you very much!
regards,
aleix
On Fri, 10 Sep 2004 22:29:10 +0200, Dr. Stephen Henson
[EMAIL PROTECTED] wrote:
I've just fixed OpenSSL to check for the PKCS#9 extension request first and
only use MS if its not found.
This will be in the next stable snapshot.
[EMAIL PROTECTED] [EMAIL PROTECTED] writes:
Hello,
I try to write some beginner sample codes. Compilation is ok in Visual
C++ 6.0.
But when I execute it, program raise error on function
PEM_read_X509 at line 34.
I don't know, where is problem...
you forgot to call
hi!
is there any way to do a copy_extension = copy as in 0.9.7 in version 0.9.6?
thanks in advance.
regards,
aleix
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
i think that by default OpenSSL is installed in /usr/local/ssl, so
libcrypto.a is in /usr/local/ssl/lib.
you probably would want to do:
./config --prefix=/usr/local
now libcrypto will be installed in /usr/local/bin and openssl executable
in /usr/local/bin
may be this was the problem.
hth.
hi,
i have sent a message to the list, and some anti spam software that this
user ([EMAIL PROTECTED]) has installed has sent to me an email asking
me to accept it if i really wanted to send the message to him.
what is this? i do not want more spam. it is really annoying.
anti-spam filters are
hi,
i've added key usage extensions to some CSR and these have been added to
the certificate. for this, i've use the function X509V3_EXT_conf_nid
(like in the mkreq.c example).
now, i'd like to obtain key usage values from an X509_EXTENSION
structure. how can i obtain each of these values? that
Dr. Stephen Henson [EMAIL PROTECTED] writes:
... then search and parse it using X509V3_get_d2i().
For keyUsage you get back an ASN1_BIT_STRING structure. From that you can test
individual bits using ASN1_BIT_STRING_get_bit().
great! that is what i needed.
thank you!
aleix
Howard Chan [EMAIL PROTECTED] writes:
I have this file which used sha1 hash algorithm to obtain it's message
digest, and subsequently the digest was encrypted (signed) using RSA
algorithm with a private key from a X.509 certificate.
i don't think you can get a private key from an X509
hi,
everytime i send a message to the list i'm getting a mail notification
about delivery problems to GregH at ceoworkz dot com.
is that normal?
regards,
aleix
__
OpenSSL Project
(short name: %-22s - long name: %s\n, OBJ_nid2sn(nid),
OBJ_nid2ln(nid));
}
That's it. I hope this information will help other people adding custom
extensions to certificates.
Aleix Conchillo Flaque
__
OpenSSL
please, feel free to modify this, because my english needs to be
polished.
best regards,
aleix
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL
Dr. Stephen Henson [EMAIL PROTECTED] writes:
Creating a random OID is a bad idea. You should get a number assigned for your
organisation and use a subtree of that.
See:
http://www.iana.org/cgi-bin/enterprise.pl
If you, for example were allocated the number you could then use any
hi,
i've been looking at the archives list trying to search how to add
additional extensions to certificates.
i found the thread Adding Application Attributes to X509 Certificates?
that is about what i'm asking but using openssl commands and openssl
configuration file. eventhoug, i don't know if
hi,
basically, the question is: which are the security benefits of adding a
MAC to a PKCS#12?
thanks in advance.
regards,
aleix
__
OpenSSL Project http://www.openssl.org
User Support Mailing
hi Krzysztof,
try openssl speed rsa. it will compute some rsa exponentiations and it
will give you some times. you can also try openssl speed for all
tests.
regards,
aleix
__
OpenSSL Project
hi,
well, first of all, let me thank you for the mail again.
i was thinking the same thing yesterday morning: if you need your CPU to
do other things, the cryptographic hardware can help you. the problem is
when you only need cryptographic results in a real-time large process
(let's say talling
hi,
i'll definetly have a look at the old posts if i find them. :-)
thank you very much for this mail. it has really helped me understanding
a bit more of what i was doing. now, results really make sense.
hardware disabled
=
openssl speed -elapsed
sign
Aleix Conchillo Flaque [EMAIL PROTECTED] writes:
ENGINE*
setup(char const* engine)
{
if (::ENGINE_by_id(engine) == NULL)
{
return NULL;
}
ENGINE* e = ::ENGINE_by_id(dynamic);
if (e
hi again,
as i said yesterday i'm doing some tests with cryptographic hardware (in
my case nCipher's).
now that i have loaded the engine, i'm getting real strange results. the
same test with hardware enabled is much slower than the software version.
it is really weird, because the openssl speed
hi,
i've just started testing an ncipher hardware module using openssl.
the openssl application seems to find the shared library
(libnfhwcrhk.so), with just specifying -engine chil.
but my code, doesn't want to find the library. i get this error:
error:25066067:DSO support
21 matches
Mail list logo
