Re: How to over-ride SSL_CTX_use_PrivateKey_file() behavior with custom engine

Hi Ashok, On Wed, Dec 5, 2012 at 12:29 AM, Ashok C ash@gmail.com wrote: Hi, Our current SSL server loads plain-text private keys using the SSL_CTX_use_PrivateKey_file() method. We are moving from this strategy to use custom encrypted private keys using the TPM concept. For this, we have

Re: ecdsa_method missing?

need this structure then you'll have to copy its definition from the header I mentioned above. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 2/22/2011 6:14 PM, Kent Yoder wrote: Hi,   The following RSA code compiles: #includeopenssl/rsa.h main() { RSA_METHOD rsa = { test

ecdsa_method missing?

Hi, The following RSA code compiles: #include openssl/rsa.h main() { RSA_METHOD rsa = { test }; } but this ECDSA code doesn't: #include openssl/ecdsa.h main() { ECDSA_METHOD ecdsa = { test }; } Am I missing a declaration, or is this perhaps a bug? Thanks, Kent

Config option for -keyform?

Hi, I'm looking for a config file option that will force openssl to use an engine's load key functions when accessing key files, like the -keyform engine option offered by the openssl command. Does such an option exist? Thanks, Kent -- Kent Yoder IBM LTC Security Dev

Re: TPM support !!!

__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- Kent Yoder IBM LTC Security Dev

Re: 0.9.8: simple engine call causes loop

engine is used to load .so engines... Thanks for the help, Kent On 9/27/05, Kent Yoder [EMAIL PROTECTED] wrote: Thanks, its fixed in the latest snapshot. Kent On 9/27/05, Nils Larsch [EMAIL PROTECTED] wrote: Kent Yoder wrote: Hi, Calling ENGINE_by_id(anything) before making any

0.9.8: simple engine call causes loop

Hi, Calling ENGINE_by_id(anything) before making any other calls to OpenSSL seems to cause infinite recursion in trying to load the dynamic engine. I believe adding a call to ENGINE_load_dynamic() before attempting to load the dynamic engine inside ENGINE_by_id() will fix the problem. Thanks,

Re: 0.9.8: simple engine call causes loop

Thanks, its fixed in the latest snapshot. Kent On 9/27/05, Nils Larsch [EMAIL PROTECTED] wrote: Kent Yoder wrote: Hi, Calling ENGINE_by_id(anything) before making any other calls to OpenSSL seems to cause infinite recursion in trying to load the dynamic engine. I believe adding

ppc64 build

Hi, on RHEL4 ppc64 I am getting the same message while building both 0.9.7g and 0.9.8: [EMAIL PROTECTED] openssl-0.9.7g]#./Configure linux-ppc64 shared ... Configured for linux-ppc64. [EMAIL PROTECTED] openssl-0.9.7g]# make making all in crypto... make[1]: Entering directory

Re: ppc64 build

One thing that seems to work after running Configure is to swap -bpowerpc64-linux with -m64 in the toplevel Makefile. Kent On 7/14/05, Kent Yoder [EMAIL PROTECTED] wrote: Hi, on RHEL4 ppc64 I am getting the same message while building both 0.9.7g and 0.9.8: [EMAIL PROTECTED] openssl-0.9.7g

Using config to load a shared object engine

Hi, I've been playing with 0.9.8 and have gotten my engine to load as a .so from the engines directory, which is excellent. Now I'm trying to use the config feature to find and load this engine and I'm not having much luck. Here's my config file: openssl.cnf openssl_init =

Re: Using config to load a shared object engine

BINGO... thanks Nils... Looks like dynamic_path and engine_id are somewhat interchangable; having either finds my .so. Kent On 6/3/05, Nils Larsch [EMAIL PROTECTED] wrote: Kent Yoder wrote: Hi, I've been playing with 0.9.8 and have gotten my engine to load as a .so from

openssl config file location

Hi, the page http://www.openssl.org/docs/crypto/OPENSSL_config.html claims that OPENSSL_CONFIG should be the environment variable to set for an alternate config file, however it appears that the code wants OPENSSL_CONF. Also, the OPENSSL_config.3 man page shows OPENSSL_CONFIG.. Others manpages

New IBMCA engine ... was Re: ssl3 write pending - bad write retry

Arne and Geoff, Sorry for the lng delay in this reply, but thanks for your help. This turned out to be barking up the wrong tree in the beginning, an error in the way our homebrewed server app was reporting SSL errors, and not load based at all... The real problem was

Re: ssl3 write pending - bad write retry

Thanks for the tip, but unfortunately that didn't fix the problem. I'm still seeing the same behavior... Kent On Thursday 04 September 2003 05:11 am, Arne Ansper wrote: On Wed, 3 Sep 2003, Kent Yoder wrote: Hi, Under heavy load ( 95%) on s390 (SLES8, openssl-0.9.7b

ssl3 write pending - bad write retry

Hi, Under heavy load ( 95%) on s390 (SLES8, openssl-0.9.7b), I've been seeing these bad write retries. We're using 12 PCICA cards with IBMCA engine enabled and home-brew openssl client/server apps, and the errors only happen when doing hardware DES. I discovered the following bug for