RE: problem verifying signature from java
My case is different. Here it is failing bcz of extra SMIME capability attribute present in Signature. I removed it, it is working fine. Thank you very much for reply -Madhu -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of coco coco Sent: Thursday, June 23, 2005 10:58 AM To: openssl-users@openssl.org Subject: Re: problem verifying signature from java To rule out any problems with your OpenSSL code I'd suggest you check the signatures using the dgst command and if there are problems analyze them using rsautl. Thanks for the reply. I got it, by examining basically every function that touches my data. So, in the end, it was the base64 library that I linked with, it has a small bug in dealing with the '+' char in base64-encoded string. rgds _ On the road to retirement? Check out MSN Life Events for advice on how to get there! http://lifeevents.msn.com/category.aspx?cid=Retirement __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] # This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. #:§IÏ®ÞrØm¶ÿà (¥éì²Z+K+©¦í1¨¥xËh¥éì²[¬z»(¥éì²Z+¢fyÒâ²Ó¨®f£¢·h)z{,à
RE: problem verifying signature from java
Did you got any break through. -Madhu -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of coco coco Sent: Friday, June 17, 2005 6:49 AM To: openssl-users@openssl.org Subject: RE: problem verifying signature from java I am also facing the similar problem. I am generating signature using OpenSSL and passing in to JAVA to verify (running JAVA test suite). Signature format is in DER encoded PKCS#7 format. But JAVA is not able to parse the SignedData content in the PKCS#7 format. It is giving rejects tag type -96 error while parsing. Any comments on this are greatly appreciated. If you got any cluekindly let me know. Sorry to disappoint you, I've been banging my head on the monitor for 2 days now, going over the code and manual/api docs/examples/google for so many times, and I'm still having difficulties to get openssl and Java work together. All my crypto coding experiences are on Java, and this is the first time trying to get some very basic functionalities in C++, and it turns out to be much much harder than I thought :( And notice the key/cert I used in my test code are actually from the openssl examples. Anyone who has experience making openssl work with java, please give a hint. That'll be very much appreciated. coco _ Don't just search. Find. Check out the new MSN Search! http://search.msn.click-url.com/go/onm00200636ave/direct/01/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] # This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. #
RE: problem verifying signature from java
Hello coco, I am also facing the similar problem. I am generating signature using OpenSSL and passing in to JAVA to verify (running JAVA test suite). Signature format is in DER encoded PKCS#7 format. But JAVA is not able to parse the SignedData content in the PKCS#7 format. It is giving rejects tag type -96 error while parsing. Any comments on this are greatly appreciated. If you got any cluekindly let me know. Thanking you Madhu -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of coco coco Sent: Wednesday, June 15, 2005 5:17 PM To: openssl-users@openssl.org Subject: problem verifying signature from java I'm trying to get a client application written in C++ using OpenSSL to verify a signature sent by a server (in Java) and vice versa. Not sure I specified it correctly, but the signatures generated on both sides, from the same input data, are not the same, and therefore, can't be verify. And this is using the same key, of course. Here is the code in Java for signing it: == String testKey = -BEGIN RSA PRIVATE KEY-\n + MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ\n + 2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF\n + oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr\n + 8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc\n + a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7\n + WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA\n + 6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=\n + -END RSA PRIVATE KEY-\n; String testCert = -BEGIN CERTIFICATE-\n + MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD\n + VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv\n + bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy\n + dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X\n + DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw\n + EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l\n + dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT\n + EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp\n + MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw\n + L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN\n + BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX\n + 9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=\n + -END CERTIFICATE-\n; // same input string for both Java and C++ String input = 9O2CQ14zAXEd7GzJ9XELhQH.aE6; public void doSign() { try { // Note: PEMReader is from BouncyCastle StringReader sReader = new StringReader(testKey); PEMReader pemReader = new PEMReader(sReader); KeyPair keypair = (KeyPair) pemReader.readObject(); PrivateKey privKey = keypair.getPrivate(); PublicKey pubKey = keypair.getPublic(); sReader = new StringReader(testCert); pemReader = new PEMReader(sReader); X509Certificate cert = (X509Certificate)pemReader.readObject(); PublicKey pubKey2 = cert.getPublicKey(); Signature sig = Signature.getInstance(SHA1withRSA); sig.initSign(privKey); sig.update(input.getBytes()); byte[] sigvalue = sig.sign(); Base64 b64 = new Base64(); byte[] b = b64.encode(sigvalue); String s = new String(b); System.out.println(' + s + '); sig.initVerify(pubKey2); sig.update(input.getBytes()); boolean status = sig.verify(sigvalue); System.out.println(status); } catch(Exception e) { e.printStackTrace(); } } == And the code in C for verifying: == char * testKey = -BEGIN RSA PRIVATE KEY-\n \ MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ\n \ 2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF\n \ oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr\n \
Any problem with this C code
Hello All, I used following C code to sign the data and encode in DER format. But JAVA Crypto code is failed to parse the DER encoded PKCS#7 data. Following is the C code to sign the data. Is there any problem in my code? The certificate I used is self signed certificate. Char* PKI_Sign (char* inputData, char* pcCertName) { int flags = PKCS7_DETACHED | PKCS7_NOCERTS; X509 *pSignerCert = NULL; EVP_PKEY *pkey = NULL; BIO *InputData = NULL; Char TempAuthData[2048]; pSignerCert = GetCertifcateByCertName (pcCertName); if(!pSignerCert) { g_pkiReasonCode = CMS_NO_CERTIFICATE; return 0; } /* It searches key store and gets private key by its filename.*/ pkey = GetRSAPrivateKeyByCertName(pcCertName); if(!pkey) { g_pkiReasonCode = CMS_NO_CERTIFICATE; return 0; } InputData = BIO_new_file(tempFilename, r); EVP_add_digest (EVP_sha1 ()); EVP_add_digest_alias (SN_sha1,ssl3-sha1); EVP_add_digest_alias (SN_sha1WithRSAEncryption, SN_sha1WithRSA); EVP_add_digest (EVP_dss1 ()); EVP_add_digest_alias (SN_dsaWithSHA1, SN_dsaWithSHA1_2); EVP_add_digest_alias (SN_dsaWithSHA1,DSS1); EVP_add_digest_alias (SN_dsaWithSHA1,dss1); pkcs7 = PKCS7_sign (pSignerCert, pkey, NULL, InputData, flags); usDataLength = ASN1_item_i2d(pkcs7, TempAuthData,ASN1_ITEM_rptr(PKCS7)); return TempAuthData; } Thanks in advance Madhu # This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. #
Signed data in CMS format
Hello All, I have the requirement to sign the data in CMS format. I used PKCS7_sign function , which outputs data in PKCS#7 format. After creating signed data, I am passing the data to the function Verify_CMS() (This function is not listed below, part of _javascript_) to verify. But this function is returning Incorrect CMS error. Is there any mistake in the following piece of code in creating signed data in PKCS#7 format? Any comment on this will help me greatly. Thanking you PBYTE PKI_SignData (PBYTE pbByteArraytoAuthenticate, unsigned int uiByteArraytoAuthenticate_len, int ioptions, char* pcCertName) { unsigned char* pcTempAuthData = NULL; unsigned short usDataLength = 0; X509 *pSignerCert = NULL; EVP_PKEY *pkey = NULL; BIO *InputData = NULL; if (pbByteArraytoAuthenticate == NULL) return 0; /* check options parameters and validate the platform support */ if ( (ioptions 1) (bSupportingOpaqueSignatures == false) ) { g_pkiReasonCode = CMS_NO_OPAQUE_SIGNATURES; return 0; } if ( (!(ioptions 1)) (bSupportingDitachedSignatures == false) ) { g_pkiReasonCode = CMS_NO_DETACH_SIGNATURE; return 0; } if ( (ioptions 2) (bStoringCertificate == false) ) { g_pkiReasonCode = CMS_NO_CERTIFICATE; return 0; } pSignerCert = GetCertifcateByCertName(pcCertName); // get certificate from Cert store if(!pSignerCert) { g_pkiReasonCode = CMS_NO_CERTIFICATE; return 0; } pkey = GetRSAPrivateKeyByCertName(pcCertName); // gets corresponding private key if(!pkey) { g_pkiReasonCode = CMS_NO_CERTIFICATE; return 0; } InputData = GetBIOBydata((char*)pbByteArraytoAuthenticate, uiByteArraytoAuthenticate_len); // converts array of data to bio, since PKCS7_sign takes data in //bio format if(!InputData) { g_pkiReasonCode = CMS_FAILURE; return 0; } EVP_add_digest(EVP_sha1()); EVP_add_digest_alias(SN_sha1,ssl3-sha1); EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA); EVP_add_digest(EVP_dss1()); EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2); EVP_add_digest_alias(SN_dsaWithSHA1,DSS1); EVP_add_digest_alias(SN_dsaWithSHA1,dss1); pkcs7 = PKCS7_sign (pSignerCert, pkey, NULL, InputData, options); // here options = 0 usDataLength = ASN1_item_i2d(pkcs7, pcTempAuthData,ASN1_ITEM_rptr(PKCS7)); if (!usDataLength) { g_pkiReasonCode = CMS_FAILURE; return 0; } Return pcTempAuthData; } Thanks, Madhu # This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. #
Signed data in CMS format
Hello All, I have the requirement to sign the data in CMS format. I used PKCS7_sign function , which outputs data in PKCS#7 format. After creating signed data, I am passing the data to the function Verify_CMS() (This function is not listed below, part of _javascript_) to verify. But this function is returning Incorrect CMS error. Is there any mistake in the following piece of code in creating signed data in PKCS#7 format? Any comment on this will help me greatly. Thanking you PBYTE PKI_SignData (PBYTE pbByteArraytoAuthenticate, unsigned int uiByteArraytoAuthenticate_len, int ioptions, char* pcCertName) { unsigned char* pcTempAuthData = NULL; unsigned short usDataLength = 0; X509 *pSignerCert = NULL; EVP_PKEY *pkey = NULL; BIO *InputData = NULL; if (pbByteArraytoAuthenticate == NULL) return 0; /* check options parameters and validate the platform support */ if ( (ioptions 1) (bSupportingOpaqueSignatures == false) ) { g_pkiReasonCode = CMS_NO_OPAQUE_SIGNATURES; return 0; } if ( (!(ioptions 1)) (bSupportingDitachedSignatures == false) ) { g_pkiReasonCode = CMS_NO_DETACH_SIGNATURE; return 0; } if ( (ioptions 2) (bStoringCertificate == false) ) { g_pkiReasonCode = CMS_NO_CERTIFICATE; return 0; } pSignerCert = GetCertifcateByCertName(pcCertName); // get certificate from Cert store if(!pSignerCert) { g_pkiReasonCode = CMS_NO_CERTIFICATE; return 0; } pkey = GetRSAPrivateKeyByCertName(pcCertName); // gets corresponding private key if(!pkey) { g_pkiReasonCode = CMS_NO_CERTIFICATE; return 0; } InputData = GetBIOBydata((char*)pbByteArraytoAuthenticate, uiByteArraytoAuthenticate_len); // converts array of data to bio, since PKCS7_sign takes data in //bio format if(!InputData) { g_pkiReasonCode = CMS_FAILURE; return 0; } EVP_add_digest(EVP_sha1()); EVP_add_digest_alias(SN_sha1,ssl3-sha1); EVP_add_digest_alias(SN_sha1WithRSAEncryption,SN_sha1WithRSA); EVP_add_digest(EVP_dss1()); EVP_add_digest_alias(SN_dsaWithSHA1,SN_dsaWithSHA1_2); EVP_add_digest_alias(SN_dsaWithSHA1,DSS1); EVP_add_digest_alias(SN_dsaWithSHA1,dss1); pkcs7 = PKCS7_sign (pSignerCert, pkey, NULL, InputData, options); // here options = 0 usDataLength = ASN1_item_i2d(pkcs7, pcTempAuthData,ASN1_ITEM_rptr(PKCS7)); if (!usDataLength) { g_pkiReasonCode = CMS_FAILURE; return 0; } Return pcTempAuthData; } Thanks, Madhu # This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. #
Signed data in CMS format
Hello Experts, I am facing a big problem. In our project we have requirement to output signed data in CMS (Cryptographic Message Syntax, RFC 2630) format. It is in my head to develop it. My doubt is, Can I use OpenSSL version 0.9.7d to build sign data in CMS format? It is only for the data type Signed and Enveloped. I am new to OpenSSL. I need your support. Early comments are greatly appreciated. Thanks, Madhu # This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. #
RE: RFC2630 support
Hello Dr Stephen, Thank you very much for your kind response. Below I am explaining the actual problem I am facing. I am presently developing JAVA wrapper for the signature functionality, the JAVA sign() function returns signature in CMS format. But inside JAVA sign() function I used OpenSSL to generate signature in PKCS #7 format. While testing sign() function with Auto test java application it is returning Invalid CMS. Just I want to know is it because of format incompatibility between CMS and PKCS #7? or any other reason. Any comment on this is greatly helpful for me. Thanks, Madhu -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson Sent: Tuesday, May 24, 2005 9:30 PM To: openssl-users@openssl.org Subject: Re: RFC2630 support On Tue, May 24, 2005, Madhu Sudhan Reddy wrote: Is there any support for RFC2630 now in OpenSSL? Your comment on this will be greatly appreciated. No, OpenSSL doesn't support S/MIME v3 at present. Interest has been expressed from time to time but so far no one has been prepared to fund its development. In practice very few clients output S/MIME v3 messages that are not supported by PKCS#7 so this is rarely a problem in practice. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] # This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. #:§IÏ®ÞrØm¶ÿà (¥éì²Z+K+©¦í1¨¥xËh¥éì²[¬z»(¥éì²Z+¢fyÒâ²Ó¨®f£¢·h)z{,à
Cryptography Message Syntax Vs PKCS #7
Hello All, I am very new to this group. Looking for help from this expert group. Will the DER encoded PKCS #7 signed data matches with the DER encoded CMS signed data? If not, can you please explain the reason? Thanking you Madhu # This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. #
RFC2630 support
Hello All, RESTRICTIONS There is no option to print out all the fields of a PKCS#7 file. This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC2315 they cannot currently parse, for example, the new CMS as described in RFC2630. Above lines are from http://www.openssl.org/docs/apps/pkcs7.html#. Is there any support for RFC2630 now in OpenSSL? Your comment on this will be greatly appreciated. Thanks, Madhu # This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. #
RE: PROBLEMS with PKCS7 type signedAndEnveloped
Can you try adding OpenSSL_add_all_algorithms(); the line before calling PKCS7_dataInit. -Madhu -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Luis Alberto Pérez Paz Sent: Tuesday, May 10, 2005 9:12 PM To: openssl-users@openssl.org Subject: Re: PROBLEMS with PKCS7 type signedAndEnveloped Thanks Tan Eng for your answer and advice, I tried it however the code has the same behavior -crash in the PKCS7_dataInit- I'll continue looking for. Luis A Perez On 5/9/05, Tan Eng Ten [EMAIL PROTECTED] wrote: Before PKCS7_dataInit(), try adding: PKCS7_content_new(thePKCS7, NID_pkcs7_data) U might also want to explore PKCS7_set_detached() to see if this applies for you. -ET Tan Luis Alberto Pérez Paz wrote: Hi everybody, I need your help, I'm trying to make a PKCS7 signedAndEnveloped. I have read some examples about it, but I dont know where's my error. there's a synthesis of my code: /*/ . ... PKCS7 *thePKCS7 = NULL; if( (thePKCS7 = PKCS7_new()) == NULL ) return false; PKCS7_set_type(thePKCS7, NID_pkcs7_signedAndEnveloped); if( PKCS7_add_signature(thePKCS7, certificate, priv_key, EVP_sha1()) == NULL ) return false; PKCS7_add_certificate(thePKCS7, certificate); if (!PKCS7_add_recipient(thePKCS7,certificate_recipient)) return false; PKCS7_set_cipher(thePKCS7, EVP_des_ede3_cbc()); BIO *thePKCS7DataBio = NULL; if ((thePKCS7DataBio=PKCS7_dataInit(thePKCS7, NULL )) == NULL) return false; if( BIO_write(thePKCS7DataBio, buffer, sizeof (buffer) ) = 0 ) return false; BIO_flush(thePKCS7DataBio); if( !PKCS7_dataFinal(thePKCS7, thePKCS7DataBio) ) return false; .. /*/ The code compile however when I try to run it, the program and my terminal (windows XP) crash in the PKCS7_dataInit thePKCS7DataBio=PKCS7_dataInit(thePKCS7, NULL ) Any ideas / suggestions? thanks in advance, Luis A Perez __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- paz, amor y comprensión (1967-1994) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] This Email Message is for the sole use of the intended recipient(s) and May contain CONFIDENTIAL and PRIVILEGED information. LG Soft India will not be responisible for any viruses or defects or any forwarded attachements emanating either from within LG Soft India or outside. Any unauthorised review , use, disclosure or distribution is prohibited. If you are not intentded recipient, please contact the sender by reply email and destroy all copies of the original message. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]