Thus wrote Lionel Estrade (lionel.estr...@myriadgroup.com):
I am looking for a SSL/TLS stack for a project based on CVP2 and I
need to know if the following RFCs (which are required by CVP2) are
fully/partially implemented in OpenSSL.
RFC 4680 - TLS Handshake Messages for Supplemental
Dear all,
I'd like to encrypt some bytes using RSA OAEP with MGF1. Both OAEP and
MGF1 should use sha256 instead of the default sha1.
Does openssl support this at all? I tried something along the lines of
size_t outlen;
int ret;
EVP_PKEY_CTX *ctx;
unsigned char in[] = { some
Thus wrote vichy (vichy@gmail.com):
Dear all:
I try to use openssl genrsa -out 1024.private.key 1024 to generate
rsa key pairs.
if I remember correctly, 1024 is the size of n, the unit in bits and
it will be one of public key paris.
But when I generate the public key by the
certificates issued after December 31, 2003 MUST use the
UTF8String encoding of DirectoryString ...
Is there a mismatch between OpenSSL and RFC3280 or am I misunderstanding
something?
Best regards,
Martin
--
kaiser@host:~ openssl req -new -newkey rsa:384 -nodes -keyout test.key
Hi,
Thus wrote Plot Lost (plot.l...@gmail.com):
Stick them in an X509_STORE_CTX and call X509_verify_cert(). ?See
apps/verify.c for an example.
I'm using verify_cert, and whilst that works to allow me to check that
inter_cert is ok according to root_cert (result = 1) I can't check
that
Hi Aapo,
Thus wrote Aapo Alasuutari (aapo.alasuut...@tut.fi):
Basically it seems like SSL doesn't know what format the certificate is.
Maybe...? I'm not too informed of OpenSSL's behaviour, but judging on
extensive Googling and some similar problems, the solution usually lies
in the
Hi Mag,
Thus wrote Mag (mag...@gmail.com):
I'm interested in using custom OIDs for private application purposes.
I've found the documentation to be deficient.
For instance, in openssl.cnf it gives an example line of
[ new_oids ]
#testoid1=1.2.3.4
When I uncomment that line I can't even
Hi Patrick, all,
thanks for correcting my assumptions.
Thus wrote Eisenacher, Patrick (patrick.eisenac...@bdr.de):
That line only defines the label testoid1 and assigns the value
1.2.3.4.
To use a private oid, you have to define its asn1 structure first.
Afterwards you can include it in
Hi,
Thus wrote Arunkumar Manickam (arun.c...@gmail.com):
Is openssl library thread safe so that it can be used in an multithreaded
environment as is.
http://www.openssl.org/support/faq.html#PROG1
Regards,
Martin
__
Hello Bram,
Thus wrote Bram Cymet (bcy...@cbnco.com):
I have been able to use RSA-PSS to sign some data with OpenSSL. I am
wondering if OpenSSL supports creating certs where the signature
algorithm uses RSA-PSS. In other words, when viewing the properties of
the cert you would get:
Hi Ali,
Thus wrote Ali Sydney (asyd...@k-state.edu):
Thanks for the speedy response. I have been attempting to use the EVP
interface, but the cipher text produced is wrong (and I am fairly new
to this). As a simple test, I have hard-coded an 8 byte block for the
key (in hexadecimal), and
Hi Ali,
Thus wrote Ali Sydney (asyd...@k-state.edu):
I am attempting to implement DES (in C++ with the OpenSSL
libraries) in ECB mode without padding. I am using the following
function for encryption:
void DES_ecb_encrypt(const_DES_cblock *input, DES_cblock *output,
Hi Thomas,
Thus wrote Thomas Anderson (zeln...@gmail.com):
ubu...@ubuntu:~$ openssl rsautl -sign -in rsa.txt -inkey rsa.txt -out sig
Enter pass phrase for rsa.txt:
RSA operation error
1543:error:0406C06E:rsa routines:RSA_padding_add_PKCS1_type_1:data too
large for key size:rsa_pk1.c:73:
Hi Michael, all,
Thus wrote michaelfmichaelf (michael_fur...@hotmail.com):
2) Where can I find the example for otherName in ASN1 format?
Unfortunately, the example shown in the link above does not contain the ASN1
format:
subjectAltName=otherName:1.2.3.4;UTF8:some other identifier
I've
Hi Tim, all,
Thus wrote Timothy Little (t...@clawhaven.com):
I (think that I) have created the certs and keys necessary for SSL
connections between a client and the servers of a MySQL database. But I
can't bring down those servers except to make the change.
Is there a way I can tell if the
Hello,
On Thu, Sep 10, 2009 at 08:34:56AM +0200, Einar Thorsrud wrote:
I do not find any possibility to add the label to the
RSA_public_encrypt() function, but it could perhaps be achieved
otherwise?
Could the label perhaps be related to the *p parameter in
int
Hi,
On Mon, Sep 07, 2009 at 06:31:41PM +0200, Gal?t Bence wrote:
data as hexa. I compared that with the
'openssl rsa -in mykey.key -text' command output and I found some
additional (info marked with unknown tag) data. I need to know what
these unknown fields means, how the length of each
Hello Neil,
I'm not sure I fully understand where you're stuck...
Thus wrote Neil Dugan (open...@butterflystitches.com.au):
I need to find the public keys modulus and exponent.
I have loaded a private/public key generated by the openssl executable
with the function
Hello Joshi,
On Wed, Jul 29, 2009 at 01:13:27PM +0530, joshi chandran wrote:
, I want to find the definition of this function. The prototype of
this function is there in md5.h file but when i tried to find the code
for this function , i was not able to find any code related to this
function.
On Wed, Jul 29, 2009 at 03:03:27PM +0530, joshi chandran wrote:
I can find the definition of MD5_Update() and MD5_Final() . But was
not able to find the definition for MD5_Init() in
crypto/md5/md5_dgst.c
what version of openssl are you using? I checked a 1.1.0 snapshot and
0.9.8g, it's
Hi Jerry,
Thus wrote Jerry Wang (jerry...@gmail.com):
Does OpenSSL have a function for getting the common name from a X509
certificate?
how about something like
X509 *cert;
X509_NAME *subjectName;
char subjectCn[256];
subjectName = X509_get_subject_name(cert);
X509_NAME_get_text_by_NID(
Hi,
Thus wrote vichy (vichy@gmail.com):
but I cannot find aes128xcbc.
Do I miss something or there is really no support of aes128xcbc mode
in openssl? if the answer is the later, where I can find the sample
code of it.
AES-XCBC-MAC is not directly supported. However, it's very simple
Dear all,
I was wondering what key size checks really make sense for a
Diffie-Hellman calculation.
DH_size() checks the size of Dh-p using BN_num_bytes(). Is it correct
that the main intention is to know the size required for storing a copy
of Dh-p, in other words: this is not a security
Dear all,
does OpenSSL's implementation of SHA256 apply the padding as defined in
FIPS 180-3, section 5.1.1?
If yes, where I can find this in the source code? I tried to understand
HASH_FINAL() in md32_common.h but I could not relate this to padding.
Thanks for your help.
Martin
24 matches
Mail list logo