OK, i converted over to EVP_*, the sign/verify works but now i'm confused
about decrypt, for EVP_DecryptInit i need to tell it a CIPHER but i dont see
RSA in the cipher listings on
http://www.openssl.org/docs/crypto/EVP_EncryptInit.html# Looking closer at
the man page it looks like RSA isnt
On Wed, Dec 03, 2008 at 10:59:44AM -0800, Shaun R. wrote:
OK, i converted over to EVP_*, the sign/verify works but now i'm confused
about decrypt, for EVP_DecryptInit i need to tell it a CIPHER but i dont
see RSA in the cipher listings on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Shaun R. wrote:
| OK, i converted over to EVP_*, the sign/verify works but now i'm
| confused about decrypt, for EVP_DecryptInit i need to tell it a CIPHER
| but i dont see RSA in the cipher listings on
|
Ok, so then, do I still need to sign the data from seal and verify before I
open?
~Shaun
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Goetz Babin-Ebell
Sent: Wednesday, December 03, 2008 2:02 PM
To: openssl-users@openssl.org
Subject: Re: sign/verify
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Shaun wrote:
| Ok, so then, do I still need to sign the data from seal and verify
before I
| open?
Sign and verify are two different steps.
When you do sign and when encrypt depends on your needs.
Goetz
- --
DMCA: The greed of the few outweighs
Check out the PHP manual pages for openssl_seal() et al here:
http://nl2.php.net/manual/en/function.openssl-sign.php
There's no straight-through API offering the EVP functionality in PHP, AFAIK.
... though, personally, I'd rather code this kind of stuff in C (or
C++) and then bind that through
Subject: Re: sign/verify kicking my ass
On Mon, Nov 24, 2008 at 05:59:39PM -0800, Shaun wrote:
I used fwrite(signature,1,strlen(signature),fp) and got the same results.
Which part of length of signature != strlen(signature) because signature
is not a NUL terminated C-string is not clear?
Which part
Of David Schwartz
Sent: Monday, November 24, 2008 7:11 PM
To: openssl-users@openssl.org
Subject: RE: sign/verify kicking my ass
I used fwrite(signature,1,strlen(signature),fp) and got the
same results.
You seem to have a fundamental misunderstanding about how strings
work in
C. That's
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Shaun wrote:
| Is there another way in C to use openssl's sign/verify/encrypt/decrypt
| without using the low-level api? I got my test prog working, I guess
I need
| to figure out how to do a SHA1 hash of my data next.
Your friends are
* to sign:
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Goetz Babin-Ebell
Sent: Tuesday, November 25, 2008 11:08 AM
To: openssl-users@openssl.org
Subject: Re: sign/verify kicking my ass
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Shaun wrote:
| Is there another way
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Shaun wrote:
| I'm really going to be using php to encrypt/sign (
| openssl_private_encrypt(), openssl_sign() ) I don't see any EVP functions
| from php,
Hm. There must be something wrong here.
I'm almost sure that the EVP interface is available to
PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Goetz Babin-Ebell
Sent: Tuesday, November 25, 2008 4:52 PM
To: openssl-users@openssl.org
Subject: Re: sign/verify kicking my ass
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Shaun wrote:
| I'm really going to be using php to encrypt/sign
: RE: sign/verify kicking my ass
when building php; include the --with-openssl= option
- on unix/linux platforms it would look something like...
./configure --with-openssl=[DIR]; does a dynamic bind of libssl libcrypto
libraries.
check the built php binary with the ldd command.
Saju
the same
output.
~Shaun
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Goetz Babin-Ebell
Sent: Tuesday, November 25, 2008 1:52 PM
To: openssl-users@openssl.org
Subject: Re: sign/verify kicking my ass
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Shaun
PROTECTED] On Behalf Of Shaun
Sent: Tuesday, November 25, 2008 7:38 PM
To: openssl-users@openssl.org
Subject: RE: sign/verify kicking my ass
Yes, that's required to use the openssl functions in php... but still
doesn't explain where the EVP functions are...
-Original Message-
From: [EMAIL
EVP function in php...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Saju
Sent: Tuesday, November 25, 2008 5:15 PM
To: openssl-users@openssl.org
Subject: RE: sign/verify kicking my ass
The EVP functions should be in OpenSSL's crypto library.
some
I used fwrite(signature,1,strlen(signature),fp) and got the same results.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni
Sent: Saturday, November 22, 2008 1:25 PM
To: openssl-users@openssl.org
Subject: Re: sign/verify kicking my ass
] On Behalf Of Dr. Stephen Henson
Sent: Saturday, November 22, 2008 1:45 PM
To: openssl-users@openssl.org
Subject: Re: sign/verify kicking my ass
On Sat, Nov 22, 2008, Shaun R. wrote:
Can anybody help me out, not sure whats going wrong. My test case right
now is the following
gcc sign.c -o sign
' is not clear?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni
Sent: Saturday, November 22, 2008 1:25 PM
To: openssl-users@openssl.org
Subject: Re: sign/verify kicking my ass
On Sat, Nov 22, 2008 at 10:38:18AM -0800, Shaun R. wrote
Shaun wrote:
I used fwrite(signature,1,strlen(signature),fp) and got the same results.
Ok - strlen does the same thing as printf - it stops at a NULL. Since
the signature is NOT guaranteed to not contain a NULL, you can't use any
function that keys off of a NULL character. Which means that
I used fwrite(signature,1,strlen(signature),fp) and got the
same results.
You seem to have a fundamental misunderstanding about how strings work
in
C. That's not good for someone writing security software. The 'strlen'
function computes the length of a C-style string. The signature
On Sat, Nov 22, 2008 at 10:38:18AM -0800, Shaun R. wrote:
Can anybody help me out, not sure whats going wrong. My test case right
now is the following
signature = (unsigned char*) malloc(RSA_size(private_key));
if(RSA_sign(NID_sha1, (unsigned char*) message, strlen(message),
On Sat, Nov 22, 2008, Shaun R. wrote:
Can anybody help me out, not sure whats going wrong. My test case right
now is the following
gcc sign.c -o sign -lcrypto
gcc verify.c -o verify -lcrypto
./sign blah.sig
./verify
RSA_sign() and RSA_verify() don't sign arbitrary data they expect
23 matches
Mail list logo