Get Public Key in byte array
Hello! How I can get the public key (from a certificate) in an array of bytes? Thanks in advance, Regards, Antonio. -- -- Antonio Ruiz Martínez Facultad de Informática-Universidad de Murcia 30001 Murcia - España (Spain) Telf: +34-968-364644 e-mail: [EMAIL PROTECTED] -- __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Installation over Linux Slackware
I'm trying to install SSLeay-0.8.1 on Linux-Slackware. Compiling is not right because file standards.h is missing. Perhaps a previous package must be installed before ssl ? Thanks in advance. Narciso Guillen [EMAIL PROTECTED] [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
??: help Me
Title: ??: help Me I THINK u can compile it under win2000 see doc install.w32 good luck -ÔʼÓʼþ- ·¢¼þÈË: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]´ú±í Ali Seifi ·¢ËÍʱ¼ä: 2001Äê4ÔÂ15ÈÕ 23:11 ÊÕ¼þÈË: [EMAIL PROTECTED] Ö÷Ìâ: help Me Dear Sir/Madam, Hello I find your OpenSSL Source and enjoy from it. it's great. I has a Question : I need to write a WIN2000 Service Application that must be support SSL V2 and SSL V3 And TLS protocol. So i write a NT Service program that Send/Receive any message from HTTP port. I think , i must join a ssl library to my Service program. Is it true? If answer is ture, can i do used OpenSSL library in my application? How? please send me any information. In advance, thank you for your information. Best regards Ali Seifi __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Problems with Microsoft IIS csr
Enrico Russo wrote: Hi, I've some problems with string encoding. The Root Cert (created and self-signed with openssl) DN is : subject= /C=IT/ST=GE/L=Genova/O=Universit\xE0 di Genova/OU=Unige CA/CN=unige [EMAIL PROTECTED] When I try to sign requests created with Microsoft IIS or IE the organizationName field (with policy 'match') doesn't match ... : Check that the request matches the signature Signature ok The Subjects Distinguished Name is as follows commonName:PRINTABLE:'.csita.unige.it' organizationalUnitName:PRINTABLE:'Unige CA' organizationName :ASN.1 30:'^@U^@n^@i^@v^@e^@r^@s^@i^@t^@\0xFFE0^@ ^@d^@i^@ ^@G^@e^@n^@o^@v^@a' localityName :PRINTABLE:'Genova' stateOrProvinceName :PRINTABLE:'GE' countryName :PRINTABLE:'IT' The organizationName field needed to be the same in the CA certificate (Universit di Genova) and the request () There's a way to solve this problem ? Thanks Per evitare problemi, le consiglio di usare solo Universita senza la lettera accentata... E' bruttino, ma non c'e' altro modo, anche modificando il codice di openssl in modo da accettare caratteri NON PRINTABLE, poi incorre in molti problemi con i browser, fino al crash di netscape e/o explorer. Buon Lavoro. -- Dott. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) Member of the Internet Society http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Repost: Useful newbie document
I've written a document as part of my own openSSL notes that describes how to code an SSL client and server using the openSSL libraries. It's a bit noddy but it does the job. These might be useful for people just starting (I know I was looking for such a document when I started). http://www.consegna.co.uk/exchangeCentre.html The form filling is optional, so don't worry about that unless you absolutely want to :) Good luck! Tat. S/MIME Cryptographic Signature
reading private key from the file fails
hello im trying to write the private key into the file and read back the key . im using PEM_read_bio_Privatekey,PEM_write_bio_Privatekey im also using password so the key is encrypted and kept please see the code . the code is working fine for writing and problem is i cannot read back the key. so please make suggestions. the code generate the keys store the private key in the file and tries to read back thanx in advance --- #include stdio.h #include openssl/evp.h #include openssl/rsa.h #include openssl/x509.h EVP_PKEY *publicKey,*privateKey; void generate() { RSA *rsa, *pub_rsa, *priv_rsa; int len; unsigned char *buf, *p; X509 *x509; rsa = RSA_generate_key (1024, RSA_F4, NULL,NULL); buf = (unsigned char *) malloc (2048); p = buf; /* Save the public key into buffer, we know it will be big enough * but we should really check how much space we need by calling the * i2d functions with a NULL second parameter */ len = i2d_RSAPublicKey (rsa, p); len += i2d_RSAPrivateKey (rsa, p); printf (The public and private key are now both in a char array\n); printf (and are taking up %d bytes\n, len); RSA_free (rsa); p = buf; pub_rsa = d2i_RSAPublicKey (NULL, p, (long) len); len -= (p - buf); priv_rsa = d2i_RSAPrivateKey (NULL, p, (long) len); if ((pub_rsa == NULL) || (priv_rsa == NULL)) ERR_print_errors_fp (stderr); publicKey= EVP_PKEY_new (); privateKey = EVP_PKEY_new (); /* convert rsa public and private keys into EVP PUBLIC AND PRIVATE KEYS */ printf (\n the public key result code %d\n, EVP_PKEY_set1_RSA (publicKey, pub_rsa)); printf (\n the private key result code...%d\n, EVP_PKEY_set1_RSA (privateKey, priv_rsa)); /* check private key and public key consistencyd */ x509 = X509_new (); X509_set_pubkey (x509, publicKey); printf (\n checking private and public key consistency..%d\n, X509_check_private_key (x509, privateKey)); RSA_free (pub_rsa); RSA_free (priv_rsa); } EVP_PKEY *loadkey(unsigned char * file,unsigned char* pass) { BIO *key=NULL; EVP_PKEY *pkey=NULL; key=BIO_new(BIO_s_file()); if(key==NULL) return -1; if(BIO_read_filename(key,file)==-1) return -1; pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass); return pkey; } int setkey(unsigned char *file,EVP_PKEY *prikey,unsigned char *pass) { BIO *key=NULL; key=BIO_new(BIO_s_file()); if(key==NULL) return -1; if(BIO_write_filename(key,file)==-1) return -1; PEM_write_bio_PrivateKey(key,prikey,NULL,NULL,0,NULL,pass); return 1; } int main() { EVP_PKEY *tempkey; generate(); setkey(priv21.pem,privateKey,NULL); tempkey=loadkey(priv21.pem,NULL); if(tempkey==NULL) { printf(\n hey this is not the way to do it \n); exit(1); } return 1; } --- Do You Yahoo!? For regular News updates go to http://in.news.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
compile problems
Hi, i have a problem compiling Apache1.3.19 with mod_ssl and openssl. The compile error is #ssl_engine_mutex.c: In function ssl_mutex_sem_create: #ssl_engine_mutex.c: 295: Incompatible type for argument 4 of 'semctl' #ssl_engine_mutex.c: 304: Incompatible type for argument 4 of 'semctl' Somebody can help me? I have a Red-Hat 5.2 on my server. Thank you __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
reading private key from the file fails
hello im trying to write the private key into the file and read back the key . im using PEM_read_bio_Privatekey,PEM_write_bio_Privatekey im also using password so the key is encrypted and kept please see the code . the code is working fine for writing and problem is i cannot read back the key. so please make suggestions. the code generate the keys store the private key in the file and tries to read back thanx in advance --- #include stdio.h #include openssl/evp.h #include openssl/rsa.h #include openssl/x509.h EVP_PKEY *publicKey,*privateKey; void generate() { RSA *rsa, *pub_rsa, *priv_rsa; int len; unsigned char *buf, *p; X509 *x509; rsa = RSA_generate_key (1024, RSA_F4, NULL,NULL); buf = (unsigned char *) malloc (2048); p = buf; /* Save the public key into buffer, we know it will be big enough * but we should really check how much space we need by calling the * i2d functions with a NULL second parameter */ len = i2d_RSAPublicKey (rsa, p); len += i2d_RSAPrivateKey (rsa, p); printf (The public and private key are now both in a char array\n); printf (and are taking up %d bytes\n, len); RSA_free (rsa); p = buf; pub_rsa = d2i_RSAPublicKey (NULL, p, (long) len); len -= (p - buf); priv_rsa = d2i_RSAPrivateKey (NULL, p, (long) len); if ((pub_rsa == NULL) || (priv_rsa == NULL)) ERR_print_errors_fp (stderr); publicKey= EVP_PKEY_new (); privateKey = EVP_PKEY_new (); /* convert rsa public and private keys into EVP PUBLIC AND PRIVATE KEYS */ printf (\n the public key result code %d\n, EVP_PKEY_set1_RSA (publicKey, pub_rsa)); printf (\n the private key result code...%d\n, EVP_PKEY_set1_RSA (privateKey, priv_rsa)); /* check private key and public key consistencyd */ x509 = X509_new (); X509_set_pubkey (x509, publicKey); printf (\n checking private and public key consistency..%d\n, X509_check_private_key (x509, privateKey)); RSA_free (pub_rsa); RSA_free (priv_rsa); } EVP_PKEY *loadkey(unsigned char * file,unsigned char* pass) { BIO *key=NULL; EVP_PKEY *pkey=NULL; key=BIO_new(BIO_s_file()); if(key==NULL) return -1; if(BIO_read_filename(key,file)==-1) return -1; pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass); return pkey; } int setkey(unsigned char *file,EVP_PKEY *prikey,unsigned char *pass) { BIO *key=NULL; key=BIO_new(BIO_s_file()); if(key==NULL) return -1; if(BIO_write_filename(key,file)==-1) return -1; PEM_write_bio_PrivateKey(key,prikey,NULL,NULL,0,NULL,pass); return 1; } int main() { EVP_PKEY *tempkey; generate(); setkey(priv21.pem,privateKey,NULL); tempkey=loadkey(priv21.pem,NULL); if(tempkey==NULL) { printf(\n hey this is not the way to do it \n); exit(1); } return 1; } --- Do You Yahoo!? For regular News updates go to http://in.news.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Get Public Key in byte array
There are loads of d2i_ and i2d_ functions to do this. Have a look at the documentation which is very good in this area. Tat. Antonio Ruiz Martínez wrote: Hello! How I can get the public key (from a certificate) in an array of bytes? Thanks in advance, Regards, Antonio. -- -- Antonio Ruiz Martínez Facultad de Informática-Universidad de Murcia 30001 Murcia - España (Spain) Telf: +34-968-364644 e-mail: [EMAIL PROTECTED] -- __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] -- +--- | Tat Sing Kong Bsc(Hons) | Senior Technical Architect | Consegna Advanced Technologies Ltd | 1st Floor, 30-32 Thomas Street | Manchester, M4 1ER, United Kingdom | http://www.consegna.co.uk | Tel : +44 (0)161 833 3777 | Fax : +44 (0)161 833 3636 | Email : [EMAIL PROTECTED] + This e-mail is from Consegna Advanced Technologies. The information in this e-mail and any files transmitted with it are confidential and may be legally privileged. It is intended solely for the stated recipient. Access to this e-mail by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. If you have received this e-mail in error please notify [EMAIL PROTECTED] or telephone +44 (0)161 833 3777. Views or opinions expressed by an individual within this e-mail may not necessarily reflect the views of Consegna Advanced Technologies. +- __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: compile problems
It's very hard to say what's wrong only from that .. Anyway, try to see : - man semctl - see the source ssl_engine_mutex.c - see with what arguments is semctl called, it would help to give a hint about that. - see httpd.conf - SSLMutex directive and mod_ssl user manual (Chapter 3), maybe you can figure it out.. [EMAIL PROTECTED] wrote: Hi, i have a problem compiling Apache1.3.19 with mod_ssl and openssl. The compile error is #ssl_engine_mutex.c: In function ssl_mutex_sem_create: #ssl_engine_mutex.c: 295: Incompatible type for argument 4 of 'semctl' #ssl_engine_mutex.c: 304: Incompatible type for argument 4 of 'semctl' Somebody can help me? I have a Red-Hat 5.2 on my server. Thank you __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
problem in reading private key from the file
hello im trying to write the private key into the file and read back the key . im using PEM_read_bio_Privatekey,PEM_write_bio_Privatekey im also using password so the key is encrypted and kept please see the code . the code is working fine for writing and problem is i cannot read back the key. so please make suggestions. the code generate the keys store the private key in the file and tries to read back thanx in advance --- #include stdio.h #include openssl/evp.h #include openssl/rsa.h #include openssl/x509.h EVP_PKEY *publicKey,*privateKey; void generate() { RSA *rsa, *pub_rsa, *priv_rsa; int len; unsigned char *buf, *p; X509 *x509; rsa = RSA_generate_key (1024, RSA_F4, NULL,NULL); buf = (unsigned char *) malloc (2048); p = buf; /* Save the public key into buffer, we know it will be big enough * but we should really check how much space we need by calling the * i2d functions with a NULL second parameter */ len = i2d_RSAPublicKey (rsa, p); len += i2d_RSAPrivateKey (rsa, p); printf (The public and private key are now both in a char array\n); printf (and are taking up %d bytes\n, len); RSA_free (rsa); p = buf; pub_rsa = d2i_RSAPublicKey (NULL, p, (long) len); len -= (p - buf); priv_rsa = d2i_RSAPrivateKey (NULL, p, (long) len); if ((pub_rsa == NULL) || (priv_rsa == NULL)) ERR_print_errors_fp (stderr); publicKey= EVP_PKEY_new (); privateKey = EVP_PKEY_new (); /* convert rsa public and private keys into EVP PUBLIC AND PRIVATE KEYS */ printf (\n the public key result code %d\n, EVP_PKEY_set1_RSA (publicKey, pub_rsa)); printf (\n the private key result code...%d\n, EVP_PKEY_set1_RSA (privateKey, priv_rsa)); /* check private key and public key consistencyd */ x509 = X509_new (); X509_set_pubkey (x509, publicKey); printf (\n checking private and public key consistency..%d\n, X509_check_private_key (x509, privateKey)); RSA_free (pub_rsa); RSA_free (priv_rsa); } /* read s the key from the file */ EVP_PKEY *loadkey(unsigned char * file,unsigned char* pass) { BIO *key=NULL; EVP_PKEY *pkey=NULL; key=BIO_new(BIO_s_file()); if(key==NULL) return -1; if(BIO_read_filename(key,file)==-1) return -1; pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass); return pkey; } /* puts the key in the file */ int setkey(unsigned char *file,EVP_PKEY *prikey,unsigned char *pass) { BIO *key=NULL; key=BIO_new(BIO_s_file()); if(key==NULL) return -1; if(BIO_write_filename(key,file)==-1) return -1; PEM_write_bio_PrivateKey(key,prikey,NULL,NULL,0,NULL,pass); return 1; } int main() { EVP_PKEY *tempkey; generate(); setkey(priv21.pem,privateKey,NULL); tempkey=loadkey(priv21.pem,NULL); if(tempkey==NULL) { printf(\n hey this is not the way to do it \n); exit(1); } return 1; } --- Do You Yahoo!? For regular News updates go to http://in.news.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: problem in reading private key from the file
U should close the output BIO... If not the output isn't flushed.. Probably you create a 0-length file... manjunath gv wrote: hello im trying to write the private key into the file and read back the key . im using PEM_read_bio_Privatekey,PEM_write_bio_Privatekey im also using password so the key is encrypted and kept please see the code . the code is working fine for writing and problem is i cannot read back the key. so please make suggestions. the code generate the keys store the private key in the file and tries to read back thanx in advance --- #include stdio.h #include openssl/evp.h #include openssl/rsa.h #include openssl/x509.h EVP_PKEY *publicKey,*privateKey; void generate() { RSA *rsa, *pub_rsa, *priv_rsa; int len; unsigned char *buf, *p; X509 *x509; rsa = RSA_generate_key (1024, RSA_F4, NULL,NULL); buf = (unsigned char *) malloc (2048); p = buf; /* Save the public key into buffer, we know it will be big enough * but we should really check how much space we need by calling the * i2d functions with a NULL second parameter */ len = i2d_RSAPublicKey (rsa, p); len += i2d_RSAPrivateKey (rsa, p); printf (The public and private key are now both in a char array\n); printf (and are taking up %d bytes\n, len); RSA_free (rsa); p = buf; pub_rsa = d2i_RSAPublicKey (NULL, p, (long) len); len -= (p - buf); priv_rsa = d2i_RSAPrivateKey (NULL, p, (long) len); if ((pub_rsa == NULL) || (priv_rsa == NULL)) ERR_print_errors_fp (stderr); publicKey= EVP_PKEY_new (); privateKey = EVP_PKEY_new (); /* convert rsa public and private keys into EVP PUBLIC AND PRIVATE KEYS */ printf (\n the public key result code %d\n, EVP_PKEY_set1_RSA (publicKey, pub_rsa)); printf (\n the private key result code...%d\n, EVP_PKEY_set1_RSA (privateKey, priv_rsa)); /* check private key and public key consistencyd */ x509 = X509_new (); X509_set_pubkey (x509, publicKey); printf (\n checking private and public key consistency..%d\n, X509_check_private_key (x509, privateKey)); RSA_free (pub_rsa); RSA_free (priv_rsa); } /* read s the key from the file */ EVP_PKEY *loadkey(unsigned char * file,unsigned char* pass) { BIO *key=NULL; EVP_PKEY *pkey=NULL; key=BIO_new(BIO_s_file()); if(key==NULL) return -1; if(BIO_read_filename(key,file)==-1) return -1; pkey=PEM_read_bio_PrivateKey(key,NULL,NULL,pass); return pkey; } /* puts the key in the file */ int setkey(unsigned char *file,EVP_PKEY *prikey,unsigned char *pass) { BIO *key=NULL; key=BIO_new(BIO_s_file()); if(key==NULL) return -1; if(BIO_write_filename(key,file)==-1) return -1; PEM_write_bio_PrivateKey(key,prikey,NULL,NULL,0,NULL,pass); return 1; } int main() { EVP_PKEY *tempkey; generate(); setkey(priv21.pem,privateKey,NULL); tempkey=loadkey(priv21.pem,NULL); if(tempkey==NULL) { printf(\n hey this is not the way to do it \n); exit(1); } return 1; } --- Do You Yahoo!? For regular News updates go to http://in.news.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] -- FERDINANDO RICCHIUTI Research Development CSP s.c. a r.l. Villa Gualino Viale Settimo Severo, 63 - 10133 Torino [IT] e-mail [EMAIL PROTECTED] mob +39 (0)348 6023959 tel +39 (0)11 3165401 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
bug in EVP_MD_CTX_copy()
Iam trying to use openssl in my app and boundschecker was giving the following error stack memory overrun Copying 96 bytes to ctx.digest Starting offset 0,destination size:4 bytes The callstack details are EVP_MD_CTX_copy() \crypto\evp\digest.c line no 90 ssl3_handshake_mac() \ssl\s3_enc.c 434 ssl3_final_finish_mac() \ssl\s3_enc.c 419 ssl3_send_finished() \ssl\s3_both.c 155 ssl3_connect() \ssl\s3_clnt.c 329 SSL_connect() \ssl\ssl_lib.c 727 ssl23_get_server_hello() \ssl\s23_clnt.c469 ssl23_connect() \ssl\ssl_clnt.c179 SSL_connect()\ssl\ssl_lib.c 727 Taking a closer look i found that in ssl3_handshake_mac() we have instantiated EVP_MD_CTX ctx; and then call EVP_MD_CTX_copy(ctx,in_ctx) inside which we do a memcpy Now ctx has a pointer memberconst EVP_MD *digest; When we instantiate ctx ,digest being a member pointer does not get allocated any memory and when we do the memcpy inside EVP_MD_CTX_copy we are copying data into a dangling pointer.Shouldnt we allocate memory to ctx.digest before calling EVP_MD_CTX_copy. Iam using openssl-0.9.5a but i checked the latest openssl-0.9.6 engine.This bug is still there __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: compile problems
From: Diana Calugarescu [EMAIL PROTECTED] One other thing to remember is that discussions about mod_ssl do not belong in openssl-users! The described problem has, as far as I can understand, nothing at all to do with OpenSSL diana.calugarescu It's very hard to say what's wrong only from that .. diana.calugarescu Anyway, try to see : diana.calugarescu - man semctl diana.calugarescu - see the source ssl_engine_mutex.c - see with what arguments is semctl diana.calugarescu called, it would help to give a hint about that. diana.calugarescu - see httpd.conf - SSLMutex directive and mod_ssl user manual (Chapter diana.calugarescu 3), maybe you can figure it out.. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, Celo Communications: http://www.celocom.com/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Encryption and Decryption
Hi, I am trying to find any examples of C code for using the EVP_EncryptInit and EVP_EncyptUpdate, and EVP_EncryptFinal functions as possible... I am trying to code a encryption function for a client/server to encrypt the username and password during authenication.. Any help would be greatly appreciated.. thanks. Dennis __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: reading private key from the file fails
manjunath gv wrote: hello im trying to write the private key into the file and read back the key . im using PEM_read_bio_Privatekey,PEM_write_bio_Privatekey im also using password so the key is encrypted and kept please see the code . the code is working fine for writing and problem is i cannot read back the key. so please make suggestions. Read the FAQ. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
beginner
Hey I just started investigating OpenSSH implementations because I was assigned to port ssh (openSsh) to Real time OS (VxWorks). And now I am asking any of you, if there is anything done on that kind of OS-es or even better some listigs of files and things i should look for. Thanks. gasper -- Gasper /| Markic HermesSoftLab /_o Litijska51LjubljanaSlovenia / // +38615865367 +38641589513 ~~~= mailto:[EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
PEM_read_X509 causes crash
I have written a server on NT that crashes when it gets to the PEM_read_X509 function. Here is a portion of the code: X509* pCert = NULL; FILE *fpCert = fopen(c:\\trustedCA.pem, r); PEM_read_X509(fpCert, pCert, NULL, NULL); Does anyone know what is wrong? Thanks, George __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Installation over Linux Slackware
I am running the most current release on that very operating system, any reason you are not running OpenSSL 0.9.X instead of SSLeay? On Monday 23 April 2001 03:32, you wrote: I'm trying to install SSLeay-0.8.1 on Linux-Slackware. Compiling is not right because file standards.h is missing. Perhaps a previous package must be installed before ssl ? Thanks in advance. Narciso Guillen [EMAIL PROTECTED] [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Smart Card Readers
I think I've got to try one of those: http://www.ibutton.com/pki.html I'd love to hear from someone who has. - Original Message - From: Mark H. Wood [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, April 23, 2001 11:56 PM Subject: Re: Smart Card Readers If you don't insist on the token being a *card*, the iButton looks interesting. I've not used it -- has anyone? -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Make a good day. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Use of Openssl in the USA.
Is anyone aware of the restrictions on the use of OpenSSL for commercial purposes in the USA? I am aware of the restrictions on the use of: a. IDEA (for commercial purposes). b. RC5 Can all the other ciphers be used? Thanks, Mani __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
config did not go through
Folks, When I tried to config on my Solaris box, I got the below error. Makefile = Makefile.ssl e_os.h = include/openssl/e_os.h [File exists] e_os2.h = include/openssl/e_os2.h [File exists] crypto /bin/sh: crypto: does not exist make: *** [links] Error 1 my GNU Make's version is 3.76.1. Any idea why I am seeing this error. Jeeva. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Password only with CallBack Func ?
Hi all, I am writing an JAVA Wrapper for OpenSSL , and I want to use the PEM_read_foobar functions..The problem is I can't use callback function. Is-there anyway in the API to decrypt after reading the PEM through the BIO ? Thanks Laurent __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
how to use SSL_CTX_use_certificate_chain_file
I can' t find any documentation on SSL_CTX_use_certificate_chain_file. Is this a server or client function? Thanks, George __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Cryptlib
What is the relationship between cryptlib and OpenSSL? I noticed that Eric Young name appears in the cryptlib credits. Does cryptlib use OpenSSL as its core software component? Ken __ Support InterSoft International, Inc. Voice: 888-823-1541, International 281-398-7060 Fax: 888-823-1542, International 281-560-9170 [EMAIL PROTECTED] http://www.securenetterm.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
unexpected alert packet after shutdown
We have built an OPENSSL client. We seem to get through the authentication level, and we are sending data through SSL. After sending data through SSL, we execute the following function to close SSL: SSL_shutdown(ssl); The server receives the following alert: 1503 1643BABD A90D53A7 2735C24B C102364B DD2AE585 00E51C The server expected non-SSL data at this point. I could not analyze the alert because the format was not like I expected. I throught that alerts were in the following format: 15 Alert 0300Version 0016Length 43 alert Level BA alert description I thought that Alert level would be 01 or 02, and that Alert Description would be a documented value? Has anyone ever seen an alert like this? If so, how is it decoded? Thanks, George __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: several ip addresses
Thank you but how do I had a second CN? I usually use: openssl req -new -nodes -x509 -out /var/key.pem -keyout /var/key.pem -days 365 it then asks a few questions and only once for CN. I tried CN, CN but it doesn't work. Thank you for any help Olivier -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]De la part de Greg Stark Envoyé : lundi 26 mars 2001 22:47 À : [EMAIL PROTECTED] Objet : Re: several ip addresses add another CN with the second IP address. _ Greg Stark Ethentica, Inc. [EMAIL PROTECTED] _ - Original Message - From: Olivier Wegria [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, March 26, 2001 7:36 AM Subject: several ip addresses Hi there, I installed OpenSSL on my linux RH7 box and it works fine with Cyrus. I created a self signed certificate to enable encryption between MSoutlook and cyrus on our local network. I would like to access my mail server through another gateway but then, my server is reachable via another ip address. Therefore, I have a message saying that the certificate doesn't match the address. How can I create a valid certificate with 2 ip addresses? (I don't have DNS) Thanks for any help Olivier __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: how to use SSL_CTX_use_certificate_chain_file
It is documented @ (http://www.openssl.org/docs/ssl/SSL_CTX_use_certificate.html#). _ Greg Stark Ethentica, Inc. [EMAIL PROTECTED] _ - Original Message - From: George Lind [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, April 23, 2001 12:33 PM Subject: how to use SSL_CTX_use_certificate_chain_file I can' t find any documentation on SSL_CTX_use_certificate_chain_file. Is this a server or client function? Thanks, George __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: unexpected alert packet after shutdown
George, The alert is encrypted under the current ciphersuite, as it should be. It is almost certainly a close_notify alert, which is expected and correct. _ Greg Stark Ethentica, Inc. [EMAIL PROTECTED] _ - Original Message - From: George Lind [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Monday, April 23, 2001 1:10 PM Subject: unexpected alert packet after shutdown We have built an OPENSSL client. We seem to get through the authentication level, and we are sending data through SSL. After sending data through SSL, we execute the following function to close SSL: SSL_shutdown(ssl); The server receives the following alert: 1503 1643BABD A90D53A7 2735C24B C102364B DD2AE585 00E51C The server expected non-SSL data at this point. I could not analyze the alert because the format was not like I expected. I throught that alerts were in the following format: 15 Alert 0300 Version 0016 Length 43 alert Level BA alert description I thought that Alert level would be 01 or 02, and that Alert Description would be a documented value? Has anyone ever seen an alert like this? If so, how is it decoded? Thanks, George __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
openssl-0.9.6a
This library fails when doing make linux-shared openssl-0.9.6a This library works doing make linux-shared openssl-0.9.6 Interesting, but cost me a lot of time, so I thought I'd share. Torsten __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]