I've a question about OCSP
Hi. I would build a client OCSP requestor. I've download "openssl-0.9.6c.tar.gz", but I don't find right headers referred to this argument. How do I find those headers? How is OpenSSL implementing this protocol? Best regards FDB __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
I've a question about OCSP
Hi. I have to build an OCSP client. I've download "openssl-0.9.6c.tar.gz", but I don't find right headers referring to this argument. Where do I find those headers? How is OpenSSL implementing this protocol? Thanks Francesco Dal Bello __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Certificate format
Someone know if there is an simple OpenSSL function that say format (PEM or DER) of a given certificate? Tnx, Francesco Dal Bello __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
R: R: need help
I have build OpenSSL on my platform (very similar to your plat) with those steps and they had worked fine. Unpack openssl package (openssl-0.9.7-stable-SNAP-20020226 in my case) on HD (ex. C:\OpenSSL) You don't have to modify anything. Copy VCVARS32.BAT on this folder (for convenience). Install ActivePerl (you have alredy do it). Go to cmd session. Go to C:\OpenSSL. > VCVARS32 > perl Configure VC-WIN32 > ms\do_ms > nmake -f ms\ntdll.mak Francesco Dal Bello -Messaggio originale- Da: Alberto T Isais [mailto:[EMAIL PROTECTED]] Inviato: venerdì 5 aprile 2002 0.47 A: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Oggetto: Re: R: need help Thank you very much for attending to my needs. However, i already did that -> i ran VCVARS32.BAT before, still the same problem. My system is windows 2000 OS SP1, Windows 2000 DDK, ActivePerl-5.6.1.631-MSWin32-x86, and MSVC++ 6. I opened the hw_aep.c it has the line #include . I tried to search for that file and found only one! It is in the active pearl directory(C:\perl\site\lib\Tk\pTk\compat). I tried to include this directory in the c++ environment and i receive the error messages below. i still think that this is not the unistd.h needed. Please help me on this one. i also included the steps i did to compile it. please see below. Microsoft Windows 2000 [Version 5.00.2195] (C) Copyright 1985-1999 Microsoft Corp. C:\>cd C:\openssl-engine-0.9.6c C:\openssl-engine-0.9.6c>perl Configure VC-WIN32 Configuring for VC-WIN32 IsWindows=1 CC=cl CFLAG =-DTHREADS -DDSO_WIN32 EX_LIBS = BN_ASM=bn_asm.o DES_ENC =des_enc.o fcrypt_b.o BF_ENC=bf_enc.o CAST_ENC =c_enc.o RC4_ENC =rc4_enc.o RC5_ENC =rc5_enc.o MD5_OBJ_ASM = SHA1_OBJ_ASM = RMD160_OBJ_ASM= PROCESSOR = RANLIB=true PERL =perl THIRTY_TWO_BIT mode BN_LLONG mode RC4_INDEX mode RC4_CHUNK is undefined Configured for VC-WIN32. C:\openssl-engine-0.9.6c>ms\do_masm Generating x86 for MASM assember Bignum DES "crypt(3)" Blowfish CAST5 RC4 MD5 SHA1 RIPEMD160 RC5\32 C:\openssl-engine-0.9.6c>perl util\mkfiles.pl 1>MINFO C:\openssl-engine-0.9.6c>rem perl util\mk1mf.pl VC-MSDOS no-sock >ms\msdos.mak C:\openssl-engine-0.9.6c>rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak C:\openssl-engine-0.9.6c>perl util\mk1mf.pl dll VC-W31-32 1>ms\w31dll.mak C:\openssl-engine-0.9.6c>perl util\mk1mf.pl VC-WIN32 1>ms\nt.mak C:\openssl-engine-0.9.6c>perl util\mk1mf.pl dll VC-WIN32 1>ms\ntdll.mak C:\openssl-engine-0.9.6c>perl util\mkdef.pl 16 libeay 1>ms\libeay16.def C:\openssl-engine-0.9.6c>perl util\mkdef.pl 32 libeay 1>ms\libeay32.def C:\openssl-engine-0.9.6c>perl util\mkdef.pl 16 ssleay 1>ms\ssleay16.def C:\openssl-engine-0.9.6c>perl util\mkdef.pl 32 ssleay 1>ms\ssleay32.def C:\openssl-engine-0.9.6c>vcvars32.bat Setting environment for using Microsoft Visual C++ tools. C:\openssl-engine-0.9.6c> C:\openssl-engine-0.9.6c>nmake -f ms\ntdll.mak Microsoft (R) Program Maintenance Utility Version 6.00.8168.0 Copyright (C) Microsoft Corp 1988-1998. All rights reserved. Building OpenSSL copy nul+ .\crypto\buildinf.h tmp32dll\buildinf.h nul .\crypto\buildinf.h 1 file(s) copied. copy nul+ .\crypto\opensslconf.h inc32\openssl\opensslconf.h nul .\crypto\opensslconf.h 1 file(s) copied. ml /Cp /coff /c /Cx /Focrypto\md5\asm\m5-win32.obj .\crypto\md5\asm\m5-w in32.asm Microsoft (R) Macro Assembler Version 6.13.8204 Copyright (C) Microsoft Corp 1981-1997. All rights reserved. Assembling: .\crypto\md5\asm\m5-win32.asm ml /Cp /coff /c /Cx /Focrypto\sha\asm\s1-win32.obj .\crypto\sha\asm\s1-w in32.asm Microsoft (R) Macro Assembler Version 6.13.8204 Copyright (C) Microsoft Corp 1981-1997. All rights reserved. Assembling: .\crypto\sha\asm\s1-win32.asm ml /Cp /coff /c /Cx /Focrypto\ripemd\asm\rm-win32.obj .\crypto\ripemd\as m\rm-win32.asm Microsoft (R) Macro Assembler Version 6.13.8204 Copyright (C) Microsoft Corp 1981-1997. All rights reserved. Assembling: .\crypto\ripemd\asm\rm-win32.asm ml /Cp /coff /c /Cx /Focrypto\des\asm\d-win32.obj .\crypto\des\asm\d-win 32.asm Microsoft (R) Macro Assembler Version 6.13.8204 Copyright (C) Microsoft Corp 1981-1997. All rights reserved. Assembling: .\crypto\des\asm\d-win32.asm ml /Cp /coff /c /Cx /Focrypto\des\asm\y-win32.obj .\crypto\des\asm\y-win 32.asm Microsoft (R) Macro Assembler Version 6.13.8204 Copyright (C) Microsoft Corp 1981-1997. All rights reserved. Assembling: .\crypto\des\asm\y-win32.asm ml /Cp /coff /c /Cx /Focrypto\rc4\asm\r4-win32.obj .\crypto\rc4\asm\r4-w in32.asm Microsoft (R) Macro Assembler Version 6.13.8204 Copyright (C) Microsoft Corp 1981-1997. All rights reserved. Assembling: .\crypto\rc4\asm\r4-win32.asm ml /Cp /coff /c /Cx /Focrypto\rc5\asm\r5-win32.obj .\crypto\rc5\asm\r5-w
R: About OpenSSL 0.9.7 release
I have compile my company utility with OpenSSl 0.9.6c libs. None errors. Then I have recompile with OpenSSL 0.9.7 snap libs and I've got these errors: 'RIPEMD160_DIGEST_LENGTH' : undeclared identifier 'RIPEMD160' undefined; assuming extern returning int 'PKCS7_content_free' undefined; assuming extern returning int 'fullname' : is not a member of 'DIST_POINT_NAME_st' 'req_kludge' : is not a member of 'X509_req_info_st' 'MS_STATIC' : undeclared identifier 'set' : is not a member of 'x509_attributes_st' Thanks for interest Francesco Dal Bello -Messaggio originale- Da: Richard Levitte - VMS Whacker [mailto:[EMAIL PROTECTED]] Inviato: sabato 6 aprile 2002 10.50 A: [EMAIL PROTECTED]; Francesco Dal Bello Oggetto: Re: About OpenSSL 0.9.7 release From: "Francesco Dal Bello" <[EMAIL PROTECTED]> fdalbello> I have tried to build my company utility with fdalbello> and I have obtained a fdalbello> mistake (a function doesn't exist anymore). This mistake fdalbello> doesn't exist using 0.9.6c release. I'd like to know what function it is you're missing. Either it is an actual glitch on our part, or we might have a good explanation for it missing. fdalbello> The 0.9.7 will be quite compatible backwards? Interesting way of putting the question :-). Yes, I believe we can say that it will be "quite" compatible :-). On a more serious note: we're doing our best to keep backward compatibility. However, there are needed changes that make backward compatibility tricky at best and impossible at worst. Fortunately, this only applies to some parts of OpenSSL. The two things that have changed enormously are the ASN.1 parser/coder/decoder and the ENGINE framework (but that only really affects those who've used the engine variant of OpenSSL 0.9.6x). Something that will affect you on a linker symbol level is the change of the symbols for the DES part. To (re)link with 0.9.7, you basically have to recompile the applications that use the DES functions directly (something we don't recommend to start with). BEWARE: this has a great impact on those that use libcrypto as a shared library (something we do not recommend for anything other than saving space)! -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
ssl server identity
I figure this scenario: A SSL client handshake a secure SSL server (over secure TCP was built a customer application protocol). When the server accept the connection, it sign somedata to authenticate the connection? And if it do this, how the client can verify this sign? It is enough to make server certificate verification to accept the itdentity of the remote server? Thanks in advance for any explaination that will be sent. Francesco Dal Bello __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
PKCS12_parse problem
Greetings. I recently re-compiled my application with OpenSSL 0.9.6g (it was previously linked with 0.9.6c). I have a problem with the ''PKCS12_parse'' function that I didn't have before (platform is Solaris 8). If my application calls ''PKCS12_parse'' more than once (at different moments, even distant in time) on the same PKCS#12, ONLY THE FIRST CALL SUCCEED. Calls after the first return 0. Since I'm only interested in extracting the private key, my call is like: if (!PKCS12_parse(p12, passphrase, &prkey, NULL,NULL)) error handling This problem didn't happen with 0.9.6c. I'm quite sure that the p12 argument is a valid pointer to a PKCS#12 structure because every time I : open the key file (abort if it fails), read the pkcs12 by means of d2i_PKCS12_fp (close file and abort if it fails) close the key file call the PKCS12_parse Any hint, FAQ or known problem? Thanks in advance Francesco __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
OpenSSL on Solaris8
Hi. I have a library tool written to work on Solaris and Win platform. This libtool uses 'crypto' library from OpenSSL package. In this form, all things are OK. The problem has been introduced when I extended the tool with capabilities derived from 'ssl' library from OpenSSL package. I have built the extended libtool on Solaris and all is OK. Then I have written a test program that use the new libtool's capabilities. When I make this TestPgm I meet those errors: Undefined first referenced symbol in file COMP_CTX_free /home/sviluppo/libtool/libs/libssl.a(s3_enc.o) EVP_enc_null/home/sviluppo/libtool/libs/libssl.a(ssl_ciph.o) COMP_compress_block /home/sviluppo/libtool/libs/libssl.a(s3_pkt.o) BIO_f_buffer/home/sviluppo/libtool/libs/libssl.a(ssl_lib.o) COMP_expand_block /home/sviluppo/libtool/libs/libssl.a(s3_pkt.o) X509_STORE_load_locations /home/sviluppo/libtool/libs/libssl.a(ssl_lib.o) X509_STORE_set_default_paths/home/sviluppo/libtool/libs/libssl.a(ssl_lib.o) X509_certificate_type /home/sviluppo/libtool/libs/libssl.a(s3_clnt.o) COMP_CTX_new/home/sviluppo/libtool/libs/libssl.a(s3_enc.o) BIO_s_socket/home/sviluppo/libtool/libs/libssl.a(ssl_lib.o) ERR_load_crypto_strings /home/sviluppo/libtool/libs/libssl.a(ssl_err2.o) ld: fatal: Symbol referencing errors. No output written to ../testmain.exe collect2: ld returned 1 exit status *** Error code 1 make: Fatal error: Command failed for target `main' Notice that functions reported in the error message aren't called by my code directly. My code call only upper-level ssl function. I'm using OpenSSL version 0.9.6g. Another notice. I have ported the same libtool and TestPgm on Win platform and all works fine. Do you know what's my mistake? Do you have any suggestion to resolve this situation? Thanks in advance. Francesco Dal Bello __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
