Help needed with X509_STORE_CTX structure
HI, i need to set the current_issuer field in an object of the X509_STORE_CTX structure. Can any suggest the setter function for this. Also, current_crl_score and current_reasons also are needed to be 0 for me. Can you suggest setters for these variables. Thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
need help with X509_STORE_CTX structure.
HI, i need to set the current_issuer field in an object of the X509_STORE_CTX structure. Can any suggest the setter function for this. current_crl_score and current_reasons also are needed to be 0 for me. Can you suggest setters for these variables. Thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
X509_STORE_CTX object doubt
Hi, for X509_STORE_CTX object we have a function X509_STORE_CTX_set_cert to set the cert pointer (x509* cert) is there any get function for this variable. X509_STORE_CTX_get_current_cert is not for cert. Because, there is another variable current_cert. thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
bignum to evp key
HI, i have EvpKeyPair from GenerateEvpKeyPair(dh_p, dh_g, &pEvpKeyPair) How can I get the public key and priv key from keypair. The below function gives them as bignums but not Evp_pkey. (EVP_PKEY_get_bn_param(pEvpKeyPair, OSSL_PKEY_PARAM_PUB_KEY, &pubKey) I want pub key and priv keys as evp_pkey. Thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
error with cipher EVP_des_ede3_cbc in openssl 3.0
Hi I am trying to encrypt and decrypt using EVP_des_ede3_cbc() type. iam using openssl3.0 the functions i am using are encryption side: EVP_EncryptInit_ex -> EVP_EncryptUpdate -> EVP_EncryptFinal_ex decryption side: -- EVP_DecryptInit_ex -> EVP_DecryptUpdate -> EVP_DecryptFinal_ex but its failing in the EVP_DecryptFinal_ex. Does any have any idea on this. it's works for cipher EVP_aes_128_cbc(). Thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
Re: [EXTERNAL] Re: need some help with the block size value
i am using openssl 3.0 From: openssl-users on behalf of Matt Caswell Sent: Tuesday, February 15, 2022 6:45 PM To: openssl-users@openssl.org Subject: [EXTERNAL] Re: need some help with the block size value On 15/02/2022 12:13, Srinivas, Saketh (c) wrote: > Hi, > > i am trying to get the block size of EVP_des_ede3_cbc cipher using the > below function but it's not returning anything. > > EVP_CIPHER_get_block_size(EVP_des_ede3_cbc()) This code looks fine to me, and I just tested this and it returned the expected result of 8. When you say "it's not returning anything" do you mean it returns 0 or something else? What version of OpenSSL are you using? Matt > > Does anyone have any idea how to. > > thanks, > Saketh. > > Notice: This e-mail together with any attachments may contain > information of Ribbon Communications Inc. and its Affiliates that is > confidential and/or proprietary for the sole use of the intended > recipient. Any review, disclosure, reliance or distribution by others or > forwarding without express permission is strictly prohibited. If you are > not the intended recipient, please notify the sender immediately and > then delete all copies, including any attachments. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
need some help with the block size value
Hi, i am trying to get the block size of EVP_des_ede3_cbc cipher using the below function but it's not returning anything. EVP_CIPHER_get_block_size(EVP_des_ede3_cbc()) Does anyone have any idea how to. thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
does Openssl 3.0 has backward compatiblity.
Does openssl 3.0 supports the openssl 1.0 pkcs12 files. Is it backward compatible. For me it giving error in PKCS12_parse function. thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
error with p12 file importing
HI, I am getting this error while importing p12 file PKCS12_parse failed, error : error:0308010C:digital envelope routines::unsupported can anyone explain this? thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
Openssl 3.0 support
Hi, Does openssl 3.0 still support TLSv 1.0 and TLSv1.1. or they are deprecated, because there were some deprecations like sha1 etc. Thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
Doubt regarding ssl options
Hi, what is the difference between SSL_CTX_set_min_proto_version and SSL_set_min_proto_version. How will they effect the SSL handsahke. I can see two versions numbers in the PCAP files, 1. content type is handshake , version v1.0 2. handshake type client hello, version v1.2 what is the difference and how to modify them. Thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
need help with EVP_PKEY_derive function to generate shared key
Hi, i am trying to modify a function which earlier used openss1 to compute shared key the aruguments to the function are: rc_vchar_t *pub , rc_vchar_t *priv ; '// public and private keys. if (eay_v2bn(&dh->pub_key, pub) < 0) goto end; if (eay_v2bn(&dh->priv_key, priv) < 0) goto end; DH_compute_key(v, dh_pub, dh)) For openssl3 we are trying to use (EVP_PKEY_derive) the below code is how i implemented: rc_vchar_t *pub, rc_vchar_t *priv, // parameters to the function BIGNUM *dh_pub_key = NULL; BIGNUM *dh_priv_key = NULL; if (eay_v2bn(&dh_pub_key, pub) < 0) goto end; if (eay_v2bn(&dh_priv_key, priv) < 0) goto end; pub_key_buf = (unsigned char*) malloc( BN_num_bytes(dh_pub_key)); if (!pub_key_buf) goto end; BN_bn2nativepad(dh_pub_key, pub_key_buf, BN_num_bytes(dh_pub_key)); priv_key_buf = (unsigned char*) malloc( BN_num_bytes(dh_priv_key)); if (!priv_key_buf) goto end; BN_bn2nativepad(dh_priv_key, priv_key_buf, BN_num_bytes(dh_priv_key)); pklen = strlen((char*)priv_key_buf); peerklen = strlen((char*)pub_key_buf); const unsigned char *pub_key = ( const unsigned char *)pub_key_buf; const unsigned char *priv_key = ( const unsigned char *)priv_key_buf; pkey = d2i_PrivateKey(EVP_PKEY_RSA, &pkey, &priv_key, pklen); peerkey = d2i_PublicKey(EVP_PKEY_RSA, &peerkey, &pub_key, peerklen); ctx = EVP_PKEY_CTX_new(pkey, NULL); The problem its failing at Pkey and PeerKey creation. Does anyone have any idea how to get it working. Also can anyone suggest how to know the correct replacemant for EVP_PKEY_RSA, OR any way to know what is the type for my pub and priv keys Thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.
Help with TLS call on openssl3
HI, I am using Openssl3. while Run a TLS call, call connected successfully, but at the end of the call i got the error message: SSL3 alert write:fatal:decode error SSL error (a000126): unexpected eof while reading ERROR on SSL_read err=1 flag=0 Initiating SSL shutdown I think some issue while disconnecting the session. When i tried with openssl1 it did not throw the error. I am testing with sipp. IN wireshark i can see sipp sending TCP-FIN-ACK and openssl3 responded with TCP-PSH-ACK. Whereas in the openssl1 case it responded with a tcp message "encrypted alert" . I think some issue with closing TLS connection in openssl3. Can someone help me understand why? thanks, Saketh. Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments.