Hello all
I am having trouble getting OpenSSL-0.9.6 to compile. I have, as you
will see from the output of the make report, configured with the no-asm
option and which fixed one problem I was having. But I continue to have
problems getting it to compile. I am pretty sure that it is nothing
wrong
Robert Joop wrote:
>
>
> the user cert has the user CA's DN in the issuer DN (CN=User CA) and
> the root CA's DN in the authority key identifier "DirName" (CN=Test-CA
> (G4)), see the attached example.
> but the user cert's authority key identifier "keyid" is the user CA
> cert's subject key ide
On 02-03-19 23:05:52 CET, Dr S N Henson wrote:
> I can't see how that can happen. The ca command only passes the issuing
> CA certificate to the extension routines. It does not have access to any
> other CA certificate. It fills in the authority key identifier by
> extracting the issuer name of th
Kiyoshi Watanabe wrote:
>
> Dear All,
>
> I am writing a code to add my private extension. For the extesion id,
> where I should look at and add it? Each standard extension has the id
> like NID_basic_constraints.
>
> If I want to write this,
> ex = X509V3_EXT_conf_nid(NULL, NULL,NID_my_private
Michael Bell wrote:
>
> Dr S N Henson schrieb:
> >
> > Michael Bell wrote:
> > >
> > > Hi,
> > >
> > > I found a bug in openssl ca. If you set authorityKeyIdentifier to
> > > keyid and issuer always then the keyid will be set correctly but the
> > > issuer is wrong.
> > >
> > > Example:
> > >
> >
Dr S N Henson schrieb:
>
> Michael Bell wrote:
> >
> > Hi,
> >
> > I found a bug in openssl ca. If you set authorityKeyIdentifier to
> > keyid and issuer always then the keyid will be set correctly but the
> > issuer is wrong.
> >
> > Example:
> >
> > Root-CA --> Sub-Level 1 CA --> Sub-Level 2 CA
OpenSSL Bug report Tue Mar 19 11:07:02 PST 2002
From: Linda Gay Thompson NASA Ames Research Center, Mt. View, Ca. 94035
I had the same problem when compiling with the -O3 flag.
Please send email response to:
[EMAIL PROTECTED]
OpenSSL self-test report:
OpenSSL version: 0.9.6c
Last change:
Date sent: Tue, 19 Mar 2002 14:39:00 -0500
From: Vern Staats <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject:Re: cvs commit: openssl/ssl kssl.c
Send reply to: [EMAIL PROTECTED]
I just wish the logic worked, then I woul
On Tue, Mar 19, 2002 at 06:37:35PM +, Dr S N Henson wrote:
> Jeffrey Altman wrote:
> >
> > To make it very clear, the locations that I'm seeing warnings are:
> > ssl\kssl.c:
> >
> > In print_krb5_data() kdata->length is unsigned
> > In print_krb5_keyblock() keyblk->length is unsigned
> > [..
I don't really understand the math very well. I assume that being a
generator has something to do with ensuring that a^b%n has a long period as n
increases.
Is the check for a generator actually useless, or just unnecessarily
strict? Because in the second case (assuming my code
Jeffrey Altman wrote:
>
> To make it very clear, the locations that I'm seeing warnings are:
>
> ssl\kssl.c:
>
> In print_krb5_data() kdata->length is unsigned
>
> In print_krb5_keyblock() keyblk->length is unsigned
>
> In print_krb5_princ() princ->realm.length and
> princ->realm.data[i].leng
> Benzy Gabay wrote:
>
> Hi,
>
> I'm trying programmatically to code / decode ASN1 streams.
> - Could someone tell me what are the set of API functions that I can
> use to code / decode ASN1 streams.
>
>
Applications use the i2d/d2i functions to encode or decode data between
memory and C stru
Michael Bell wrote:
>
> Hi,
>
> I found a bug in openssl ca. If you set authorityKeyIdentifier to
> keyid and issuer always then the keyid will be set correctly but the
> issuer is wrong.
>
> Example:
>
> Root-CA --> Sub-Level 1 CA --> Sub-Level 2 CA --> User
>
> If I issue a certificate for
On Mon, Mar 18, 2002 at 05:22:53PM -0800, Tom Wu wrote:
> The attached patch against 0.9.6c maps the new X509 verification error
> codes into SSL alerts, using the following mappings:
>
> X509_V_ERR_CERT_UNTRUSTED => SSL_AD_BAD_CERTIFICATE
> X509_V_ERR_CERT_REJECTED => SSL_AD_BAD_CERTIFICATE
> X
Title: Clear Day
Hi,
I'm trying programmatically to code / decode ASN1 streams.
- Could someone tell me what are the set of API functions that I can
use to code / decode ASN1 streams.
Cheers==Benzy GabayR&DMaya
Software Technologies Ltd.http://www.maya-st.comT
Hi,
I found a bug in openssl ca. If you set authorityKeyIdentifier to
keyid and issuer always then the keyid will be set correctly but the
issuer is wrong.
Example:
Root-CA --> Sub-Level 1 CA --> Sub-Level 2 CA --> User
If I issue a certificate for a user then the issuer of the CA-cert
is the
Dear All,
I am writing a code to add my private extension. For the extesion id,
where I should look at and add it? Each standard extension has the id
like NID_basic_constraints.
If I want to write this,
ex = X509V3_EXT_conf_nid(NULL, NULL,NID_my_private_extensin,
"My Test Extension");
Which f
On Tue, Mar 19, 2002 at 08:40:18AM +, Jason Holt wrote:
> I've added the general form of generator checking to crypto/dh/dh_gen.c and
> fixed the uninitialized t1,t2 bug. It compiles, but I haven't really tested
> it. What I have so far is at:
>
> http://www.lunkwill.org/dh_gen.c
I had no
To make it very clear, the locations that I'm seeing warnings are:
ssl\kssl.c:
In print_krb5_data() kdata->length is unsigned
In print_krb5_keyblock() keyblk->length is unsigned
In print_krb5_princ() princ->realm.length and
princ->realm.data[i].length are unsigned.
and then in ssltest.c (n
> So, if I would set des_old.h to have 0.9.6c compatibility, I would
> remove the requirement to defined the macro
> OPENSSL_DES_PRE_0_9_7_COMPATIBILITY, and instead require that one
> defines OPENSSL_LIBDES_COMPATIBILITY if that's what one wants.
>
> Unfortunately, I have a hard time deciding, s
> Jeffrey Altman wrote:
> >
> > > Update on this. I've now got hold of MIT 1.2.4 sources from:
> > >
> > > http://non-us.debian.org/debian-non-US/pool/non-US/main/k/krb5
> > >
> > > I tested compiling OpenSSL with KRB options under Linux (RHL 6.2) and it
> > > showed no warnings at all (my option
Masanori Satake wrote:
>
> I tried parsing the PFX file attached(passphrase:test) using PKCS12_parse()
> function.
> However I cannot get the right value of DSA private key parameter x.
>
> And I tried executing open-ssl command following
> "openssl -in target.pfx -out target.key -nocerts -nod
I tried parsing the PFX file attached(passphrase:test) using PKCS12_parse()
function.
However I cannot get the right value of DSA private key parameter x.
And I tried executing open-ssl command following
"openssl -in target.pfx -out target.key -nocerts -nodes".
I found that this case also resul
I've added the general form of generator checking to crypto/dh/dh_gen.c and
fixed the uninitialized t1,t2 bug. It compiles, but I haven't really tested
it. What I have so far is at:
http://www.lunkwill.org/dh_gen.c
-J
__
Hi,
there is an error in demos/maurice/example1.c (last cvs version).
Here is the patch :
--- example1.c.orig Tue Mar 19 10:53:41 2002
+++ example1.c Tue Mar 19 10:54:46 2002
@@ -72,7 +72,7 @@ void main_encrypt(void)
pubKey[0] = ReadPublicKey(PUBFILE);
- if(!pubKey)
+
25 matches
Mail list logo