Re: Cipher question...

2000-06-23 Thread Lutz Jaenicke
On Fri, Jun 23, 2000 at 12:41:14PM -0400, Bill Rebey wrote: > This has all been incredibly helpful, and I've been trying to read up on > this matter. I'm finding radioactive isotope counters, FM static samplers, > thermal noise samplers, etc. Lots of cool hardware solutions. I need a > software

SSL_CTX_set_default_verify_paths info

2000-06-23 Thread Brian Hatch
Could someone point me to a code snippet that would tell me how to determine the files that will be used by the SSL_CTX_set_default_verify_paths(ctx) function? Specifically I am making a modification to stunnel, and would like to print out the certificate files and directories it will be readi

Re: seed

2000-06-23 Thread Rich Salz
> < if (!RAND_file_name(randfname, 4096)) { "sizeof randfname" is better. __ OpenSSL Project http://www.openssl.org User Support Mailing List

Using BSAFE..

2000-06-23 Thread Mohan Gummalam
I would like to incorporate BSAFE in openssl. I am trying to look for any documentation that explains modifications that may be necessary to be made to the "Configure" script to use BSAFE instead of RSAref. If there isnt any straight forward way, then do I need to write some C code to glue BSAFE

Error when running make and make test

2000-06-23 Thread David Litke
Hi all, I am sending this message because I was trying to install openssl on a redhat 6.1 box and it came up with an error while running make. Immediately below is a copy of the text output from running the ./config -t command in the openssl-0.9.4 directory. Below that is most of the text outpu

40-bit key generation

2000-06-23 Thread Gaetano Della Rocca
Hello, could you please help me telling how to generate a 40-bit key? Thanks a lot in advance Gaetano __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAI

RE: Cipher question...

2000-06-23 Thread Bill Rebey
This has all been incredibly helpful, and I've been trying to read up on this matter. I'm finding radioactive isotope counters, FM static samplers, thermal noise samplers, etc. Lots of cool hardware solutions. I need a software solution, though, and they seem quite elusive. The obvious questio

Re: seed

2000-06-23 Thread Albert Serra
Sorry, but I haven't understood this code, where I have to use, in the server? and is it only to detect the problem or to solve it?   "Wade L. Scholine" wrote: $ diff cli.c cli.c~ 28d27 < 38c37 < char buf [4096], randfname[4096]; --- > char buf [4096]; 63,71c62 < < if (!RAND_file_name(randfname,

RE: Cipher question...

2000-06-23 Thread Bill Rebey
Greg, Thanks so much for the help - I learn just a tad with every message on this thread, and I truly do appreciate the help. Like Lenny noted, it's pretty important that I get this right, as I'm dealing with healthcare data. I tried a simple test to experiment with the code you sent me, and t

Re: SSL_CTX_use_PrivateKey_file() problem

2000-06-23 Thread Dr Stephen Henson
[EMAIL PROTECTED] wrote: > > > Now all I have to do is to find a way to place the correct salt into > the function. Because of this error message: > "474:error:06065064:digital envelope routines:EVP_DecryptFinal:bad > decrypt:.\cryp > to\evp\evp_enc.c:243:" > > This seems not to be doing the tr

Re: SSL_CTX_use_PrivateKey_file() problem

2000-06-23 Thread raggi
Thank you for your quick response Dr. Henson. I thought to myself: "but I've done that!,  although I call the SSLeay_add_ssl_algorithms() but it's now defined as OpenSSL_add_all_algorithms()... no wait a minute... it defined as OpenSSL_add_ssl_algorithms()". Well, a stupid mistake on my behalf.

Re: SSL_CTX_use_PrivateKey_file() problem

2000-06-23 Thread Dr Stephen Henson
[EMAIL PROTECTED] wrote: > > Hello everybody > > I am new to working with openssl so this may seem like a stupid > question, but I just can't seem to get past this problem. > > The error that I am getting is: > 425:error:06074079:digital envelope > routines:EVP_PBE_CipherInit:unknown pbe > algo

Re: I am starting to wonder if it works at all.

2000-06-23 Thread Dr Stephen Henson
Scott Pasnikowsiki wrote: > > > Be that as it may, it still does not work. Without a -rand param for req, > the win32 > side won't gen a cert. (or am I incorrect ?) It gives PRNG not seeded. > Even if I give it the key > that was created with gendsa. The thought was to not generate a key with

SSL_CTX_use_PrivateKey_file() problem

2000-06-23 Thread raggi
Hello everybody I am new to working with openssl so this may seem like a stupid question, but I just can't seem to get past this problem. I have a java server that uses the JCSI library from DTSC in Australia and implements my certificates and keys with PBEandMD5andDES algorithm, PKCS#8 format

Re: libcrypto: Saving sensitive data on an Internet-connected computer.

2000-06-23 Thread Vadim Fedukovich
On Thu, Jun 22, 2000 at 11:55:12PM -0400, Steve Sobol wrote: > ... > I am most worried about people being able to get access to the > database in the event root is compromised. (This is a Linux box that I > am > dealing with). After I sent my original question, I decided that the > only > safe wa

Re: embedded key?

2000-06-23 Thread Robert Sandilands
Yes it is possible. A combination of "openssl x509 -C" and the following code may help: x509key::x509key( UCHAR *d, long len, int pk ) { /* This takes a ASN1 string so that the keys can be imbeded in the code */ UCHAR *p; int result; installed=0; public_key=NULL; private_key=NULL; file_nam

Certificate renewal

2000-06-23 Thread Radovan Semancik
Hi! Maybe this is FAQ or even OT, but anyway: How is certificate renewal done? I mean the case, that user's certificate expired and she wants a new one. User sends a new CSR? How does CA handle it? And how about serial number, I don't think it will be the same for expired and renewed certificat