verifying passphrase..

Hi, I generate pkcs#8 certificates and private keys ancrypted with passphrase. But am unable to get the method that uses this passphrase which helps to decrypt the encrypted key. I need to know b'coz in my implementation I have file containing encrypted keys, and so I want to implement somethi

Re: Changes for US users?

From: "Erik Petersen" <[EMAIL PROTECTED]> erikj> Now that RSA is public domain, are there any other changes other than erikj> recompile without the rsaref parameter and create new certs? Unless you want to make them stronger, what's the reason to create new certs? Note: I know nothing about RSA

Changes for US users?

Now that RSA is public domain, are there any other changes other than recompile without the rsaref parameter and create new certs? Thanks in advance, > Erik Petersen > Chief Integration Architect > SWS Integration, L.L.C. > [EMAIL PROTECTED] > [EMAIL PROTECTED] (text messaging) > (425)881-3332

Re: SOLARIS 8 GCC 2.95.2 ld: fatal: file values-Xa.o

Sorry.The true page is http://www.sunfreeware.com/faq.html Question is Q5. -Original Message- From: Pablo J. Royo <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] <[EMAIL PROTECTED]> Date: martes 19 de septiembre de 2000 17:30 Subject: Re: SOLARIS 8 GCC 2.95.2 ld: fatal: file values-Xa.o >Se

RE: WAP compatible cert HOWTO?

Erik You can't create WAP certificates with OpenSSL up to now. You can download your personal WAP certificate for free from www.freecerts.com. Write a short mail to my personal account if you are interested in details. Regards Rene -- Rene G. Eberhard <[EMAIL PROTECTED]> keyon Herrenberg 35,

Re: ssl on palm

At 04:11 PM 9/19/00 +0200, [EMAIL PROTECTED] wrote: >Laurence, > > > A lot of people will tell you that RSA is too slow for the Palm. Don't > > believe them! It's a little slow, but entirely viable especially with > > session resumption. > > > > Client-side SSL authentication IS however too slow w

Re: Compilation Problem on True64 V4.0f(!)

Richard Levitte - VMS Whacker wrote: > > From: Achim Spangler <[EMAIL PROTECTED]> > > spangler> The error message is as follows: > spangler> cc -I.. -I../../include -std1 -tune host -O4 -readonly_strings -c > spangler> bss_fd.c > spangler> cc: Error: /usr/include/sys/signal.h, line 486: In the d

Re: SOLARIS 8 GCC 2.95.2 ld: fatal: file values-Xa.o

See the Solaris2 FAQ, question five Q5 at http://www.wins.uva.nl/pub/solaris/solaris2/ -Original Message- From: Castellanos, Leon <[EMAIL PROTECTED]> To: '[EMAIL PROTECTED]' <[EMAIL PROTECTED]> Date: martes 19 de septiembre de 2000 17:15 Subject: SOLARIS 8 GCC 2.95.2 ld: fatal: file val

Re: IRIX 6.5 Compile/run Problem

From: Vern Yoneyama <[EMAIL PROTECTED]> yoneyama> I'm having major problems building OpenSSL 0.9.6 beta2 working yoneyama> executables. Platform: IRIX 6.5.5, using gcc 2.95.2 19991024, with yoneyama> RSAref 2.0. Have you tried without RSAref? yoneyama> After building the RSAref library, her

There will be a third beta...

There are four platforms where we've seen problems with 0.9.6-beta2: HP-UX (wasn't very big, but still), Irix (also a small one), Win32 (big time!) and VMS (the output problem). Most of them have been fixed, at least in theory (you who've reported the problems, have you checked the latest snapsho

SOLARIS 8 GCC 2.95.2 ld: fatal: file values-Xa.o

Anyone know how to fix this? The file exists but it doesn't seem to like it making all in apps... rm -f openssl gcc -o openssl -DMONOLITH -I../include -DTHREADS -D_REENTRANT -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC -DMD5_ASM openssl.o verify.o asn1pars.o

IRIX 6.5 Compile/run Problem

I'm having major problems building OpenSSL 0.9.6 beta2 working executables. Platform: IRIX 6.5.5, using gcc 2.95.2 19991024, with RSAref 2.0. After building the RSAref library, here's how I config OpenSSL: sh config -L`pwd`/../rsaref-2.0/local/rsaref \ threads -D_REENTRANT -fPIC The bui

Re: Compilation Problem on True64 V4.0f(!)

From: Achim Spangler <[EMAIL PROTECTED]> spangler> The error message is as follows: spangler> cc -I.. -I../../include -std1 -tune host -O4 -readonly_strings -c spangler> bss_fd.c spangler> cc: Error: /usr/include/sys/signal.h, line 486: In the declaration of spangler> "__P_C", a function cannot r

Re: Compilation Problem on True64 V4.0f(!)

Richard Levitte - VMS Whacker schrieb: > > From: Achim Spangler <[EMAIL PROTECTED]> > > spangler> > spangler> #if defined(_POSIX_C_SOURCE) \ > spangler> && (_POSIX_C_SOURCE >= 199506L) \ > spangler> && !defined(_V40_OBJ_COMPAT) > spangler> # ifdef __DECC > spangler>

Re: ssl on palm

Laurence, > A lot of people will tell you that RSA is too slow for the Palm. Don't > believe them! It's a little slow, but entirely viable especially with > session resumption. > > Client-side SSL authentication IS however too slow without something like > ECC and/or proxy assists. Do you

Re: Compilation Problem on True64 V4.0f(!)

From: Achim Spangler <[EMAIL PROTECTED]> spangler> spangler> #if defined(_POSIX_C_SOURCE) \ spangler> && (_POSIX_C_SOURCE >= 199506L) \ spangler> && !defined(_V40_OBJ_COMPAT) spangler> # ifdef __DECC spangler> # pragma extern_prefix "_P" spangler> # else spangler> #

Compilation Problem on True64 V4.0f(!)

Hi, compiling openssl 0.9.6 or 0.9.5a on a True64 V4.0f (f is important) DEC Alpha 3000/300 fails, because of some problems with signal.h . The compiler complains during compilation of crypto/bio/bss_fd.c about line 486 in /usr/include/sys/signal.h If I use signal.h of version V4.0e, everything

Re: How is Authority Key Identifier generated with openssl?

Sebastiano Di Paola wrote: > > Dr S N Henson wrote: > > > Sebastiano Di Paola wrote: > > > > > > Hi all, > > > well this could seem a stupid question, > > > I would like to know if there is a function provided with openssl to > > > generate the x.509v3 extension > > > Authority Key Identifier.

Re: converting raw signature to PKCS#7 format

Marco Donati wrote: > > > The usual way to do this kind of thing is to write your own RSA_METHOD > > to hand over the signing operation (which will probably be > > RSA_private_encrypt() ) to the smart card, then place the result in an > > EVP_PKEY structure. > > What this ultimately does it calls

Re: howto: set extensions for root certificate

Markus Wagner wrote: > > Hi, > > when signing new certificates with openssl ca one can use the -config > option to specify which CA and options to use. > > But when creating a self signed root certificate there is no such > option. There is an equivalent option. The normal way to create a self

Re: bandwidth requirements of SSL

On Tue, Sep 19, 2000 at 03:00:28AM -0700, David Schwartz wrote: > While I do agree that any encryption algorithm worth using should be able > to withstand a known plaintext, I disagree that randomizing the plaintext is > not valuable. For one thing, it's nobody's business exactly how many by

openssl for NT

Hi, Please where can i find openssl for Windows NT. I only have Linux version. Thanks in advance. Elisee. __ OpenSSL Project http://www.openssl.org User Support M

Re: bandwidth requirements of SSL

"David Schwartz" <[EMAIL PROTECTED]> writes: > to withstand a known plaintext, I disagree that randomizing the plaintext is > not valuable. For one thing, it's nobody's business exactly how many bytes > your HTTP request is. This is why SSL allows variable length padding, up to 255 bytes. > I als

Open-SSL and PKCS11

> Some smartcards receive the data and put them in > a PKCS#1 structure before signing them (but they > put the Sha1 Identifier in the > DigestAlgorithmIdentifier field). > This signatures are well verified by Open-SSL > if I put them into a signed PKCS#7 and push a > Sha1 algorithm identifier int

RE: bandwidth requirements of SSL

> "David Schwartz" <[EMAIL PROTECTED]> writes: > > Speaking of which, does anyone know why SSL doesn't support any > > compression? Not only would it save bandwidth, but it seems to > > me that it > > would improve the strength of the encryption by randomizing the > > 'plaintext'. > It does s

Creating IIS 4.0 .key files with OpenSSL

I'll make it short: Can I create the IIS 4.0 .key backup files from a certificate and a corresponding private key with OpenSSL? If it it's possible, how can it be done? Does anybody know how this .key file is encoded (PKCS #x, something else)? Thank you, Thomas Christmann NT-Systemprogrammier

howto: set extensions for root certificate

Hi, when signing new certificates with openssl ca one can use the -config option to specify which CA and options to use. But when creating a self signed root certificate there is no such option. So how can I specify the attributes of the self signed root certificate. Especially: Howto generate

RE: WAP compatible cert HOWTO?

Hi Erik, I am sorry, I don't know answer on your question but this problem is very interesting to me too. Please, if you will get reply on the question, let me know. Regards Yuriy Stul, Tashilon Ltd., Core Technology Division Manager > -O

Re: openssl engine version beta2 compilation problems

I've had the same problem and discovered the following patch: http://marc.theaimsgroup.com/?l=openssl-dev&m=96923042325868&w=2 The functions are loaded dynamically, so it is necessary to check whether they loaded or not (or your executable will crash on all machines which don't provide the NetSt

Generating Certs on the fly

Hi ! Im writting a client/server application, using C++, the server follows a multithread model, and I want to generate new certificates for each new client that connects with my server. The client runs perfect, but I have problems with my server. I want to create the ce

Re: How is Authority Key Identifier generated with openssl?

Dr S N Henson wrote: > Sebastiano Di Paola wrote: > > > > Hi all, > > well this could seem a stupid question, > > I would like to know if there is a function provided with openssl to > > generate the x.509v3 extension > > Authority Key Identifier. > > I read rfc2459 to know how to calculate it: >

RE: converting raw signature to PKCS#7 format

> The usual way to do this kind of thing is to write your own RSA_METHOD > to hand over the signing operation (which will probably be > RSA_private_encrypt() ) to the smart card, then place the result in an > EVP_PKEY structure. > What this ultimately does it calls application supplied functions w