On Mon, 31 Mar 2003 07:36:38 GMT, Jean Pierre Cognasse wrote:
The test is between the first called SSL_Write to when SSL_Read
returned
the last byte
And you sent all the data in a single call to SSL_Write?
--
David Schwartz
[EMAIL PROTECTED]
Yes
Jp
That sounds to me like a possible
Dear all,
I'm experimenting with openssl and I havethe
following problem at hand:
I have this file which used sha1 hash algorithm to
obtain it's message digest, and subsequently the digestwas encrypted
(signed)using RSA algorithm with a private key from a X.509
certificate.
Now, I have
Howard Chan [EMAIL PROTECTED] writes:
I have this file which used sha1 hash algorithm to obtain it's message
digest, and subsequently the digest was encrypted (signed) using RSA
algorithm with a private key from a X.509 certificate.
i don't think you can get a private key from an X509
hi,
everytime i send a message to the list i'm getting a mail notification
about delivery problems to GregH at ceoworkz dot com.
is that normal?
regards,
aleix
__
OpenSSL Project
On Tue, Apr 01, 2003, Avinash Agarwal wrote:
Hello all,
I have a server implemented using openssl libs and a client which is
implemented using RSA libs.
The handshake is failing and I get the following errors
on the client :
- Certificate chain didn't validate:
- Original Message -
From: Dr. Stephen Henson [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, March 31, 2003 7:52 PM
Subject: Re: X509_STORE and X509_verify performance
On Mon, Mar 31, 2003, Chris Jarshant wrote:
I generated 1000 test self-signed CA certs, and wrote
a small
Can anyone point me to source or give me instructions on how I
can verify a Java generated signature? I can create a signature
and verify it using pure openssl calls but anything coming from
the Java side looks like the bytes are all screwed up. Do I have
to do something special to massage the
Um...are you using the exact same algorithm on both side? What about
padding schemes? Can you give more details?
I think as long as the algorithm is totally the same, it shouldn't matter
if it is Java generated or openssl generated.
Michelle
On Tue, 1 Apr 2003, Sly Upah wrote:
Can anyone
MD5withRSA on the java side to generate the sig which verifies correctly with Java
code. On the C side:
#include stdio.h
#include openssl/rsa.h
#include openssl/evp.h
#include openssl/objects.h
#include openssl/bio.h
#include openssl/x509.h
#include openssl/err.h
#include openssl/pem.h
looks like the two security advisoris are already in the source that I
downloaded today (4/1/03) from the website.
Because my patch command asked if I wanted to revert it, so I cancelled the
patches
Can someone confirm this as well, thanks
Filip
Well in the short term some kind of evil hack will be needed by an
application. This would involve messing around with the internals of the
X509_STORE and normally you shouldn't go near those. However in this case
you
haven't got any choice.
In outline you'd create an X509_OBJECT for each
On Tue, Apr 01, 2003, Chris Jarshant wrote:
Well... do what you need to do. I'm going with the evil short-term
hack cause the alternative is our user base sitting their twiddling
their thumbs looking up the number of the sales guy that sold them
crappy app that hangs for 10 minutes :-)
Aleix,
Well what I meant was a private key from a .p12 filenot a cert.
Apologies.
What about using the openssl commands? ie. x509, rsautl, dgst, etc. Can I
do all that I specified below strictly using those openssl commands? If so,
how?
Thank you very much.
- HC
- Original Message
13 matches
Mail list logo