Hello All,
I
am very new to this group. Looking for help from this expert group.
Will the DER encoded PKCS #7 signed
data matches with the DER encoded CMS signed data?
If not, can you please explain the reason?
Thanking you
Madhu
Hello All,
RESTRICTIONS
There is no option to print out all the fields of a
PKCS#7 file.
This PKCS#7 routines only understand PKCS#7 v 1.5 as
specified in RFC2315 they cannot currently parse, for example, the new CMS as
described in RFC2630.
Above lines are
I was wondering if openssl-0.9.8 is going to be API/ABI compatible
with the current stable branch of openssl-0.9.7
I think keeping API/ABI compatible is a good idea and makes programmer
and users life easier.
Anyway, if you are not going to keep API/ABI compatibility in
openssl-0.9.8 with 0.9.7
Hello there,
I have a signature signed using FireFox browser and want to verify the
signature using OpenSSL.
The signature seems to be in PEM format (i.e. base 64 encoded).
I can see the certificates that were used in the signature using:
openssl pkcs7 -print_certs -noout -in signature.pk7
Dear madhu,
Have you worked at Disc Technology
Services Private Limited previously. Just got confused
by the name. Please don't mind.
Regards,
Suchi
__
Do you Yahoo!?
Yahoo! Small Business - Try
On 2005.05.24 at 11:14:08 +0100, Chris Covell wrote:
But if I try and verify the signature using (as described in the
OpenSSL command line manual):
openssl smime -verify -inform PEM -in signature.pk7 -signer
signer_pub.key -certfile certs.pem -content content
I get the message:
Hi,
I have written an app that encrypts pages on a web server, and a module to
decrypt them. The cipher routines are in a number of c++ classes compiled
into a library used by other apps, and they appear to work correctly when
invoked from the command line. However, when running the apache
I found the manual page but when I try to use the command openssl
asn1parse -genstr ... the system answers me with unknown option
-genstr !!
How is it possible? bad insatallation?
bye
pana
2005/5/20, Dr. Stephen Henson [EMAIL PROTECTED]:
On Thu, May 19, 2005, pana wrote:
Hi,
I don't know
Hi !
Currently I'm searching for a way to sign a pdf file. All work that builds
the signature part in the pdf file is done. Now I stuck on the signature
part and I'm searching for the right tool for me. Let me explain my problem:
I hava a prepared pdf-file that only includes the data which have
Victor, many thanks, I have got a bit further !
I am sure I am nearly there, can anyone help me please ?
It asks for local (i.e. trusted) certificate of security authority,
who've issued (i.e. signed) signer's certificate.
Either provide path to the place where your trusted certificates
I have an app that communicates over the Internet. I'm using the
libeay32.dll for encryption. As we all know from WEP, using encryption
doesn't mean its secure. Can you take a min. at look at how I've
implemented this and tell me if its secure? Thanks!
The user has a fixed 8 character
Steven Bade wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ken Goldman wrote:
| Referring to http://www.openssl.org/docs/crypto/threads.html
|
| 1
|
| id_function(void) is a function that returns a thread ID. It is not
| needed on Windows nor on platforms where getpid() returns a
Hi all,
I have a doubt regarding EMSA-PKCS1-v1_5 usage in OpenSSL.
My requirement is that I want to sign some data using a specific Hash
Algorithm (SHA1).
For this Iam trying to do the following steps instead of calling rsa_sign()
function directly.
1. Calculate SHA1 Hash on the data to be
On Tue, May 24, 2005, dan wrote:
Nauman Akbar wrote:
Dear Users
I am having this problem for a long time. Initially I thought it was an
issue with configuration of multi-threading but the problem seems to
remain with multi-threading removed.
I have developed a simple ssl
On Tue, May 24, 2005, pana wrote:
I found the manual page but when I try to use the command openssl
asn1parse -genstr ... the system answers me with unknown option
-genstr !!
How is it possible? bad insatallation?
Are you still calling the old version of OpenSSL? Check with:
openssl
Hello All,
I am using OpenSSL version 0.9.8 beta. I built this version successfully in
HPUX.
While using the engine command I am able to load all the
engines except libgmp.so
1. openssl engine - dynamic -pre
SO_PATH:/usr/lib/engines/lib4758_cca.so -pre LOAD(dynamic) Dynamic
engine
On Tue, May 24, 2005, Madhu Sudhan Reddy wrote:
Is there any support for RFC2630 now in OpenSSL?
Your comment on this will be greatly appreciated.
No, OpenSSL doesn't support S/MIME v3 at present. Interest has been expressed
from time to time but so far no one has been prepared to fund
Hi,
My current System is:
OS:
Windows
XP SP2
Compiler:
MSVC++ 6 SP5
OpenSSL:
0.9.7e 25 Oct 2004
I am new to SSL and am currently converting
our application's communication layer over to used SSL. For the time
being I do not want to go through an
official CA to get a
Hi,
I'm trying to create a certificate for a test with qpopper on sslwrap. I'd
appreciate any advice.
I used this command to create a certificate for sslwrap.
(A) openssl req new -x509 -nodes -out my.pem -keyout my.pem -days 365.
It works OK. Now, we have a certificate from Thawte
On Tue, May 24, 2005, Ben Kim wrote:
Hi,
I'm trying to create a certificate for a test with qpopper on sslwrap. I'd
appreciate any advice.
I used this command to create a certificate for sslwrap.
(A) openssl req new -x509 -nodes -out my.pem -keyout my.pem -days 365.
It works
On Tue, 24 May 2005, Dr. Stephen Henson wrote:
If you don't get an error you just configure it to use my.crt and
my.nopass.key, or concatenate the two and just point it at that one file.
Thanks greatly. It solved my problem.
Regards,
Ben Kim
Developer
College of Education
Texas AM University
From: [EMAIL PROTECTED]
Date: Tue, 24 May 2005 09:24:19 -0700
I am new to SSL and am currently converting our application's
communication layer over to used SSL. For the time
being I do not want to go through an official CA to get a signed
certificate so I am currently generating my
prakash babu wrote:
Hello All,
I am using OpenSSL version 0.9.8 beta. I built this
version successfully in HPUX.
While using the engine command I am able to load *all the engines*
except *libgmp.so*
*1. openssl engine - dynamic -pre
Suram Chandra Sekhar wrote:
Hi all,
I have a doubt regarding EMSA-PKCS1-v1_5 usage in OpenSSL.
My requirement is that I want to sign some data using a specific Hash
Algorithm (SHA1).
For this Iam trying to do the following steps instead of calling
rsa_sign() function directly.
1.
Date: Tue, 24 May 2005 22:46:57 +0200
From: Nils Larsch [EMAIL PROTECTED]
Suram Chandra Sekhar wrote:
Hi all,
I have a doubt regarding EMSA-PKCS1-v1_5 usage in OpenSSL.
My requirement is that I want to sign some data using a specific Hash
Algorithm (SHA1).
For this Iam trying
Ken Goldman wrote:
...
RSA_private_encrypt adds only the 0x00 || 0x01 || PS || 0x00 padding
(if padding == RSA_PKCS1_PADDING). If you want to let openssl do the
whole encoding/padding use RSA_sign or if you want to create the T
value manually you need to use i2d_X509_SIG, see RSA_sign.
Dr Stephen,
I want to map recv(fd, buffer, SEGMENT_LEN, MSG_PEEK)
to some kind of SSL_read.
MSG_PEEK
This flag causes the receive operation
to return data from the
beginning of the receive queue without
removing that data from
the queue. Thus, a
Dr Stephen,
I want to map recv(fd, buffer, SEGMENT_LEN, MSG_PEEK)
to some kind of SSL_read.
MSG_PEEK
This flag causes the receive operation
to return data from the
beginning of the receive queue without
removing that data from
the queue.
Ken, think of it this way:
1. To send a message for only a specific person to read you want to make it
decryptable with their private key, thus encrypting with their public key.
2. For a signature, the world needs to be able to verify it, so it needs to
be decryptable with the public key, and thus
Adding to David's response...
MSG_PEEK is problematic on some systems. On Windows for example (maybe only
the 9x series, but a problem none-the-less) using MSG_PEEK will effectively
freeze the contents of the buffered data that can be seen with MSG_PEEK,
meaning that any further peeks will not
Adding to David's response...
MSG_PEEK is problematic on some systems. On Windows for example
(maybe only
the 9x series, but a problem none-the-less) using MSG_PEEK will
effectively
freeze the contents of the buffered data that can be seen with MSG_PEEK,
meaning that any further peeks
31 matches
Mail list logo
