Hi,
I have to check that a certificate is encrypted with RSA and not DSA. I
can't find any API function for that.
Please help me.
EVP_PKEY *pkey;
if ( (pkey = X509_get_pubkey(cert)) == NULL ){
goto err;
}
if (pkey-type == EVP_PKEY_RSA ){
// RSA
else if (pkey-type
On Sunday 14 May 2006 18:54 pm, sefi wrote:
If anyone knows a way how to load a certificate from a file and obtain
it's X509* I would be glad.
PEM_read_bio_X509()
Brad
pgp9HIS1bW880.pgp
Description: PGP signature
I'm working on a client-server system which now with the
gnu/linux-port gained tcp/ip sockets all over the services
which are not secured against unauthorized access yet.
the system can be deployed in a distributed configuration
where of course it is vital to secure access to the services.
with
On Sun, May 14, 2006 at 02:49:41PM +, gmu 2k6 wrote:
with the tcp/ip-listening services it will allow us to make use
of TLS in EDH mode but what is the best way when one
for performance reasons wants no encryption:
e1) DH with a shared secret?
e2) just tell admins to make sure they do
Hello All.
The s_client and s_server applications are able to do this with the
eNULL cipher suite (choosing NULL-SHA as the stronger of the two).
Thank you in advance.
Nisato
__
OpenSSL Project
On 5/14/06, Victor Duchovni [EMAIL PROTECTED] wrote:
On Sun, May 14, 2006 at 02:49:41PM +, gmu 2k6 wrote:
with the tcp/ip-listening services it will allow us to make use
of TLS in EDH mode but what is the best way when one
for performance reasons wants no encryption:
e1) DH with a
Hello,
Bulk encryption is generally fast enough (~50MB/s per CPU...) that you
saturate most network interfaces well before you run out of CPU. If you
have multiple Gigabyte interfaces, you can disable encryption (the eNULL
ciphersuite), but then you lose data-integrity
You lose data
On 5/14/06, Marek Marcola [EMAIL PROTECTED] wrote:
Hello,
Bulk encryption is generally fast enough (~50MB/s per CPU...) that you
saturate most network interfaces well before you run out of CPU. If you
have multiple Gigabyte interfaces, you can disable encryption (the eNULL
ciphersuite), but
Hello,
Bulk encryption is generally fast enough (~50MB/s per CPU...) that you
saturate most network interfaces well before you run out of CPU. If you
have multiple Gigabyte interfaces, you can disable encryption (the eNULL
ciphersuite), but then you lose data-integrity
You lose data
Each of the three guarantees that SSL/TLS can make -- authentication,
data secrecy, and message integrity -- are completely independent from
each other.
Authentication comes from having an X.509 certificate issued by a
trusted root that has not been revoked. (Or through other mechanism,
but
I put together a multi-way messaging system supporting over 2000
simultaneous persistent connections. During my initial design, I was
concerned that the encryption would become an issue, especially with
that many connections. So, we purchased some pretty burly hardware to
support the
With 2000 simultaneous connections, your limit would be the kernel,
not the encryption. :)
-Kyle H
On 5/14/06, Joseph Oreste Bruni [EMAIL PROTECTED] wrote:
I put together a multi-way messaging system supporting over 2000
simultaneous persistent connections. During my initial design, I was
I am trying to write a program that will access a mysql database across a
network. The data being transferred needs to be encrypted. The mysql
server supports openssl, but getting it to work has been problematic at
best, and the documentation I've found on openssl is so bad that it causes
On Sun, May 14, 2006 at 05:29:30PM -0700, Kyle Hamilton wrote:
as has been mentioned before, premature
optimization is the root of all evil. Write the code, determine the
bottlenecks with a profiler, and optimize them. Most of the time
you'll find the bottlenecks aren't in the SSL/TLS
On Sun, May 14, 2006 at 06:33:54PM -0700, jamesp81 (sent by Nabble.com) wrote:
I am trying to write a program that will access a mysql database across a
network. The data being transferred needs to be encrypted. The mysql
server supports openssl, but getting it to work has been problematic
15 matches
Mail list logo
