[EMAIL PROTECTED] wrote:
Hi Team,
Is there any API available in OPENSSL to convert the DER formatted file
to Base64 formatted file? Please let me know your thoughts. Thank you.
have a look at what "openssl base64 ..." does (or "openssl enc -base64 ...").
Cheers,
Nils
The example is helpful, but it isn't clear to me when/how the DTLS
session is established. In the _read function it appears that the
session may be setup either during BIO_dgram_set_peer or SSL_set_bio.
Furthermore, it seems that the DTLS clienthello datagram is now sitting
in the memory buffer
Hagai,
From my research I found that there are some known CA that use exponent of 3 (and some hardware implementation that use that as default).
About your ca, if you know that all your components (browsers and/or applications) that will be involved will have good PKCS#1 implementation, then you
Marek Marcola wrote:
> Hello,
>> I have read the advisory an I am a bit puzzled regarding the there are
>> CAs using exponent 3 in wide use comment, I have tried to check and
>> could not found any CA using this exponent, all the CA’s I have seen
>> are using 0x10001 (CA’s I have generate by OpenSS
Using Cygwin I am trying to build 0.9.7k with shared libraries:
$ ./config --prefix=/tmp/bob shared
$ make depend
$ make test
The above completes no problem but when I do the 'make install' I get
the followng errors:
[snip]
installing libcrypto.dll.a
cp: cannot stat `cygcrypto-0.9.7.dll.a': No s
Bernhard Froehlich wrote:
> David Irvine wrote:
> [...]
>> Many thanks for replying - your right I am a bit off topic (and I hope I
>> don't need a surgeon for being so ;-) ) but I suppose it is slightly
>> related to the securing of info.
> Yes, I'll reply on the list till someone complains.
>> I
There is one more problem with attributes and official CA's. If you are your
own CA, it makes a big difference (less trust around in the world - but you
can enforce any attribute verification policy that you choose yo).
Atttributes are added at the time of certification (good - so they can't be
ma
Hi,
how is PFX to PEM converting done?
I know of the command
openssl --pkcs12 --in foo.pfx --out foo.pem
but what is done internally? Just converting to base64?
Thanks for hints.
--sk
__
OpenSSL Project
Hi !
I'm trying to include attributes/fields in a signed certificate.
I've first issued a CSR with some extra attributes in it, here's what the CSR
looks like with openssl req -in test.csr -text -noout :
Certificate Request:
Data:
Version: 0 (0x0)
Subject: O=TEST, OU=Support
On Wed, Sep 06, 2006, Hagai Yaffe wrote:
>
> I have read the advisory an I am a bit puzzled regarding the there are
> CAs using exponent 3 in wide use comment, I have tried to check and
> could not found any CA using this exponent, all the CA's I have seen are
> using 0x10001 (CA's I have generat
V, Bharath (Bharath) wrote:
I
am using keytool command to generate the certificates, currently i am
using RSA algorithm.
We
are planning to change this to AES, does Open SSL support AES?
If
yes can i use it with keytool command.
RSA is an asymmetric algorithm, which is used to es
> I am using keytool command to generate the certificates, currently i
> am using RSA algorithm.
> We are planning to change this to AES
You can't do that. (Well, actually, you can, but it means that anyone who
can verify the certificate can also generate their own counterfeit that is
impossibl
Hello, I want to implement my own certificate storage.
But I can't find information about the OpenSSL X509 and the X509_STORE
object. But this is need to "feed" OpenSSL with the certs and key's of
my Certificate storage.
Have anybody some documentatoion about these object's?
Thanks.
smime.p7s
D
This release fixes an important security vulnerability which could
allow RSA Signature Forgery, CVE-2006-4339. Please see
http://www.openssl.org/news/secadv_20060905.txt
I could see the patch available in the location
http://www.openssl.org/news/patch-CVE-2006-4339.txt is been updated wi
Thank you very much for the quick reply.
Regards,
Jaya.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola
Sent: Wednesday, September 06, 2006 3:31 PM
To: openssl-users@openssl.org
Subject: RE: Aes-256 /testing of AES_cbc_encrypt
Hello,
>
>
Hi Team,
Is there any API available in OPENSSL to convert the DER formatted file
to Base64 formatted file? Please let me know your thoughts. Thank you.
-Suren
The information contained in this electronic message and any attachments to
this message are intended for the exclusive use of the a
Hello,
> I have read the advisory an I am a bit puzzled regarding the there are
> CAs using exponent 3 in wide use comment, I have tried to check and
> could not found any CA using this exponent, all the CA’s I have seen
> are using 0x10001 (CA’s I have generate by OpenSSL using default
> values, w
Hi,
I have to retrieve data from a client certificate (on a smart card)
My code:
$cert = openssl_x509_parse($_SERVER['SSL_CLIENT_CERT']);
echo($cert['subject']['CN']);
if I run it in local it works, otherwise on remote server nothing is printed
out.
Any idea?
Thanks
--
View this message in cont
Hello,
>
> I went through FIPS-197 for AES. Now if I want to test
> void AES_cbc_encrypt(const unsigned char *in, unsigned
> char *out,
>const unsigned long length, const AES_KEY *key,
>unsigned char *ivec, const int enc) function.
>
Yes OpenSSL supports AES.
Regards,
Jaya
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of V, Bharath
(Bharath)Sent: Wednesday, September 06, 2006 3:08 PMTo:
'openssl-users@openssl.org'Subject: Query regarding AES support in
Open SSL
Hi,
I am using keytool
command to ge
Hi,
I am using keytool
command to generate the certificates, currently i am using RSA
algorithm.
We are planning to
change this to AES, does Open SSL support AES?
If yes can i use it
with keytool command.
Thanks
Bharath
Hello,
I have read the advisory an I am a bit puzzled regarding the
there are CAs using exponent 3 in wide use
comment, I have tried to check and could not found any CA using this exponent, all
the CA’s I have seen are using 0x10001 (CA’s I have generate by OpenSSL using
default values,
Hi Team,
I am seeing a problem with DER formatted file. I downloaded the DER
formatted file (crl file) using a standard http client application. But
I could not open that file and it is saying ""The file is invalid for
use as the following: Certificate Revocation List" while trying to open
it.
David Irvine wrote:
[...]
Many thanks for replying - your right I am a bit off topic (and I hope I
don't need a surgeon for being so ;-) ) but I suppose it is slightly
related to the securing of info.
Yes, I'll reply on the list till someone complains.
I think you are correct in your
assumptio
Hi,
I went through FIPS-197 for AES. Now if I want to test
void AES_cbc_encrypt(const unsigned char *in, unsigned
char *out,
const unsigned long length, const AES_KEY *key,
unsigned char *ivec, const int enc) function.
How
25 matches
Mail list logo
