Hi All!
I'm looking for the sample how I can bind two applications. First uses openssl
smime -sign -binary -signer FILE_CERT -inkey FILE_KEY -outform DER
-nodetach -noattr -nocerts commant to sign message (it written in PHP and
already works). Second written in Java. I'm developing the second
Hi,
I'm trying to devellop an app which should be able to verify if a
certificate might be trusted.
I have a directory where I store CA root certificates. I want my app to
check if a certificate is signed by the mentioned CA on the ISSUER
field. In order to do this, it might look on this
Hi
Thank for your help. I learn a new thing every day.
I really do not know there is a different between SERVER cert and
Client cert. If I am have a self sign CA certificate, what is the
different in option in openssl command which allow me to generate
Server cert signed by my CA and Client
--On Donnerstag, Juli 05, 2007 14:55:59 +0200 Florian MANACH [EMAIL PROTECTED]
wrote:
I have a directory where I store CA root certificates. I want my app to
check if a certificate is signed by the mentioned CA on the ISSUER field.
In order to do this, it might look on this directory and
No, I didn't even know that function.
What does it do ?
--
Florian Manach
NUMLOG
[EMAIL PROTECTED]
(+33)0130791616
Goetz Babin-Ebell a écrit :
--On Donnerstag, Juli 05, 2007 14:55:59 +0200 Florian MANACH
[EMAIL PROTECTED] wrote:
I have a directory where I store CA root certificates. I
Hello Florian,
--On Donnerstag, Juli 05, 2007 17:59:01 +0200 Florian MANACH [EMAIL PROTECTED]
wrote:
No, I didn't even know that function.
What does it do ?
It loads all certificate files (and CRL files) in the directory
and generates a short 4 byte hash from the common name of the cert.
Hello,
I'm using openssl in some software I'm writing, and so far I've
extracted a private rsa key from a pem file, hashed some text using
sha1, and then called RSA_sign to sign the hash.
Now I have this binary blob for a signature. But what I'm after is
to put the text and the signature
Radix-64 - if you want the PGP/GPG stuff.
See: http://en.wikipedia.org/wiki/Binary_to_text_encoding
-Original Message-
From: [EMAIL PROTECTED] [mailto:owner-openssl-
[EMAIL PROTECTED] On Behalf Of Jeremiah Martell
Sent: Thursday, July 05, 2007 12:02 PM
To: openssl-users@openssl.org
So just base64 encode the signature, and that's all?
From what I could tell from some examples, it looked like they had
more than one thing encoded. There was one base64 blob, but then a
3-4 character base64 encoding right after.
Rough example...
--begin something--
Hash: Sha1
this is my
You've been very helpful Jim.
I grabbed Network Security with OpenSSL on Safari and have been
reading the relevant sections. If I understand correctly, to read an
external file, decrypt it using an internal private key and write the
decrypted out to internal data, I would do:
void fn(char
I grabbed Network Security with OpenSSL on Safari and have been
reading the relevant sections.
That's a useful book.
If I understand correctly, to read an
external file, decrypt it using an internal private key and write the
decrypted out to internal data, I would do:
Is your file
Hi,
According to my understanding on OpenSSL FIPS module security policy, RSA
public-key encryption scheme is not approved algorithm in the module. However,
in OpenSSL FIPS module source code, I saw the API like
RSA_eay_public_encrypt(). Could someone shed a light on this?
Thanks
Raymond
Jim,
Yes, my data is less than 128 bytes. I ran across that when I was
doing my original research and saw the approach you recommend for
larger files.
So for a small file, do I have the methodology correct?
Thanks!
On 7/5/07, Jim Fox [EMAIL PROTECTED] wrote:
I grabbed Network Security
Hi, cmose,
The KeyStoreBuilder utility in not-yet-commons-ssl can probably
create a java keystore file for you. Take a look at this java
library:
http://juliusdavies.ca/commons-ssl/download.html
The KeyStoreBuilder in particular is documented here:
Hello,
According to my understanding on OpenSSL FIPS module security
policy, RSA public-key encryption scheme is not approved algorithm in
the module. However, in OpenSSL FIPS module source code, I saw the API
like RSA_eay_public_encrypt(). Could someone shed a light on this?
Look at:
Yes, my data is less than 128 bytes. I ran across that when I was
doing my original research and saw the approach you recommend for
larger files.
So for a small file, do I have the methodology correct?
Yes. Didn't try the code, but it's the right approach.
Jim
Jim,
Thanks again for pointing in the right direction! I really appreciate the help!!
On 7/5/07, Jim Fox [EMAIL PROTECTED] wrote:
Yes, my data is less than 128 bytes. I ran across that when I was
doing my original research and saw the approach you recommend for
larger files.
So for a
Marek,
Thanks for your reply.
That page in security policy, 17 18, is really what I'm referring to.
Based on that I drew a conclusion that RSA public-key encyrption is not
approvied algorithms in the OpenSSL FIPS module. However in the FIPS source
code in /fips-1.0/rsa/fips_rsa_eay.c ,
I donot want to receive anything about yours.
Thanks very much!
Jeremiah Martell [EMAIL PROTECTED] 写道:
So just base64 encode the signature, and that's all?
From what I could tell from some examples, it looked like they had
more than one thing encoded. There was one base64 blob, but then a
Raymond: It is possible that the functions you are referring to may be
required to support RSA (key wrapping; key establishment) methodology as
described on page 19 of the Security Policy.
You also have to take into consideration that all algorithms are
supported in the code, but certain
Hi all,
Did anyone try to set some custom information in certificate? For
example, if I want to set a simple string, This is my proxy, in
certificate, what shall I do? Can it be implemented
by standard openssl command?
I tried to set the custom information in extension section, however it
did
21 matches
Mail list logo
