Hi,
I want to disable the compression (zlib) of openssl. I use debian. How can
I realised it? Are there any commands which I could use for?
br,
Thang
__
OpenSSL Project http://www.openssl.org
Hi All,
I am using ECDSA with 224 bit secp224r1 curve. But the signature I am
getting is of size 64bytes; shouldn't it be 56 bytes (r||s)? Also its
not 56bytes + 8bytes zero's padding. Please help me.
Thanks,
Kiran
__
OpenSSL
Hi Goetz,
I saw that it needs PEM format... but even if I convert the certs in
PEM, links are created but my app still returns an error on verification.
Thx again for your help.
--
Florian Manach
NUMLOG
[EMAIL PROTECTED]
(+33)0130791616
Goetz Babin-Ebell a écrit :
Hello Florian,
--On
Hi,
I have following questions regarding digest creation using openssl.
Would really appreciate if someone could please reply? We are using
OpenSSL 0.9.7a Feb 19 2003.
1. openssl dgst -sha1 xyz.tar.gz or openssl dgst -md5 xyz.tar.gz
creates a digest for xyz.tar.gz file. Can openssl
Hi,
Can any one give information about the application which uses epoll ET
instead of select for polling the underlying bio in SSL. As per the man
page, SSL_read() works based on the SSL/TLS records. The data are received
in records (with a maximum record size of 16kB for SSLv3/TLSv1). Only when
This has hit the list a couple of times and I seem to making great
progress thanks a lot to Jim. I believe I am now in the process of
compiling and I have one final compile issue left.
PEM_read_bio_RSAPrivateKey() returns a BIO *, not a EVP_PKEY *. So, I
am passing the wrong argument type when I
Hi all openssl gurus
I am a newbie here and I therefore may sound very stupid too :)
I am trying to use openssl for encryption using RSA algorithm.
I want to know whether I can use my own keys for doing this. If yes, then how ?
I created a file public.pem and stored my public key in this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL 0.9.7j on OpenBSD 4.0
1. Created a cert for host.domain1.tld (a mail server that houses
multiple virtual domains, but its real hostname is host.domain1.tld)
using the commands and config file listed below
2. Installed the root CA cert and
Hi All,
I developed an SSL-enabled web server. I'm firing up SSL on incoming
connections with SSL_accept().
Now, if someone connects to my webserver not using SSL, but sending the
GET ... without the SSL handshake, I get an SSL Error
(error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http
Hi all,
I am trying to create a common CA hierarchy like :
[root]
|
|-[CA1]
|
|[CA2]
For this I have got the [root] certificate generated through the openssl
command prompt.
The certificates for the rest in the hierarchy have the following basic
profiles,
Hi all,
I am trying to create a common CA hierarchy like :
[root]
|
|-[CA1]
|
|[CA2]
For this I have got the [root] certificate generated through the openssl
command prompt.
The certificates for the rest in the hierarchy have the following basic
profiles,
C K KIRAN-KNTX36 wrote:
Hi All,
Is there any crypto function similar to the below one,
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
for EC,
int EC_set_private_key(const unsigned char *userKey, const int bits,
EC_KEY *key);
int
-Original Message-
I developed an SSL-enabled web server. I'm firing up SSL on incoming
connections with SSL_accept().
Now, if someone connects to my webserver not using SSL, but sending the
GET ... without the SSL handshake, I get an SSL Error
(error:1407609C:SSL
But as per the behavior of the Edge triggered epoll,
the epoll_wait will raise event only if it receives a data
after putting this in the read event of epoll every time.
Does this affect the behavior of SSL_read / SSL_write. If any
one implements the server using epoll ET can you please let
There are right ways and there are easy ways. The easy way is to
non-destructively read the first character on the connection.
What is the right way?
Zack
On 7/10/07, David Schwartz [EMAIL PROTECTED] wrote:
-Original Message-
I developed an SSL-enabled web server. I'm firing up
David,
Perfect - thanks!
Peeking at the first byte with recv(sock, buffer, 1, MSG_PEEK) works :-)
I'm not very familiar with the SSL handshake. What are the chances of a G
or P being the first byte of the handshake itself?
Cheers, Badda
David Schwartz wrote:
There are right ways and there
There are right ways and there are easy ways. The easy way is to
non-destructively read the first character on the connection.
What is the right way?
Zack
There are three right ways (and reasons why some or all of these are
sometimes impractical):
1) Don't get into this situation in the first
David,
Perfect - thanks!
Peeking at the first byte with recv(sock, buffer, 1, MSG_PEEK) works :-)
I'm not very familiar with the SSL handshake. What are the
chances of a G
or P being the first byte of the handshake itself?
0% until SSL version 71 comes out.
DS
Hello,
David,
Perfect - thanks!
Peeking at the first byte with recv(sock, buffer, 1, MSG_PEEK) works :-)
I'm not very familiar with the SSL handshake. What are the chances of a G
or P being the first byte of the handshake itself?
This is not good solution, what if you get OPTIONS, HEAD and
PEM_read_bio_RSAPrivateKey() returns a BIO *, not a EVP_PKEY *. So, I
am passing the wrong argument type when I call EVP_PKEY_get1_RSA().
Did I use the wrong call, or am I missing a call?
PEM_read_bio_RSAPrivateKey retuns an (RSA*) and you're done.
You don't need or want the call to
Hello,
I am using ECDSA with 224 bit secp224r1 curve. But the signature I am
getting is of size 64bytes; shouldn't it be 56 bytes (r||s)? Also its
not 56bytes + 8bytes zero's padding. Please help me.
This signarure is ASN.1 encoded, when you decode this signature with
command:
$ openssl
Hello,
I have following questions regarding digest creation using openssl.
Would really appreciate if someone could please reply? We are using
OpenSSL 0.9.7a Feb 19 2003.
1. openssl dgst -sha1 xyz.tar.gz or openssl dgst –md5 xyz.tar.gz
creates a digest for xyz.tar.gz file. Can
Jim,
Well now isn't that kind of obvious. I feel like such a dunce now. My
excuse is the 12 hour days since Saturday.
Thanks!
On 7/10/07, Jim Fox [EMAIL PROTECTED] wrote:
PEM_read_bio_RSAPrivateKey() returns a BIO *, not a EVP_PKEY *. So, I
am passing the wrong argument type when I call
Hello,
David,
Perfect - thanks!
Peeking at the first byte with recv(sock, buffer, 1, MSG_PEEK) works :-)
I'm not very familiar with the SSL handshake. What are the
chances of a G
or P being the first byte of the handshake itself?
This is not good solution,
Yep, that's the first
Hello Florian,
--On Montag, Juli 09, 2007 09:25:01 +0200 Florian MANACH [EMAIL PROTECTED]
wrote:
I saw that it needs PEM format... but even if I convert the certs in PEM,
links are created but my app still returns an error on verification.
Hm.
Try to store roots, intermediate certs and
Bill Colvin wrote:
Raymond: It is possible that the functions you are referring to may be
required to support RSA (key wrapping; key establishment) methodology as
described on page 19 of the Security Policy.
You also have to take into consideration that all algorithms are
supported in
Can anybody help me out please ?
I get an error saying unable to load Public Key when I use my own keys.
Is it that there is a problem with the key ?? with the format ?? with the
header ?? anything else ??
Thanx,
Bibhuti
bibhuti prusty [EMAIL PROTECTED] wrote: Hi all openssl gurus
I am a
Hello,
Can anybody help me out please ?
I get an error saying unable to load Public Key when I use my own
keys.
Is it that there is a problem with the key ?? with the format ?? with
the header ?? anything else ??
I am a newbie here and I therefore may sound very stupid
Hi
Many many thanks for your reply Marek.
It seems my public key is not in proper format.
The output of openssl asn1parse for my key is as follows -
[EMAIL PROTECTED] test]$ ./openssl asn1parse -in pub.pem
0:d=0 hl=2 l= 2 prim: OBJECT:0.0.0
Error in encoding
29 matches
Mail list logo
