On Thu, Jan 17, 2008 at 01:34:05PM +0800, Hou, LiangX wrote:
> Thank you for your help. I am using curl in a project actually. And
> I want to configure curl to do my custom authentication job. I am going
> to write an independent code and post it up with my cert. But before that
> I'd like to ask
Viktor,
Thank you for your help. I am using curl in a project actually. And I want
to configure curl to do my custom authentication job. I am going to write an
independent code and post it up with my cert. But before that I'd like to ask
you whether it is caused by my cert. The cert looks lik
On Thu, Jan 17, 2008 at 10:14:28AM +0800, Hou, LiangX wrote:
> No. I try to convert binary digest to hexadecimal strings outside and compare
> it with what is generated by the command-line tool. And I find they are
> different. The strange thing is that the thumbprint generated by my
> X509_dig
No. I try to convert binary digest to hexadecimal strings outside and compare
it with what is generated by the command-line tool. And I find they are
different. The strange thing is that the thumbprint generated by my X509_digest
begins with zero. That may be something wrong. Is it?
Liang
On Thu, Jan 17, 2008 at 09:11:01AM +0800, Hou, LiangX wrote:
>I used "openssl dgst -sha1". Is there anything wrong with my code? Is it
> right to get certificate object by using "X509 *cert = ctx->cert;" in this
> case?
You have not shown sufficient code for reasonable conclusions to be ma
Hi, Steve,
I used "openssl dgst -sha1". Is there anything wrong with my code? Is it
right to get certificate object by using "X509 *cert = ctx->cert;" in this
case?
Thanks.
Liang
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen
Henson
Sen
On Wed, Jan 16, 2008 at 05:33:13PM -0600, [EMAIL PROTECTED] wrote:
> So this is from 0.9.8g's pem.h:
>
> #define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
> (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
>
> And so is this:
>
> void * PEM_ASN1_r
So this is from 0.9.8g's pem.h:
#define PEM_read_SSL_SESSION(fp,x,cb,u) (SSL_SESSION *)PEM_ASN1_read( \
(char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb,u)
And so is this:
void * PEM_ASN1_read(d2i_of_void *d2i, const char *name, FILE *fp, void **x,
pem_password_cb *cb, voi
Hi all!
I've recently been put in charge of SSL, and I'm working my way through the
O'Reilly book.
However, I'm a bit stumped as to this problem.
I tried to upgrade our build system to use OpenSSL 0.9.8g, and thought I
succeeded.
However, the code is blowing up. The code is for caching sessi
It's logical ;-)
Thank you
Dr Franck ROUSSIA
Dr. Stephen Henson a écrit :
On Wed, Jan 16, 2008, rfx wrote:
"If i all understood" ;-)
I have 2 certificates :
- One with "keyusage" as AC Certificate "CertAC.cer"
- One with "keyusage" as crl signer Certificate "Cert_crlsigner.cer"
But they
On Wed, Jan 16, 2008, rfx wrote:
> "If i all understood" ;-)
>
> I have 2 certificates :
> - One with "keyusage" as AC Certificate "CertAC.cer"
> - One with "keyusage" as crl signer Certificate "Cert_crlsigner.cer"
>
> But they have the same hash so the name with ".0" extension is the same !!
> So
"If i all understood" ;-)
I have 2 certificates :
- One with "keyusage" as AC Certificate "CertAC.cer"
- One with "keyusage" as crl signer Certificate "Cert_crlsigner.cer"
But they have the same hash so the name with ".0" extension is the same !!
So when the last file copy is "Cert_crlsigner.cer
On Wed, Jan 16, 2008, rfx wrote:
> Yes, i read it
>
> For first point, i think that there is not ths same subject and issuer,
> like final autosign certificat of AC ?
>
> For second point, after translating, it's more difficult for me to
> understand "keyusage" not to be include ;-)
>
The point
Hello,
> I’m upgrading my system from Openssl version 9.6.d to Openssl version
9.8.a.
> I’m experiencing some problems when I’m “playing” server, For example
accepting an
> incoming call or even accessing my system via HTTPS causes the system to
get stuck.
> After some investigation I figured o
Dear SSL Team,
I would like to request you to send sample JCL for transfering file in
host through FTPS.
Thanks and Regards
Raj Kumar S.
Credit Suisse || Information Technology || Application Security
KSFH 327 || EBVV || ZH Zollstrasse 20/36
Office: +41 443 331 083 || Mobile: +41 762 377 289
Hi
I’m upgrading my system from Openssl version 9.6.d to Openssl version 9.8.a.
I’m experiencing some problems when I’m “playing” server, For example accepting
an incoming call or even accessing my system via HTTPS causes the system to get
stuck.
After some investigation I figured out that I
Dear General,
Before starting your putty session:
1. go to the Session Logging category
2. select Log SSH packet data
3. make a note of where your putty log is, it is probably best to start
with a new one.
Now attempt a connection to your server. On rejection, peruse your
putty.log file.
T
Ok thanks for the information Stephen.
On Jan 16, 2008 3:14 PM, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote:
> On Wed, Jan 16, 2008, Fabien Penso wrote:
>
> > > What key size are you using? If it is something large like 8192 bits it
> > > will
> > > take longer. You also have the overhead of run
Yes, i read it
For first point, i think that there is not ths same subject and issuer,
like final autosign certificat of AC ?
For second point, after translating, it's more difficult for me to
understand "keyusage" not to be include ;-)
Thanks
Dr Franck ROUSSIA
Dr. Stephen Henson a écrit
On Wed, Jan 16, 2008, Fabien Penso wrote:
> > What key size are you using? If it is something large like 8192 bits it will
> > take longer. You also have the overhead of running the openssl command each
> > time.
>
> standard "RSA Public Key: (4096 bit)", nothing fancy. I feel like 17
> seconds p
> What key size are you using? If it is something large like 8192 bits it will
> take longer. You also have the overhead of running the openssl command each
> time.
standard "RSA Public Key: (4096 bit)", nothing fancy. I feel like 17
seconds per 100 mails is slow. I was hoping I would find a way t
On Wed, Jan 16, 2008, Fabien Penso wrote:
> Hi,
>
> I was wondering if the performance I had for signing emails was
> normal, and how I could improve it. I have the following :
>
> time for i in `seq 0 100`; do openssl -sign -passin pass:something -in
> /tmp/foobar -text -out /tmp/foobar.signed
On Wed, Jan 16, 2008, Hou, LiangX wrote:
> Hi, all
>
> I am trying to define my own certificate verification function through
> the API "SSL_CTX_set_cert_verify_callback". This own certificate
> verification callback will
>
> check the thumbprint of the peer certificate. In this callback the
>
On Wed, Jan 16, 2008, rfx wrote:
> I make new path using hash name/ ".0" extension for certificat/".r0"
> extension for CRL
>
> The function: 'verify -CApath @CRLCA\ -issuer_checks -crl_check
> "SignCertPEM.cer"
>
> The result is :
> SignCertPEM.cer:
> /C=FR/O=GIP-CPS/OU=M\xE9decin/CN=0081013
Hi,
I was wondering if the performance I had for signing emails was
normal, and how I could improve it. I have the following :
time for i in `seq 0 100`; do openssl -sign -passin pass:something -in
/tmp/foobar -text -out /tmp/foobar.signed -signer vserver.crt -inkey
server.key ; done
that takes
Arg - i found it...
(Rijndael was the symmetric part of the application)
RSA encryption works fine between openssl and .net.
PGP.sig
Description: PGP signature
I make new path using hash name/ ".0" extension for certificat/".r0"
extension for CRL
The function: 'verify -CApath @CRLCA\ -issuer_checks -crl_check
"SignCertPEM.cer"
The result is :
SignCertPEM.cer:
/C=FR/O=GIP-CPS/OU=M\xE9decin/CN=0081013443/SN=ROUSSIA/GN=FRANCK
error 29 at 0 depth lo
On Thursday 10 January 2008 9:22 pm, Justin Karneges wrote:
[...snip...]
> ask here about the state of DTLS and memory BIOs.
>
> If it is not possible, does anyone have a tip on how to make it possible?
> Maybe I could create a substitute for the dgram BIO that works on memory,
> but unlike the exi
Hi, all
I am trying to define my own certificate verification function through
the API "SSL_CTX_set_cert_verify_callback". This own certificate
verification callback will
check the thumbprint of the peer certificate. In this callback the
thumbprint of certificate is calculated through the API
Hi!
I want to transfer RSA encrypted Data from a linux application to a .net
webservice. I'm encrypting data with the method
RSA_public_encrypt with RSA_PCKS1_OAEP_PADDING.
On the .net side i get the error:
System.Security.Cryptography.CryptographicException: Padding is invalid
Hi!
I want to transfer RSA encrypted Data from a linux application to a .net
webservice. I'm encrypting data with the method
RSA_public_encrypt with RSA_PCKS1_OAEP_PADDING.
On the .net side i get the error:
System.Security.Cryptography.CryptographicException: Padding is invalid
31 matches
Mail list logo