cert chain validity

Hi there, i've been looking into the sources to find a place where the cert chain checking is done in terms of the certs span of life. Downwards the chain each cert should become valid while the issuers cert is valid. I thought the right place would be somewhere within x509_vfy.c, perhaps at ch

templates and cert chain validity

Hi there, i'm just about verification of certs. Since X509v3 there are many extensions with their own types. Some of them are known to the current implementation, many aren't. To implement a validity checking which is aware of different models shell as of RFC 3280 or chain as af ISIS-MTT. There

Re: Website correction request: only subscribers can post to openssl-users

Frank J. Iannarilli wrote: > Hi, > > On the following page: > > it declares that "anybody" can post to the openssl-users. > > But evidently (from my experience), that's not true; only subscribers > can. Unfortunately, browsing the website doesn't unambiguously > i

How to read in a Private key from a PEM file using buffer BIO?

Hello, we want to read in this private key using buffer BIO (no other BIO like the fp version!): -BEGIN RSA PRIVATE KEY- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,ABC593E89A1C77DC VRFgc0wejrAxwsGZud6I7IMVV30ZAHGu2Xl5BASjuBwjw4LB22UVAvNuCJRHRlOu 6UI774NZamj6Tme1UgdyP6S3jtISEFhcJKQ5ldu

Re: How to read in a Private key from a PEM file using buffer BIO?

Sorry, our fault, everything works fine as described. The only reason it didn't before was, that we created a class that shall handle the SSL initialization and DEinitialization. And instead of creating an object of this class we only called it's constructor: OurApplication(argc, argv); instead

Re: Errors while building OpenSSL in Windows

Did you try building with an up-to-date CVS snapshot? ftp://ftp.openssl.org/snapshot/ I don't know if you were using some already-released package version, but if so, then you would miss any fixes since then. (Ie. we don't rerelease 0.9.8x when bugs are found, we release 0.9.8y instead...) And

Re: templates and cert chain validity

Hi again, sorry, we just found the error in using the Macros. When an asn structure is being parsed, the pointer to the funding ASN_OCTET_STRING becomes modified and thus points no no freeable memory. Christian Weber schrieb am 10.07.2008 13:41: ... To implement a validity checking which is

Re: Errors while building OpenSSL in Windows

Thanks for your responses. I downloaded the latest snapshot ftp://ftp.openssl.org/snapshot/openssl-0.9.8-stable-SNAP-20080711.tar.gz and ran the perl configure. Then I executed the ms\do_masm batch file. I called nmake on the ms\ntdll.mak. The compile still fails : Assembling: .\crypto\sha