I make the openssl 0.9.8i or openssl 0.9.8k and build the libssl.so and
libcrypto.so in the arm-linux which kernel is version 2.6. When I will
deinit the SSL Ctx buffer and call the SSL_CTX_free() in my porting
eap_supplicant, the SSL_CTX_free() function will happen the "segmentation
fault". But I
AngelWarrior wrote:
> but this still requires a CA kind of certificate right.
> I dont know if the client will be have a CA certificate
> to authenticate it.If I am wrong please explain me how
> it can be done.
The usual solution (as used on secure web pages, for credit card orders, and
so on) i
AngelWarrior writes:
> but this still requires a CA kind of certificate right.I dont know if the
> client will be have a CA certificate to authenticate it.If I am wrong please
> explain me how it can be done.
Regular SSL only requires a certificate on the server. Encrypted Web
browsing with htt
AngelWarrior wrote:
> Thank you for replying.
> I am thinking of this design.Is this feasible.My design approach
> is mainly based on
> "I dont need to know with whom I am contacting but after contact
> my messages should be private."
I don't think this is a coherent approach unless you layer som
On Wed, May 20, 2009 at 03:18:34PM -0500, AngelWarrior wrote:
> Thank you for replying.
> I am thinking of this design.Is this feasible.My design approach is mainly
> based on
> "I dont need to know with whom I am contacting but after contact my messages
> should be private."
For pseudonymous sec
Thank you for replying.
I am thinking of this design.Is this feasible.My design approach is mainly
based on
"I dont need to know with whom I am contacting but after contact my messages
should be private."
client(My own application)
Server (My own application)
1.(client)create a normal socket and
> AngelWarrior writes:
>
> > but this still requires a CA kind of certificate right.
> > I dont know if the client will be have a CA certificate
> > to authenticate it.If I am wrong please explain me how
> > it can be done.
>
> The server must have or know something that an attacker does not
> ha
AngelWarrior writes:
> but this still requires a CA kind of certificate right.
> I dont know if the client will be have a CA certificate
> to authenticate it.If I am wrong please explain me how
> it can be done.
The server must have or know something that an attacker does not have or
know. Othe
On Wed, May 20, 2009, Chris Bare wrote:
> > > Are there any good examples of using the ASN1 and CMS functions in
> > > openssl 1.0
> > > for generic operations?
> > > I'm trying to talk to an SCVP server, which takes requests wrapped in DER
> > > encoded
> > > CMS ContentInfo structure. So far I
but this still requires a CA kind of certificate right.I dont know if the
client will be have a CA certificate to authenticate it.If I am wrong please
explain me how it can be done.
On Wed, May 20, 2009 at 2:47 PM, Scott Gifford wrote:
> AngelWarrior writes:
>
> > I need some Info.I have a clien
forgot to say at step 7 and 8 agreed upon encryption algorithm
On Wed, May 20, 2009 at 3:18 PM, AngelWarrior
wrote:
> Thank you for replying.
> I am thinking of this design.Is this feasible.My design approach is mainly
> based on
> "I dont need to know with whom I am contacting but after contact
AngelWarrior writes:
> I need some Info.I have a client and server application which
> requires a secure medium for the transferring of data between each
> other. Currently I am using openssl to achieve this using private
> and public key certificates with RSA encryption. I don't want to
> ship t
On Wed, May 20, 2009 at 02:37:58PM -0500, AngelWarrior wrote:
> I need some Info.I have a client and server application which requires a
> secure medium for the transferring of data between each other. Currently I
> am using openssl to achieve this using private and public key certificates
> with
Hi,
I need some Info.I have a client and server application which requires a
secure medium for the transferring of data between each other. Currently I
am using openssl to achieve this using private and public key certificates
with RSA encryption. I don't want to ship the certificate with each eve
If you build the FIPS module as documented, it will create the
fipscanister.o. If you then build a version of OpenSSL 0.9.8 that has
FIPS support with the appropriate command-line option to build it and
link it with fipscanister.o, you have a version of the library (and
commandline tools) that wil
If the 'make test' runs fine, then it's working. You're asking it to
test the hardware engine acceleration capability with that command
('openssl engine -t'); you didn't ask it to build the engine support
in the original ./config line.
For building apache against it, download the apache source an
Forwarded to openssl-users as this forum seems to be appropriate.
Best regards,
Lutz
- Forwarded message from "Jaiman, Yateendra"
-
Subject: Openssl-0.9.8e/i build fails with Aix5.3 64 bit
Date: Wed, 20 May 2009 17:34:10 +0530
Thread-Topic: Openssl-0.9.8e/i build fails with Aix
IMO a good approach is also to simple read and understand apps/x509.c
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List
> > Are there any good examples of using the ASN1 and CMS functions in openssl
> > 1.0
> > for generic operations?
> > I'm trying to talk to an SCVP server, which takes requests wrapped in DER
> > encoded
> > CMS ContentInfo structure. So far I can't find an openssl function to
> > output a
> >
On Wed, May 20, 2009, Chris Bare wrote:
> Are there any good examples of using the ASN1 and CMS functions in openssl 1.0
> for generic operations?
> I'm trying to talk to an SCVP server, which takes requests wrapped in DER
> encoded
> CMS ContentInfo structure. So far I can't find an openssl func
Are there any good examples of using the ASN1 and CMS functions in openssl 1.0
for generic operations?
I'm trying to talk to an SCVP server, which takes requests wrapped in DER
encoded
CMS ContentInfo structure. So far I can't find an openssl function to output a
CMS that way, so any example code
Dear all:
I have some questions about DH in crypto
1. can we assign different generator in DH, since the default is 2, 3 or 5.
2. the p is randomly generated from BN_generate_prime_ex in
dh_buildtin_genparams.
if I have a p already, can I directly pass to DH*ret instead of
randomly generating it
Hi All,
Can someone please direct me to the relevant OpenSSL API for decoding binary
stream of the entire certificate content in ASN.1 format?
The reason that I need it is for extracting extra details from certificate
that I'm getting from IIS web server using
Request.ClientCertificate["Certifica
Hi,
I wanted to know if the openssl command line utility is available with the FIPS
140-2 package. I mean would I still be able to run commands like genrsa,
genpkey etc. from the command line with openssl FIPS crypto module doing all
the work ?
Regards,
MAK
T
On 2009.05.20 at 15:03:09 +0300, Lior Aharoni wrote:
>Hi Victor,
>
>Thank you for the quick reply.
>I did try to use d2i_X509 function but I get the following error:
>
> 2520:error:0D07207B:lib(13):func(114):reason(123):.\crypto\asn1\asn1_lib.c:150:
First of all, you shou
On 2009.05.20 at 06:16:49 -0700, jo wrote:
>
> that is definitely better but now it fails in make test:
>
> *** Testing openssl-0.9.8k (can take a while) ..failed
> *** Error: openssl-0.9.8k build error - make test failed
> exec(): 0509-036 Cannot load program ./destest because of the foll
that is definitely better but now it fails in make test:
*** Testing openssl-0.9.8k (can take a while) ..failed
*** Error: openssl-0.9.8k build error - make test failed
exec(): 0509-036 Cannot load program ./destest because of the following errors:
0509-022 Cannot load module ../util
Hi Victor,
Thank you for the quick reply.
I did try to use d2i_X509 function but I get the following error:
2520:error:0D07207B:lib(13):func(114):reason(123):.\crypto\asn1\asn1_lib.c:150:
2520:error:0D068066:lib(13):func(104):reason(102):.\crypto\asn1\tasn_dec.c:1281:
2520:error:0D07803A:lib(13):
On 2009.05.20 at 14:05:05 +0300, Lior Aharoni wrote:
>Hi All,
>═
>Can someone please direct me to the relevant OpenSSL API for decoding
>binary stream of the entire certificate content in ASN.1 format?
It is d2i_X509 function. It has same API as all other d2i functions and
return
Hi All,
Can someone please direct me to the relevant OpenSSL API for decoding binary
stream of the entire certificate content in ASN.1 format?
The reason that I need it is for extracting extra details from certificate
that I'm getting from IIS web server using
Request.ClientCertificate["Certifica
On 2009.05.20 at 02:13:39 -0700, jo wrote:
>
> When I want to build the openssl 0.9.8k version on aix it fails as follows:
>
>
> /usr/local/bin/gcc -I../crypto -I.. -I../include -DZLIB -DOPENSSL_THREADS
> -qthreaded -DDSO_DLFCN -DHAVE_DLFCN_H -q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -
> qroco
When I want to build the openssl 0.9.8k version on aix it fails as follows:
/usr/local/bin/gcc -I../crypto -I.. -I../include -DZLIB -DOPENSSL_THREADS
-qthreaded -DDSO_DLFCN -DHAVE_DLFCN_H -q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -
qroconst -c -o ssl_err.o ssl_err.c
gcc: unrecognized option '
32 matches
Mail list logo