on., 09.09.2009 kl. 10.25 +0200, skrev Einar Thorsrud:
> I do not find any possibility to add the label to the
> RSA_public_encrypt() function, but it could perhaps be achieved
> otherwise?
Could the label perhaps be related to the *p parameter in
int RSA_padding_add_PKCS1_OAEP(unsigned char *to,
Hi,
Thanks for the response, steve.
So, irrepective of creating the openssl object per thread or globally for
all threads, callback functions should be implemented to make the
application thread safe?
Thanks,
Deiva Shanmugam
On Wed, Sep 9, 2009 at 8:35 PM, Dr. Stephen Henson wrote:
> On Wed,
skar:
> Thanks for the advice. Hope this one is clear.
> Here are the concrete requirements:
> 1) Content should be encrypted only on the server.
> And public key must stay only on the server. No other
> person should have access to the public key.
That is not a requirement, that is an implemen
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
skar karthikeyan wrote:
| My requirements are(again):
|
| 1) Content should be encrypted only on the server. And public key must
| stay only on the server. No other person should have access to the
| public key.
| 2) Private key on the client machine
On Wed, 2009-09-09 at 09:50 -0700, skar karthikeyan wrote:
> My requirements are(again):
>
> 1) Content should be encrypted only on the server. And public key must
> stay only on the server. No other person should have access to the
> public key.
> 2) Private key on the client machine should decr
> As others have posted, this sounds like a job for PGP (or gnu's version of
> it).
> It is included with, or available for; nearly every *nix ever shipped
> plus many other operating systems, including some proprietary systems.
>
> For instance, the file manager GUI in many Linux distributions wil
* Anoop C wrote on Wed, Sep 09, 2009 at 18:02 +0530:
>Thanks for the quick response.
> I totally agree on your point. Our associates often used to try others
> certificate .So I want to remove that threat also by incorporating MAC
> address also into the certificates apart from the exis
On Wed September 9 2009, skar wrote:
> Dave Thompson wrote:
> >>From: owner-openssl-us...@openssl.org On Behalf Of skar karthikeyan
> >>Sent: Tuesday, 08 September, 2009 13:13
> >>
> >
> >
> >>I want to send data from my machine to another one and the remote
> >> machine shoul
On Wed, Sep 09, 2009, deiva shanmugam wrote:
> Hi,
>
> We are planning to make use of openssl crypto library in multithreaded
> environment.
>
> We call OpenSSL_add_all_algorithms() before creating threads and will create
> BIO, EVP_KEY, SHA256 , SHA1 and RSA object in each thread and makes use
On Wed September 9 2009, Anoop C wrote:
> Hi all
>
> I am using certificates generated by openssl for authenticating the
> WiFi useres using EAP-TLS 802.1x authentication.
> I would like to add MAC address of the user machines into each user
> certificates so that the certificates use
On Wed, Sep 9, 2009 at 8:54 PM, David Schwartz wrote:
>
>
> I suggest you find someone familiar with encryption and have a dialogue
> with
> them until a solution emerges. It's just going to take ridiculously long
> going back and forth this way because you don't seem to have any kind of
> statem
skar wrote:
> Now the remaining part is, how do I encrypt a file on my machine, so
> that only the client machines with the right key can decrypt them? I
> could keep the public key with me and have the private key on the client
> machines. But I don't know of a way to have only the private key a
Richard Salz wrote:
> I'm making available my small set of web pages and Perl script that
> implement a self-service PKI built around OpenSSL.
Awesome, Rich! Thanks.
- M
__
OpenSSL Project http
On Wed, Sep 9, 2009 at 6:43 PM, Scott Gifford wrote:
> skar writes:
>
> [...]
>
>
> You may want to consider using PGP for this, it sounds like your
> scenario is exactly what it was designed for. Each client would
> generate its own private and public key, then the sender would add the
> public
>From my blog, at
https://www.ibm.com/developerworks/mydeveloperworks/blogs/soma/entry/a_pki_in_a_web_page10
I'm making available my small set of web pages and Perl script that
implement a self-service PKI built around OpenSSL. The Perl script and
config are under 250 lines and the couple of w
Hi to everybody. I am a very newbie into the subject that I am going to
describe you, so sorry in advance if I say something that doesn't have any
sense.
What I would like to do is build the library for a microprocessor (texas
instrument dsp). Would this be possible? If it is, I would like to
skar writes:
[...]
> I have a file on my server which needs to reach several client machines
> safely and to remain encrypted there.
You may want to consider using PGP for this, it sounds like your
scenario is exactly what it was designed for. Each client would
generate its own private and pu
...ok, thank you very much, I appreciate everything you said to me...I've
learn a lot...
I've used a source code I've found on internet, but obviously, it was a toy
more than
mine... :)
Ah, allright, this is just a toy used to understand how works openssl and
it's cypher/decypher
routines, so DE
Hi,
We are planning to make use of openssl crypto library in multithreaded
environment.
We call OpenSSL_add_all_algorithms() before creating threads and will create
BIO, EVP_KEY, SHA256 , SHA1 and RSA object in each thread and makes use of
the following functions:
SHA1_Init BIO_n
Just a thought.
If the MAC is part of the client certifcate, why would that prevent anything?
If you want to check the MAC, do that somewhere else, because if the
client can see it is in the cert, it can be spoofed
HTH
Regards,
Serge Fonville
On Wed, Sep 9, 2009 at 2:32 PM, Anoop C wrote:
> H
Hi Patrik
Thanks for the quick response.
I totally agree on your point. Our associates often used to try others
certificate .So I want to remove that threat also by incorporating MAC
address also into the certificates apart from the existing set up.
Often Wimax CPE vendors used to bin
Hi there:
Anoop C wrote:
> Hi all
>
> I am using certificates generated by openssl for authenticating the
> WiFi useres using EAP-TLS 802.1x authentication.
> I would like to add MAC address of the user machines into each user
> certificates so that the certificates used by one machi
Hi,
I am trying to install OpenSSL 0.9.8k on Solaris 8. I'm a newbie with OpenSSL.
When running 'make test' an error is detected : see below : "error 40 at 0
depth lookup:proxy certificates not allowed, please set the appropriate flag"
Does anybody know how to correct ?
Thanks a lot
Bye.
Didie
Hi,
I've been googling for a while now and have read alle the fora and
wiki I can found and there are still a couple of things I can not
quite get clear.
I'm looking for an SSI solution (I think) that runs everything on
every node in parallel.
So any command issued on the SSI is in the bacground
David Schwartz wrote:
> You're really not doing a good job of stating your requirements. But, again,
> it sounds like SSL does exactly what you want.
>
>
> You are not using a valuable resource though as we've gone several emails
> now and you're still telling us about new requirements that tota
Hi all
I am using certificates generated by openssl for authenticating the
WiFi useres using EAP-TLS 802.1x authentication.
I would like to add MAC address of the user machines into each user
certificates so that the certificates used by one machine cannot be used in
another machine/P
skar wrote:
> Thanks David and Dave :) So signing is the reverse of what I need.
> I need to encrypt. In that case, I need to have only the private key
> on the other side and have the public key with me to encrypt the data.
You're really not doing a good job of stating your requirements. But, a
Hi all,
How is it possible to RSA OAEP encrypt using a label in addition to the
public encryption key and the message width libcrypto? The operation
would be that of RSAES-OAEP-ENCRYPT((n, e), M, L), as specified in the
RSA Cryptography Standard version 2.1.
I do not find any possibility to add
28 matches
Mail list logo
