On 2012-02-24 00:58 +0530 (Fri), Ashok C wrote:
> We too have the use cases of those four certificates. Now what would be the
> best programmatic way to find out for sure if a given certificate is a CA
> certificate or not, be it a v3 or a v1.
Well, in the end, given your conditions, you can't be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.1 Beta 3
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
OpenSSL is currently in a release cycle. The third beta is now released.
This is expected to be the final bet
> From: owner-openssl-us...@openssl.org On Behalf Of burtbick
> Sent: Thursday, 23 February, 2012 14:13
> Hi, I'm working on a project where I need to interact with a
> hardware device that is using Triple DES-ECB for encrypting keys.
>
> One of the first things that I'm trying to do is to gene
On Thu, Feb 23, 2012 at 2:12 PM, burtbick wrote:
>
> Hi, I'm working on a project where I need to interact with a hardware device
> that is using Triple DES-ECB for encrypting keys.
>
> One of the first things that I'm trying to do is to generate a 16 byte key
> to be uploaded to the device.
>
>
Hi, I'm working on a project where I need to interact with a hardware device
that is using Triple DES-ECB for encrypting keys.
One of the first things that I'm trying to do is to generate a 16 byte key
to be uploaded to the device.
Generating the 16 byte key is the easy part.
The device has a
Thanks Jakob,
We too have the use cases of those four certificates. Now what would be the
best programmatic way to find out for sure if a given certificate is a CA
certificate or not, be it a v3 or a v1.
Regds,
Ashok
On Feb 24, 2012 12:51 AM, "Jakob Bohm" wrote:
> On 2/23/2012 10:49 AM, Ashok C
Note for those who are not aware: Crypto-C is or was the
marketing name for the fork of SSLeay/OpenSSL offered
commercially by RSA Data Security Inc. after they hired
eay himself to get a crypto library not subject to the
then strict US export limitations (SSLeay was origianally
created entirely
On 2/23/2012 10:49 AM, Ashok C wrote:
Hi,
What would be the most efficient and easiest way to distinguish a CA
certificate from an actual server/client(end entity) certificate?
We were thinking of identifying the CA with the "CA:TRUE" constraint
from the text display, but again this check does
From the evidence given, I would *almost* certainly characterize
this as a deadlock bug in ntdll.dll, the deepest, most trusted
user mode component of Windows!
Specifically, nothing should allow regular user code such as
OpenSSL to hold onto NT internal critical sections while not
running inside
On 02/23/2012 10:49 AM, Ashok C wrote:
Hi,
What would be the most efficient and easiest way to distinguish a CA certificate from an actual
server/client(end entity) certificate?
We were thinking of identifying the CA with the "CA:TRUE" constraint from the text display, but
again this check doe
Hi,
OpenSSL Version: 0.9.8o
OS : Windows Server 2008 R2 SP1
I am seeing a deadlock in a windows application between two threads, one
thread calling Heap32First from OpenSSL's RAND_poll and the other that
allocates memory over the heap.
Here is the relevant stack trace from both the threads invol
thanks a lot for the answer. that makes sense.
Dave Thompson-5 wrote:
>
> OpenSSL implements a self-signed cert as issued by itself
> (which it kind of is) and so won't recognize it if
> KeyUsage is present and does not allow keyCertSign.
>
--
View this message in context:
http://old.nabble
Hi,
What would be the most efficient and easiest way to distinguish a CA
certificate from an actual server/client(end entity) certificate?
We were thinking of identifying the CA with the "CA:TRUE" constraint from
the text display, but again this check does not cover x509 v1 certificates
where this
13 matches
Mail list logo