Thank you, Matt for your quick reply.
I have additional questions: I looked both links below:
https://www.openssl.org/docs/crypto/EVP_PKEY_encrypt.html
https://www.openssl.org/docs/crypto/EVP_PKEY_decrypt.html
One for encryption, one for decryption, however, example code in the links are
the sa
As two other people have already said, you cannot use strlen() on binary data.
> >BN_bin2bn(parmp,strlen(parmp), dhPar2->p);
> >BN_bin2bn(parmg,strlen(parmg), dhPar2->g);
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
Hi,
Thank you all for your quick responses. I am using openssl 1.0.1 on a Linux
machine. The DH_new() works correctly in my machine. It does not return NULL.
Only the problem occurs in these lines-
> >
> > BN_bin2bn(parmp,strlen(parmp), dhPar2->p);
> > BN_bin2bn(parmg,strlen(parm
On 21 January 2014 15:44, HelenH Zhang wrote:
> Dear experts:
>
> We want to be able to specify padding.
> RSA_PKCS1_PADDING or RSA_NO_PADDING.
>
> I would like to use EVP API instead of RSA_Public_decrypt(), and
> RSA_Private_encrypt().
> Which API should I use?
>
> I am currently using EVP_SignI
I didn't see it before, but in fact, it is stated in the 'bugs' section :
|RSA_generate_key()| goes into an infinite loop for illegal input values.
Did you read :
http://www.openssl.org/docs/crypto/RSA_generate_key.html
||
Le 21/01/2014 17:50, Michel a écrit :
Hi Nischal,
As previously mentione
Hi Nischal,
As previously mentioned, I solved my problem using what I assume to be
the appropriate parameters.
So, it won't help you directly.
I was only suggesting that infinite loop in those funtions seems to
occur because of misuse/bad call/bad context, ... we would normally
expect to ret
Dear experts:
We want to be able to specify padding.
RSA_PKCS1_PADDING or RSA_NO_PADDING.
I would like to use EVP API instead of RSA_Public_decrypt(), and
RSA_Private_encrypt().
Which API should I use?
I am currently using EVP_SignInit()/Update/Final() to do rsa sign, and
EVP_VerifyInit/Updat
Hello,
Please ignore this.
Did a very big mistake because was not paying attention to what is actually
loaded
Seems like symlink created my c_rehash where loaded with success prior to
reaching the actual certificate.
Again I am sorry,
Ionut
On Tue, Jan 21, 2014 at 2:36 PM, Putinei .Ionut wrote
Thank you Mr. Henson.
--
View this message in context:
http://openssl.6102.n7.nabble.com/Reissuing-problem-of-X509-DER-with-newer-versions-of-OpenSSL-tp48201p48233.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
_
Hi Michel,
In my case, 'add' and 'rem' parameters are NULL
I also agree with you, that 'goto' should be avoided, but that is written by
OpenSSL guys.
Can you please let me know, how did you get rid of this problem.
I have checked everywhere, but did not get any solution, which can solve my
problem.
Hello,
Adding some more infor about openssl version used:
/etc/trusted_certs # openssl version -a
OpenSSL 1.0.1e-fips 11 Feb 2013
built on: Wed Oct 16 10:54:53 EDT 2013
platform: linux-generic32
options: bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int)
blowfish(ptr)
compiler: a
Am 21.01.2014 11:21, schrieb Kamalraj Madhurakasan:
Hello Ted,
In our application we have requirement to introduce new option which
allows customers to renew their certificates which was installed in it
already.
We would like to find out whether the new certificate is really a
renewal certi
Hello Ted,
In our application we have requirement to introduce new option which allows
customers to renew their certificates which was installed in it already.
We would like to find out whether the new certificate is really a renewal
certificate of old one so that we can allow them to replace the
Ho there,
from the technical perspective (which is the thing this list is
concerned with) a "renewed" certificate is a new certificate for the
same keys as the old one. No step of the three you list as necessary is
necessary from the openssl point of view, but may be required by your CA.
The
14 matches
Mail list logo
