[openssl-users] How to load local certificate folder on windows

Hi All: I am using openssl 1.0.2 on windows 7 OS. I have put some root certificate files into a folder certs. when I using X509_STORE_load_locations() to load this folder into store, it returns 1 means success, but when I using X509_verify_cert(), it will return 0, and error shows 19(self signed

Re: [openssl-users] The evolution of the 'master' branch

>Not much on that page so far, not even a "kill list" of >intended victims except an admission that EAY's popular DES >library can no longer be accessed via the copy in OpenSSL. Yup. Pretty empty. Over the coming year there will be more. >I fear that this is an indication that you will be kill

[openssl-users] make depend error in openssl-1.0.2/crypto

Hello, We built OpenSSL-1.0.1j (and OpenSSL-fips-2.0.7) within my PowerPC-target build environment and have been using it successfully. We now have upgraded to use OpenSSL-1.0.2 (and OpenSSL-fips-2.0.9). It cannot successfully build because of the following error (which occurs identically 16 ti

Re: [openssl-users] The evolution of the 'master' branch

On 03/02/2015 23:02, Rich Salz wrote: As we've already said, we are moving to making most OpenSSL data structures opaque. We deliberately used a non-specific term. :) As of Matt's commit of the other day, this is starting to happen now. We know this will inconvenience people as some applications

Re: [openssl-users] Certificate verification fails with latest commits (ECDSA)

Summary of thread so far: The latest security update enforces that any inherently unsigned BIGNUM must be encoded as a non- negative DER INTEGER (which has a leading 0 byte if the most significant bit of the first byte would otherwise be set). It is a well known historic bug that some other ASN.1

Re: [openssl-users] i2d_X509_SIG() in FIPS mode

On Tue, Feb 03, 2015, Gayathri Manoj wrote: > Hi Steve, Viktor, > > I have tried with len also, But this also causing seg fault. > my requiremnt is to store max 2048 bit keys. Hence I used length as 512 > +1. > currently i ma getting len value = 28514. > > X509_SIG sig; > X509_ALGOR algor; >

Re: [openssl-users] i2d_X509_SIG() in FIPS mode

On 03/02/2015 06:26, Gayathri Manoj wrote: Hi Steve, Viktor, I have tried with len also, But this also causing seg fault. my requiremnt is to store max 2048 bit keys. Hence I used length as 512 +1. currently i ma getting len value = 28514. X509_SIG sig; X509_ALGOR algor; ASN1_OCTET_STRING

Re: [openssl-users] Handle Leaks - shmem-win32.c shmem.c - OpenSSL 1.0.1l

Following up on this somewhat old thread just to correct some misunderstandings about the nature of the Windows APIs. On 25/01/2015 19:49, Michel SALES wrote: Hi Avery, In the code I sent over before, I was calling CloseHandle on the thread: HANDLE h1=CreateThread(0,0,thread1,0,0,&t1); if(h1=

Re: [openssl-users] ECDHE-ECDSA certificate returning with no shared cipher error

> From: openssl-users On Behalf Of Rajeswari K > Sent: Monday, February 02, 2015 22:17 > Thanks for responding. Following is the output printed by openssl > ./openssl req -in csr.csr -noout -text >Subject Public Key Info: >Public Key Algorithm: id-ecPublicKey >

[openssl-users] Openssl verify command and c_rehash

Hi, Can following behaviour be confirmed as expected? OpenSSL verify test (test_verify) fails Env- c_rehash run using Cygwin. Run c_rehash on /path/to/certs/demo Cmd - openssl verify -CApath ../certs/demo ../certs/demo/*.pem Cause - Symbolic links (from hash.0 to file.pem) created by c_rehash