On 06/02/15 15:48, Susan Hinrichs wrote:
> Hello,
>
> In Apache Traffic Server we are primarily using SSL_accept and
> SSL_read/SSL_write with file descriptor bios.
>
> But during the handshake, we need to feed in our own packets via
> read-only buffers. We use the BIO mem_buf to pass along th
On Fri, Feb 06, 2015 at 01:13:08PM -0600, Rex Bloom wrote:
> I am being required to generate the following type of digital signature:
>
> RSASSA-PKCS1-v1_5
A PKCS#1 v1.5 signature.
> I am doing the following:
>
> openssl genrsa -aes128 -out private.pem 2048
You're generating a private key, th
On 06/02/15 16:03, Jakob Bohm wrote:
> I believe you have made the mistake of discussing only amongst
> yourselves, thus gradually convincing each other of the
> righteousness of a flawed decision.
...and, Rich said in a previous email (in response to your comment):
>> I fear that this is an in
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Dave Thompson
> Sent: Friday, February 06, 2015 12:04
>
> * Windows beginning AIR XP or maybe NT does support links on NTFS,
> but they're not easy to use and not well known, and I think I saw a recent
> bug report tha
I am being required to generate the following type of digital signature:
RSASSA-PKCS1-v1_5
I am doing the following:
openssl genrsa -aes128 -out private.pem 2048
Can anyone confirm this is correct or point out what I should change?
Thanks,
Rex
___
op
> From: openssl-users On Behalf Of Jerry OELoo
> Sent: Wednesday, February 04, 2015 21:54
> I am using openssl 1.0.2 on windows 7 OS.
>
> I have put some root certificate files into a folder certs. when I
> using X509_STORE_load_locations() to load this folder into store, it
> returns 1 means suc
Thanks for your detailed reply. Not sure what else I can say except that we
disagree.
___
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On 05/02/2015 00:42, Salz, Rich wrote:
Not much on that page so far, not even a "kill list" of
intended victims except an admission that EAY's popular DES
library can no longer be accessed via the copy in OpenSSL.
Yup. Pretty empty. Over the coming year there will be more.
I fear that this is
Hello,
In Apache Traffic Server we are primarily using SSL_accept and
SSL_read/SSL_write with file descriptor bios.
But during the handshake, we need to feed in our own packets via
read-only buffers. We use the BIO mem_buf to pass along this data
without incurring another copy. But on each
My bad.
I was using the wrong version of the certificate.
Sometimes double checking is not enough. I learned a lesson: Always triple
check.
Sorry,
Jacques
-Original Message-
From: Florence, Jacques
Sent: Friday, February 06, 2015 9:38 AM
To: 'openssl-users@openssl.org'
Subject: RE: [open
On 05/02/2015 14:30, Srinivas Rao wrote:
Hi All,
Is there a way to use openssl to sign data using a private key (on USB
token) and produce PKCS7 output on win32, if:
a) the data to be signed message is not touched yet and goes as input
to the solution to the answer to this problem, OR
b) signa
Jakob,
Thanks for the reply.
You're right, the cert shouldn't verify if it's changed.
However, using wireshark, I can see the other parts of the name being sent in
clear ascii, but not that custom attribute.
Assuming it's encoded in some format.
Once the server receives the cert, it is not able t
On 06/02/2015 00:21, Florence, Jacques wrote:
I created a client certificate with custom name attributes:
In the openssl.cnf file, I addedunder section [ new_oids ] the line:
myattribute=1.2.3.4
And under [ req_distinguished_name ] I added the line: myattribute = hello
If I use the openssl
Hi,
I'd like to know if it is possible to add eContent to a signedData which has no
signers?
The ANS X9 TR34 technical report defines a rebind token as having the following
structure.
SignedData (inner content):
There are no digestAlgorithms included.
The EncapsulatedContentInfo eContent
Thanks Steve for looking into this. Earlier I have tested the same way and
no values came in der.
Finally i find out the crash reason. For getting digest we have used
ASN1_item_digest() and in this we have passed digest type as EVP_MD5()
which is not allowed in fips and its not thrown any error
15 matches
Mail list logo