Re: [openssl-users] [openssl-dev] Failed TLSv1.2 handshake with error 67702888--bad signature

Thanks for the response, I'm not sure what you're saying here other than TLS 1.2 client cert auth processing is different from TLS x (where x<1.2); I would assume that the range of mechanisms would expand to include more robust algorithms as time goes on. However, here something is breaking

Re: [openssl-users] Need information on AES encryption and decryption Key and IV type

As Rich already answered : "The IV, key, and ciphertext are all binary arrays of bytes." This is not specific to AES. Converting from or to hex (or Base64) strings is needed only to read from or print to outside your C program. Values passed to EVP_*() calls are expected to be raw (binary) data :

Re: [openssl-users] [openssl-dev] Failed TLSv1.2 handshake with error 67702888--bad signature

On Fri, Feb 26, 2016, Nounou Dadoun wrote: > I've extracted the certificates from the exchange to verify that the (tlsv1) > successful handshake and the (tlsv1.2) failed handshake certificates are > identical (they are) and I've also checked to make sure that the CA > certificate that the

Re: [openssl-users] [openssl-dev] Failed TLSv1.2 handshake with error 67702888--bad signature

I've extracted the certificates from the exchange to verify that the (tlsv1) successful handshake and the (tlsv1.2) failed handshake certificates are identical (they are) and I've also checked to make sure that the CA certificate that the server has for signature verification is the same as the

[openssl-users] SMIME: 1.0.0e vs. 1.0.1e

Hi! I'd like to finish the thread I started. - My first statement was wrong. Also 1.0.0e is not able to process my SMIME-sample. The reason was that I had a smime-binary-patch installed at the 1.0.0e some years ago and I did not remember about it. Without the patch installed in the 1.0.1e it

[openssl-users] Need information on AES encryption and decryption Key and IV type

Hi,, I am using Openssl for encryption and decryption. I need some information on AES encryption and decryption key and iv type. My doubt is when we are using a openssl in command line we need to pass key and iv as hex strings right? and same when we are EVP calls in C/C++ programming what is the

[openssl-users] FIPS 140-2 red letter puzzle resolved

As always, if you don't know or care what FIPS 140-2 is then rejoice at your good fortune and move on. The "red letter" message for the #1747 validation listing noted in my E-mail last Monday was confirmed as an error by the CMVP and has now been removed from the web site entry:

[openssl-users] PEM_read and write SSL_SESSION

If anyone is familiar with the PEM_read_SSL_SESSION and PEM_write_SSL_SESSION functions, please let me know about the arguments and the usage of these functions, in a bit detailed fashion. It'll be really helpful. Thanks -- Regards Shubham Chauhan -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] How to retrieve the revoked certificate list when X509_LOOKUP_hash_dir() method used

Hi Bob, Yan, Bob wrote: H All, I used the following methods to load CRL hashed-directory into a SSL_CTX object to verify the client certificate against the CRL. The code works fine and it's able to verify the client certificate against the loaded CRLs. X509_STORE *x509Store =

Re: [openssl-users] Is anyone else getting spammed by databreachtoday.com, or is it just me?

On 26/02/16 01:43, Jakob Bohm wrote: > Over the last many months, I have received a constant flow of > "newsletters" from databreachtoday.com to my OpenSSL posting > address. > > I am wondering if this is specific to me, or if they are > sending to most other subscribers too. I'm not getting