RE: FW: X509_verify_cert() rejects all trusted certs with "default" X509_VERIFY_PARAM

2021-06-01 Thread Michael Wojcik
> From: openssl-users On Behalf Of Jakob > Bohm via openssl-users > Sent: Tuesday, 1 June, 2021 09:58 > > There is a very common extension to the validation of X.509 > certificates (which should ideally be available as an option > parameter to OpenSSL validation APIs): The EKU in a CA:True > certi

Re: FW: X509_verify_cert() rejects all trusted certs with "default" X509_VERIFY_PARAM

2021-06-01 Thread Jakob Bohm via openssl-users
On 2021-05-28 22:50, Michael Wojcik wrote: Just realized I sent this directly to Graham instead of to the list. -Original Message- From: Michael Wojcik Sent: Friday, 28 May, 2021 09:37 To: 'Graham Leggett' Subject: RE: X509_verify_cert() rejects all trusted certs with "default" X509_V

ODP: CSR creation using pkcs11 dynamic engine

2021-06-01 Thread Piotr Lobacz
Ok i have written printf in src/p11_rsa.c to check if i'm entering the RSA_set_flags callback and yes i am. Printf is being displayed but i still got this error, which shouldn't be any more. Od: openssl-users w imieniu użytkownika Piotr Lobacz Wysłane: wtorek,

ODP: CSR creation using pkcs11 dynamic engine

2021-06-01 Thread Piotr Lobacz
Sorry my bad i was checking bad position in the file... Od: openssl-users w imieniu użytkownika Piotr Lobacz Wysłane: wtorek, 1 czerwca 2021 17:34 Do: Selva Nair DW: openssl-users@openssl.org Temat: ODP: CSR creation using pkcs11 dynamic engine Ok not fixed in

ODP: CSR creation using pkcs11 dynamic engine

2021-06-01 Thread Piotr Lobacz
Ok not fixed in 0.4.11 it is fixed in master branch... i need to build it from master. Od: openssl-users w imieniu użytkownika Piotr Lobacz Wysłane: wtorek, 1 czerwca 2021 17:18 Do: Selva Nair DW: openssl-users@openssl.org Temat: ODP: CSR creation using pkcs11

ODP: CSR creation using pkcs11 dynamic engine

2021-06-01 Thread Piotr Lobacz
Hi Selva, btw. i have found one issue in libp11 package https://github.com/OpenSC/libp11/issues/304 and i have used 0.4.10 i will check firstly with 0.4.11 and give you answer. BR Piotr Od: Selva Nair Wysłane: wtorek, 1 czerwca 2021 17:15 Do: Piotr Lobacz DW: o

Re: CSR creation using pkcs11 dynamic engine

2021-06-01 Thread Selva Nair
On Tue, Jun 1, 2021 at 11:15 AM Selva Nair wrote: > > Hi Piotr, > > On Tue, Jun 1, 2021 at 10:57 AM Piotr Lobacz > wrote: >> >> Hi, >> i have managed to find the engine method static EVP_PKEY >> *load_privkey(ENGINE *engine, const char *s_key_id, UI_METHOD *ui_method, >> void *callback_data) i

Re: CSR creation using pkcs11 dynamic engine

2021-06-01 Thread Selva Nair
Hi Piotr, On Tue, Jun 1, 2021 at 10:57 AM Piotr Lobacz wrote: > Hi, > i have managed to find the engine method static EVP_PKEY > *load_privkey(ENGINE *engine, const char *s_key_id, UI_METHOD *ui_method, > void *callback_data) in libp11 package. I have also made a printf callback > and i see the

ODP: CSR creation using pkcs11 dynamic engine

2021-06-01 Thread Piotr Lobacz
Hi, i have managed to find the engine method static EVP_PKEY *load_privkey(ENGINE *engine, const char *s_key_id, UI_METHOD *ui_method, void *callback_data) in libp11 package. I have also made a printf callback and i see the output that method is being called, but the problem is that i think i ne