If you stepped a bit into the source code , you would have found the answer
yourself.
They are defined in the ssl.h.You may see the help doc for more details.
#define SSL_ERROR_NONE0
#define SSL_ERROR_SSL1
#define SSL_ERROR_WANT_READ2
#define SSL_ERROR_WANT_WRITE
I haven't run your code.I doubt why are you sure that the the length of
thepub_key is equal to the length of the p.In my opinion,it is not longer than
p.I found a counter example in WIKI.
Alice and Bob agree to use a prime numberp=23 and baseg=5.
Alice chooses a secret integera=6, then sends
I thinkintX509_print(BIO *bp,X509 *x)may be helpful.
You could create a mem bio by BIO *BIO_new_mem_buf(void *buf, int len) with
your own buffer.Then pass it to theX509_print function.
At 2011-02-26 07:44:59,Cason, Kenny kenny.ca...@boeing.com wrote:
Hiya!
I have an X509 data
I thinkERR_load_RSA_strings(void)should be called first.
At 2011-02-25 19:25:51,marek.marc...@malkom.pl wrote:
Hello,
Maybe you may try something like this:
int log_err(void)
{
char buf[256];
u_long err;
while ((err = ERR_get_error()) != 0) {
ERR_error_string_n(err, buf,
.
At 2011-02-25 22:10:45,lzyzizi lzyz...@126.com wrote:
I thinkERR_load_RSA_strings(void)should be called first.
At 2011-02-25 19:25:51,marek.marc...@malkom.pl wrote:
Hello,
Maybe you may try something like this:
int log_err(void)
{
char buf[256];
u_long err;
while ((err = ERR_get_error
I think you missed the logic about the function return value.
If SSL_set_fd( ) is ok , it will return 1.
Your code may write this way:
if( !SSL_set_fd(si-ssl, sock)){
int err_tmp = ERR_get_error();
char buf_tmp[256];
ERR_error_string_n(err_tmp, buf_tmp, sizeof(buf_tmp));
The SSL will abort the handshake automatically when something was wrong such as
the authentication failure,no shared cipher list,verify callback failure and so
on.So i think you shall call the shutdown and free the object when the
handshake functions(SSL_do_handshake,SSL_accept,SSL_connect...)
Sorry, I made you confusing.
1)I just want to say that it depends on your needs to call SSL_CTX_free().For
example ,you develop an application that needs user to import the certificate
.If the user import the wrong certificate , you may not call SSL_CTX_free to
free the SSL_CTX object.You may
What time have you to call SSL_free() and SSL_CTX_free() depends what you want
to end the SSL/SSL_CTX object's lifecycle.Calling these functions is just
likedel the object in C++,which means you don't want the object any more.
The failure of calling functions(e.g.SSL_CTX_set_cipher_list( ),
I would like to know how cipher list negociation works ( see scheme below ).
See a book that talk about SSL handshake.
is it transparent for users ( developpers ) ?
Almost.
must they write it ?
You do not need to write it,but you can chose it.
if yes, what are the functions ?
You can chose you
try this function:int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char
*CAfile, const char *CApath);
You can pass either a file path or a folder that contains a few CA files.
Also, you can try to set the environment variable SSL_CERT_FILE=your file
path,which will make openssl load the
1)All X509 operations are in the x509 module(folder).You may see the x509.h for
more details.To load a X509 object , you can use d2i_X509 which converts the
ANSI DER strings to X509 object(you can see the openssl doc for more function
details).
Also,you can reference the source code in ssl
int RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e_value, BN_GENCB *cb)
I would like to call this function to generate the same public/private key
everytime.
I do not sure what exactly want.I suppose that you want everytime you called
theRSA_generate_key_exwith same parameters and you can
As i know,RSA module mainly depends BN,ASN1,RAND(ASN1 may need other module
such as stack,buf).
ASN1 is a small parser to parse the asn1 strings,which is a little big to you.
if you do not use i2d_PublicKey ,d2i_xxx, you may not even need the ASN1 module.
SHA is a independent module,which needs
My idea is to convert the rsa into buf and compress it.
int COMP_compress_block(COMP_CTX *ctx, unsigned char *out, int olen,
unsigned char *in, int ilen);
int COMP_expand_block(COMP_CTX *ctx, unsigned char *out, int olen,
unsigned char *in, int ilen);
Are these functions fit your needs?
sorry, I misunderstand your request for internal processing. the previous
functions which I memtioned can't be processing.
I think this will be better.
RSA *pub_key = NULL;
pub_key = readPublicKey(); // to read a public key from a file ,you can use
your own function to get a rsa object
RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
RSA * d2i_RSA_PUBKEY(RSA **a, unsigned char **pp, long length);
int i2d_RSA_PUBKEY(RSA *a, unsigned char **pp);
RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
int
17 matches
Mail list logo
