Question What's the right way to build a complex fips link into the Visual Studio vcproj projects while continuing to allow developers to arrange libraries via the properties GUI? Situation I'm using VS 2008 and have a bunch of projects that use openssl statically linked. Thus far the link has been simple, but now I'm switching to a ...
I'm writing a small program with the OpenSSL library that is suppose to establish a connection with an SSLv3 server. This server dispenses a self-signed certificate, which causes the handshake to fail with this message: "sslv3 alert handshake failure, self signed certificate in certificate chain." Is there a way I can force the connecti...
Hello, I'm looking to create a hash with sha256 using openssl and C++. I know there's a similar post about this here: http://stackoverflow.com/questions/918676/generate-sha-hash-in-openssl, but I'm looking to specifically create sha256. UPDATE: Seems to be a problem witht he include paths. It can't find any openssl functions even...
[Disclaimer: I know, if you know anything about crypto you're probably about to tell me why I'm doing it wrong - I've done enough Googling to know this seems to be the typical response.] Suppose the following: you have a central authority that wants to issue login cookies for a given domain. On this domain, you don't necessarily trust ...
I've created an RSA private key in ruby with: require 'openssl' key = OpenSSL::PKey::RSA.generate(1024) I can get the key in PEM or DER formats: key.to_pem key.to_der But there doesn't seem to be a way to get it into PKCS#8 format. The best I've come up with is to call out to openssl in another process: require 'open3' Open3.pope...
I want to use the Win32 OpenSSL binaries from Shining Light Productions for the sole purpose of generating self-signed certificates. Unfortunately, my PC has a newer version of Visual C++ 2008 Redistributables, instead of the version recommended by Shining Light Productions. Since I didn't see any static builds on the download page, wha...
I'm trying to generate a self-signed certificate in ruby, but am running into trouble. This is what I currently have right now: require 'openssl' if ARGV.length != 3 then puts "USAGE: #{__FILE__} <type[der|pem]> <private-out> <public-out>" exit end type = ARGV[0].downcase privateKeyFile = ARGV[1] publicKeyFile = ARGV[2] valu...
I am signing packets in some Java code and I want to verify the signatures on a C server. I want to fork openssl for this purpose (can always use library functions later... when I know openssl can verify the signatures); however, it's failing to do so: openssl dgst -verify cert.pem -signature file.sha1 file.data all it says is "unab...
Here is what I've tried: Encrypt message w/ my public key openssl enc -aes-256-cbc -salt -kfile key.pub -in message.txt -out message.enc Decrypt message using my private key openssl enc -d -aes-256-cbc -salt -in message.enc -pass file:mykey.pem Error from decryption bad decrypt 452:error:06065064:digital envelope routines:EVP_De...
Hi all, I have an implementation of SSL handshake from the client side, by using these functions: SSL_CTX_load_verify_locations SSL_CTX_use_certificate_chain_file SSL_CTX_use_PrivateKey_file All functions get char* type for the filename parameter. How can I change it to support also unicode file locations? Thanks! ...
Hi, I have a client/server program in TCP written in C, and I would like to secure the exchanged data with OpenSSL, it's quite new for me and I couldn't find examples on the net... Could you point out some googd documentation on this matter please? Thank you! ...
Which is better to use openssl or windows capi for ecnryption issues what is the pro and con list for both. and if it possible to write my encryptor program on openssl and decrypt it with windows capi with no problem or there are some problem with this. ...
Hi, I recently created a Certificate Signing Request(CSR) and submitted. But it was rejected stating "CSR has a PKCS9 extension profile", does a CSR generated using OPEN SSL via XCA contain any profile information? Isn't CSR a very generic request? Thanks in advance. ...
Hi all, I am getting an error when I go to start my world. it says that " The procedure entry point OPENSSL_add_all_algorithms_noconf could not be located in the dynamic link library libeay32.dll".I have tried re loading the whole thing, just downloading the dll file, downloading a dll file form the internet but nothing fixes it. Anyone ...
Is there a hash function that returns a 16-digit hex value (as MD5 returns 32-digit), or is there a library (for C++) in which I can use MD5 or SHA-1 which returns a 16-digit value ...
Hello there ! We've got here a problem of random disconnections between our Java apps and our PostgreSQL 8.3 server with a "bad record MAC" SSL error. We run Debian / Lenny on both side. On the client side, we see : main, WRITE: TLSv1 Application Data, length = 104 main, READ: TLSv1 Application Data, length = 24 main, READ: TLSv1 Appl...
Hello, I'm trying to write a secure client/server program in C with OpenSSL. I've found a code sample at http://www.rtfm.com/openssl-examples/ but I get this error: server: SSL read problem client: Certificate doesn't verify I think the problem is with the certificate generation, but I cannot find it. Any idea? Thanks ...
If I generate a p12 certificate with openssl as: - openssl pkcs12 -export -in myprivatecert.pem -nokeys -out mycert.p12 Even though I ask openssl to not export the private key, why does windows still require the private key password when installing the certificate. I figure I am missing something. Thanks in advance, David. ...
Currently I have my private key saved in a file, private.key, and I use the following function to load it: RSA *r = PEM_read_RSAPrivateKey("private.key", NULL, NULL, NULL); This works perfectly but I'm not happy with the file-based format; I want to save my key in pure binary form (ie, no base64 or similar) in a char* variable and load...
Hi I'm trying to use libssl to get some EMSA_PSS_ENCODING through the function RSA_padding_add_PKCS1_type1 in libssl, but I can't find nor docs nor solutions, so this is the example code I've written: #include <stdio.h> #include <stdlib.h> #include <string.h> #include <openssl/rsa.h> #include <openssl/err.h> FILE *error_file; int main...