mailing.openssl.users
  Home FAQ Contact Sign in
mailing.openssl.users only
 
Advanced search
July 2008
motuwethfrsasuw
 123456 27
78910111213 28
14151617181920 29
21222324252627 30
28293031    31
2008
 Jan   Feb   Mar   Apr 
 May   Jun   Jul   Aug 
 Sep   Oct   Nov   Dec 
2008 2007 2006  
total
mailing.openssl.users Profile…
RELATED GROUPS

POPULAR GROUPS

more...
 Up
  RE: Prime number generation on FreeBSD-sparc64         


Author: Ted Mittelstaedt
Date: Jul 16, 2008 23:37

> -----Original Message-----
> From: owner-openssl-users@openssl.org
> [mailto:owner-openssl-users@openssl.org]On Behalf Of Yuliya Shulman
> Sent: Wednesday, July 16, 2008 9:29 AM
> To: openssl-users@openssl.org
> Subject: RE: Prime number generation on FreeBSD-sparc64
>
>
> Thank you so much for providing the article and the flags! V8 worked, at
> least with the limited functionality we're using!
>
> I know there are lists of prime numbers as well as known algorithms. We
> don't generate primes for our own use; OpenSSL does. We're using
> RSA_generate_key() - a function in rsa_depr.c
>
> In turn, it uses:
> RSA_generate_key_ex() in rsa_gen.c
> rsa_builtin_keygen() in rsa_gen.c
> BN_generate_prime_ex() in prime.c
> BN_is_prime_fasttest_ex() in bn_prime.c ...
Show full article (2.36Kb)
2 Comments
  commercial OpenSSL use         


Author: Alan Wolfe
Date: Jul 16, 2008 16:46

Hi!

I'm making a commercial application for windows which uses libcurl.

This build of libcurl I'm usings links to both zlib and openssl.

I know libcurl and zlib themselves are fine for us to use commercially but
OpenSSL seemed a little more grey.

It seems like it's ok to use OpenSSL commercially so long as this file is
included along with the application:

http://www.openssl.org/source/license.html

would that be correct?

Thanks so much!
Alan
Show full article (0.96Kb)
5 Comments
  Determing if the OpenSSL PKCS11 Patch is installed.         


Author: Christopher Ivory
Date: Jul 16, 2008 10:50

I read on a website (http://developer.mozilla.org/en/docs/NSS_FAQ) that
OpenSSL does not support the PKCS #11 chip by default. I'm aware there is a
patch for this, but I'm not sure if it's already installed. I'm currently
working on an OpenSPARC. By typing "openssl version -a" in the terminal, I
recieved the following informaiton:

OpenSSL 0.9.7d 17 Mar 2004 (+ security patches to 2006-09-29)
built on: date not available
platform: information not available
options: bn(64,32) md2(int) rc4(ptr,char) des(ptr,risc1,16,long)
blowfish(ptr)
compiler: information not available
OPENSSLDIR: "/etc/sfw/openssl"

Is there a way to determine if the patch is installed and if the backend is
set up? Any help would be greatly appreciated.

-Chris

I read on a website (http://developer.mozilla.org/en/docs/NSS_FAQ) that OpenSSL does not support the PKCS #11 chip by default. I'm aware there is a patch for this, but I'm not sure if it's already installed. I'm currently working on an OpenSPARC. By typing "openssl version -a" in the terminal, I recieved the following informaiton:
  OpenSSL 0.9.7d 17 Mar 2004 (+ security patches to 2006-09-29)  built on: date not available  platform: information not available  options:  bn(64,32) md2(int) rc4(ptr,char) des(ptr,risc1,16,long) blowfish(ptr)
  compiler: information not available  OPENSSLDIR: "/etc/sfw/openssl"Is there a way to determine if the patch is installed and if the backend is set up? Any help would be greatly appreciated.
-Chris
no comments
  Configuring Signing through the PKCS#11         


Author: Christopher Ivory
Date: Jul 16, 2008 09:52

Hello,

I'm currently trying to configure some pre-existing code using EVP signing
to offload work to the PKCS #11 engine on an OpenSPARC T2. Since I'm new to
this, I tried initializing the PKCS11 engine two different ways which can be
triggered by command line argument. By default, the program will run without
the PKCS11 engine initialized. Here are the two ways I attempt to initialize
the PKCS11 engine.

if (usePKCS == 1){
ENGINE_load_builtin_engines();
ENGINE_register_all_complete();
ENGINE_set_default_RSA(ENGINE_by_id("pkcs11"));
}
else if (usePKCS2 == 1){
ENGINE_load_builtin_engines();
ENGINE *e = ENGINE_by_id("pkcs11");
ENGINE_init(e);
ENGINE_set_default_RSA(e);
}

Below is the section of code in which the actual signing takes place.
Show full article (4.50Kb)
no comments
  Problems with revoked certificate         


Author: albertlb
Date: Jul 16, 2008 06:32

Hello

I am using a debian pc with openssl and openvpn. The problem is I have
revoked a user certificate but the user still has access to the vpn. In the
crl.pem file appears the reference to this user. What could It happen?

Thank you http://www.nabble.com/file/p18487517/openssl.cnf openssl.cnf
--
View this message in context: http://www.nabble.com/Problems-with-revoked-certificate-tp18487517p18487517.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org
3 Comments
  Segmentation fault ..         


Author: Ahmed AlKhayat
Date: Jul 16, 2008 05:00

Dear All,

Kindly support. I'm facing the following error when i try to generate a Certificate Request using this command "req -newkey rsa:1024 -keyout keys/test_key.pem -keyform PEM -out requests/test_req.pem -outform PEM":

Error:

Error adding attribute
6306:error:0D0BF041:asn1 encoding routines:ASN1_item_dup:malloc failure:a_dup.c:104:
problems making Certificate Request
Segmentation fault (core dumped)

Waiting responses.

Thanks a lot.

Regards,
Ahmed
_________________________________________________________________
Explore the seven wonders of the world
http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org
no comments