Questions tagged [openssl]

1

votes
1

answer
1.4k

Views

AES CTR symmetric encryption and decryption

I am not an expert in openssl. I have put together the following code to encrypt and decrypt a message using AES-CTR. The output is not what I expect to see. #include "stdafx.h" #include #include #include #include #include #include #include #include #include //for RAND_bytes function struc...
mjan635
0

votes
0

answer
6

Views

conda error ssl certificate : HTTPSConnectionPool(host=\'repo.anaconda.com\', port=443

no matter what I do I get this error C:\Users\MyPc>conda update --all Solving environment: failed CondaHTTPError: HTTP 000 CONNECTION FAILED for url Elapsed: - An HTTP error occurred when trying to retrieve this URL. HTTP errors are often intermittent, and a simple retry will get you on your way....
etl_devs
5

votes
0

answer
30

Views

Can't Connect MongoDB With SSL in Azure machine with another MVC application in Azure

I'm having problem in connecting MongoDB which is configured using SSL. I have MongoDB enterprise server in Azure virtual machine which has the following configuration. net: bindIp: 0.0.0.0 port: 27017 ssl: CAFile: 'C:\openssl-0.9.8h-1-bin\bin\rCA.pem' PEMKeyFile: 'C:\openssl-0.9.8h-1-bin\bin\rser.p...
Mani Kkr
0

votes
0

answer
6

Views

Does SSL perform automatic renegotiation

I have a client server application written in c++ using SSL 1.0.1n for socket communication. I am trying to prevent renegotiation (it's a requirement). Nowhere in my code do I initiate a renegotiation. I see openssl has a BIO_set_ssl_renegotiate_bytes and BIO_set_ssl_renegotiate_timeout that allows...
user3621099
1

votes
2

answer
75

Views

How to check TLS certificate expiration date with Clojure?

Normally I check a server's certificate expiration using the openssl command, but I'm learning Clojure and would really like to figure out how to do this without calling a shell command if possible. How would I replicate this functionality? $ openssl s_client -connect google.com:443 < /dev/null ^ /d...
Mark C
5

votes
0

answer
68

Views

Use mbedTLS as SSL library in QT

By default QT looks for OpenSSL header during compilation to enable support for encryption/SSL in code. Due to several reasons, I want to use mbedTLS in my code instead and would like QT to use that as encryption library as well. Has anyone been able to do that?
tunafish24
1

votes
1

answer
6.2k

Views

Encrypted Private Key to RSA Private Key

I have an Encrypted Private Key(say,servenc.key) in below format: -----BEGIN ENCRYPTED PRIVATE KEY----- MIIC2TBTBgkqhkiG9w0BBQ0wRjAlBgkqhkiG9w0BBQwwGAQSIFFvMaBFyBvqqhY6 yTV2fMVVAgIUczAdBglghkgBZQMEASoEEGRetyFtHhnJ7TZTM2qolWkEggKAFg/h GERtM1loEd+u8VAtLwTzBiXE5pmRpp/hX/1HrbBnzFjAsNtWlEtzpSuxuCoXtMst u...
Vivek Kashyap
1

votes
2

answer
847

Views

Qt and OpenSSL incompatible version on Ubuntu

I am having issues trying to make QNetwork classes work with Qt5.11.1 on Ubuntu 18.04 I have openssl 1.1.0g and libssl-dev installed on my system. The openssl version used by Qt is 1.0.2k. I have checked with QSslSocket::sslLibraryBuildVersionString(). Plus QSslSocket::supportsSsl() returns false. I...
guillaumegoui
0

votes
0

answer
8

Views

AES-256 encryption/decryption

I'm sure I'm missing something but I'm struggling to understand what! I encrypt a dummy string online on this website with AES-256: https://www.devglan.com/online-tools/aes-encryption-decryption with the following parameters: text to encrypt: This is a test! Mode: CBC Key size in bit: 256 Enter IV...
Kasper
0

votes
0

answer
2

Views

nonblocking SSL socket with multithreaded client blocking on read

I cannot write to the SSL server socket from threads which are run on the client (each thread creates a socket, CTX, SSL, ... separately). Client The client runs 2 threads, each thread creates a SSL connection. Each thread is performing three writes SSL_write: Thread1 - SSL session1 sockfd = socket(...
query
1

votes
0

answer
10

Views

Encryption using symmetric openssl aes-128-cbc SHA256 encryption

Problem: Want to achieve symmetric encryption using openssl aes-256-cbc -a -in avengers.txt -out avengers.enc -md md5 so if I pass the encrypted text in below code or in openssl aes-256-cbc -a -d -in avengers.enc -md md5 I get the actual strong. Can anyone help me in factoring the below code to do e...
QubesX
1

votes
2

answer
3.6k

Views

Numbers in initialization vector (IV) are all zeros

I'm having trouble understanding the following sentence : "the numbers in initialization vector (IV) are all zeros (not the ASCII character '0'). My goal is to use openssl enc command to encrypt a file using aes-128-cbc with a key K (let's say 1234567890) and the iv that fulfil such requirements. So...
JaneDoe
1

votes
1

answer
646

Views

How to verify an apk's signature with openssl

I write a python application to analyze apk files. To check the signature of the apk I run the following command: jarsigner -verify via subprocess. For performance reasons, I want to use openssl instead of jarsigner. Is there a way to do this like: openssl verify ?
spitzbuaamy
1

votes
1

answer
3k

Views

How to force OpenSSL to use old ciphers

I'm trying to check the "security" certificate on an APC power distribution unit using OpenSSL from this shell script, but kept getting back an empty response. #!/bin/bash host=192.168.242.27 port=443 cert=$(openssl s_client -connect "$host":"$port" 2>/dev/null | sed -n '/BEGIN CERT/,/END CERT/p') e...
miken32
1

votes
1

answer
444

Views

Creating process with arguments in Swift?

Problem with doing process in Swift 3, It's not working, I click and nothing is happening. let open = Process() open.launchPath = "/usr/bin/openssl" open.arguments = ["openssl enc -aes-256-cbc -d -in \"" + existing.stringValue + "\" -out \"" + new.stringValue + "/" + name.stringValue + "\""] open.la...
matanm
1

votes
1

answer
919

Views

Decrypt AES256 encrypted string with VB.net

I want to decrypt in VB.net strings encrypted in PHP via openssl_encrypt function: $encrypted_string = openssl_encrypt( $string, 'AES256', 'secret_password', 0, 'initialization_vector' ); I tried with this class: Public Class Aes256Encrypter Public Function Encrypt(ByVal plainText As String, ByVal s...
Blazeag
1

votes
1

answer
55

Views

Run openssl encryption functions faster

This is a question related to security posted here.I am using this in my current PHP 7.0 setup which works fine. But because mcrypt has been replaced with openssl since 7.2, I am working to update the encrypt and decrypt functions with the ones posted here since it's built-in. But because this is on...
anjanesh
1

votes
1

answer
339

Views

What are OpenSSL BIOs? How do they work? How are BIOs used in OpenSSL?

I need some general information about OpenSSL BIO. Some kind of introduction to it. What is OpenSSL BIO? What is its general idea? I know that it is some kind of API for input/output. But how is it different from stdio or sockets API, for example? I know that there are source, sink and filter BIOs....
anton_rh
1

votes
1

answer
135

Views

OPENSSL ERROR : lib(6) func(101) reason(100) evp_enc.c

So I am working on AES encryption but this error keeps bugging me. ERROR: lib(6) func(101) reason(100) evp_enc.c I am encrypting my file with one program and decrypting it with another. The encryption was successful with this code. #include "stdafx.h" #include #include #include #include #include...
Zeeshan Nazar
1

votes
1

answer
1.9k

Views

Error specifying OpenSSL config file

I'm trying to install an SSL certificate on an EC2 Load Balancer. Following this guide: http://docs.aws.amazon.com/ElasticLoadBalancing/latest/DeveloperGuide/ssl-server-cert.html I have OpenSSL installed (in Windows) running command-prompt as admin I'm on the step "Before you use OpenSSL commands,...
matthew_360
1

votes
2

answer
7.5k

Views

How to verify passphrase of pem certificate

As the title says. I can verify passphrase easily with php's openssl_pkcs12_read for p12 certs, but it seems like there isn't similar function for pems. Maybe it's impossible to do this with pems?
brgs
1

votes
2

answer
434

Views

Sending data securely in C++? [closed]

Can someone give me some guidance on my problem - I am writing a game (CryEngine) and I need to know how to send data - including usernames and passwords to a server where they can be stored in a database and shown on a webpage displaying the players "stats". I'd like to start with the usernames and...
Dan Vonk
1

votes
1

answer
908

Views

imap client - how to compose proper request?

I'm trying to make simple IMAP client using winsock/OpenSSL, is this possible without additional libraries? If so, how to send request and get responce? Server is responding only once,even without request,after that i'm sending request and application stuck at SSL_read(..) function,than timeout and...
Mickey Tin
1

votes
1

answer
224

Views

Create a X509 certificate with SANs [closed]

Is it possible to create X509 certificates with SANs (Subject Alternative Names) using openssl without touching a config file? All the examples you find when searching Google about that topic (such as here or here) claim that you need to adjust or create a config file. Does this work without, e.g. u...
Golo Roden
1

votes
2

answer
1.5k

Views

How to get peer address from OpenSSL BIO object

I'm programming TLS server using OpenSSL 1.0.0 library, as such I'm using BIO* objects, not SSL* objects (I'm using IBM documentation: part 1, part 2 and part 3). To get a socket to remote client I run following code: BIO *new_client; while(1) { if (BIO_do_accept(socket)
Hubert Kario
1

votes
3

answer
4k

Views

SHA1 error implementation in C

I have been working on getting the sha1() function working from openssl/sha.h however I am getting random output and some warning. I have read quite a bit and tried some of the example codes but I get warning on all of it and it doesn't display correctly. Here is code: #include #include #include...
Bryce
1

votes
1

answer
385

Views

What is digested data?

I'm learning OpenSSL and I found this method BIO_f_md() in the libtrary documentation: http://www.openssl.org/docs/crypto/BIO_f_md.html where it says: Any data written or read through a digest BIO using BIO_read() and BIO_write() is digested. What does digest mean? What is digested data?
Jacob Krieg
1

votes
2

answer
2.9k

Views

Extract Public Key of a DER encoded Certificate in C

I am getting a DER encoded certificate (after base64 decode) from an ldap search request and need to parse the public key from it. I am pretty sure that its possible with the openssl library. Unfortunately the API documentation is not very well-kept. Is there any example or other library to extract...
fliX
1

votes
1

answer
794

Views

Why DTLSv1_listen() returns zero?

I am learning DTLS using the sample code "dtls_udp_echo.c"... Server: "DTLSv1_listen(ssl, &client_addr)" The underlying socket is non-blocking but will wake up upon readability. As soon as client does SSL_connect(), server gets invoked. So I believe hello is transmitted and received by the server....
user180574
1

votes
1

answer
853

Views

How to programatically issue a certificate from a self signed certificate with openssl?

I manage to create a self signed certificate, but now I would like to be able to issue other certificates with this self signed certificate. How can this be done in C using openssl library?
mmm
1

votes
1

answer
1k

Views

Which transport security or message security?

I have a WCF service that uses net.TCP binding, and this service can be consumed inside the LAN or through internet. I have read that net.TCP by default use transport level security, but this security is point to point, I think that if I use my client out my LAN, through internet and the communicati...
Álvaro García
1

votes
2

answer
1.2k

Views

Can't HTML Scrape Site Because Of SSL Error

I am working on a scraping script. It works on most websites but I cannot access a specific SSL site. Here is my code: if (!extension_loaded('openssl')){ // not occurring } $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'https://www.chase.com/'); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_ANY); c...
xtrimsky
1

votes
2

answer
4.2k

Views

A way to do RSA “encryption” of padded SHA256 hash using command line openssl

I'm trying to come up with a one-liner solution using openssl, that will take in padded SHA256 digest of a message (256 bytes in this case, for RSA2048), and apply RSA "decryption" to the 256 byte digest, ie m^d mod n where n is the modulus, d is the private exponent and m is the digest message (pad...
Mark Lakata
1

votes
1

answer
1k

Views

Generate keypair for EVP based on engine

Up until now I did the following: rsa=RSA_generate_key(2048,RSA_F4,NULL,NULL); if (rsa == NULL){ fprintf(stderr, "Could not generate keypair \r\n"); return EXIT_FAILURE; } if ((pk=EVP_PKEY_new()) == NULL){ fprintf(stderr, "Could not instantiate new evp key storage\r\n"); return EXIT_FAILURE; }...
Paul Praet
1

votes
2

answer
689

Views

How do you remove an extension from an X509?

I am creating an api for modifying X509 certificates in C and I want to add a way to remove an extension (e.g. subjectNameAlt). How would I do this via the OpenSSL API?
chacham15
1

votes
1

answer
2.5k

Views

how to get rid of — openssl error

I have compiles & make install openssl. Just to check to check that package is installed correctly i run following program. It compiled & run correctly for me. Means openssl is installed correctly & is not broken. #include #include #include int main(int c, char **v) { ERR_load_crypto_strings(); O...
Katoch
1

votes
3

answer
2.1k

Views

PEM_write_PrivateKey() function is not storing the RSA private key in private.pem file

This is the code i am using by taking reference of stack overflow questions asked by other users from here. But when i am trying to use PEM_write_PrivateKey() function to write the private keys into the file. It is not doing it. The console screen get closed automatically after this function call. A...
Ankit
1

votes
2

answer
14.3k

Views

OpenSSL “error reading input file” and “bad magic number”

I'm trying to encrypt a simple string "Hello world." with the OpenSSL command line tool. I've tried both encrypting using both base64 and binary. But I'm getting some unhelpful errors. $ "Hello world." > plain.txt $ openssl enc -aes-128-ecb -e -base64 -in plain.txt > enc.txt enter aes-128-ecb encryp...
Mark
1

votes
1

answer
322

Views

OS X: What might cause ssh-agent to stop providing passphrase for encrypted SSH private key?

As far as I can tell, the only thing I did was modify my ~/.ssh/known_hosts file, because I set up a new Parallels VM with a Bridged Network Adapter and the client Linux gained a local LAN IP which matched a previous entry in the known hosts file (thus preventing me from connecting to it). (I'm not...
Steven Lu
1

votes
3

answer
2k

Views

How to sign files trustedly with OpenSSL

How can you sign files on the command line while using a trusted identity? For emails you get a x509 certificate, signed by a CA – can you use the same to sign files? Or would the CA need to sign your public key, and you'd use the corresponding private key to sign the file? Right now I just found...
Andy

View additional questions