OpenSSL

OpenSSL DTLS connection never establishes

♀尐吖头ヾ 提交于 2021-01-29 20:30:42
问题 I'm sorry for such a big block of code, but I'm so lost as to what is happening, I have no idea where the problem might be... I am trying to get a VERY minimal dtls server going and I can't get the client and server to finish handshaking. Here is my code: #include <stdio.h> #include <sys/types.h> #include <sys/socket.h> #include <sys/time.h> #include <netinet/in.h> #include <arpa/inet.h> #include <stdio.h> #include <unistd.h> #include <stdlib.h> #include <string.h> #include <pthread.h>

need to create certificate with open SSL

牧云@^-^@ 提交于 2021-01-29 19:42:25
问题 I have two servers and on server A I have the open SSL install and on server B, I don't have the open SSL install now if I create a key pair and generate a CSR from server A for server B and get it signed by my root authority and place it on my server B now how this will work when the private key is still present on my server A as I have done everything on server A and just place the signed certificate on server B. how server B will decrypt the traffic when it didn't have the private key.

How to convert hexadecimal hash into binary at terminal?

▼魔方 西西 提交于 2021-01-29 19:25:15
问题 Main question: How to use xxd -r ? Secondary details. This command outputs a hexadecimal hash: openssl dgst -sha256 myFile | awk '{print $2}' > myHashHex I suppose that myHashHex is a "hexdump", isn't it? I thought that xxd -r < myHashHex will convert... Well, it does not work . NOTES To test/compare. I think that this is the same (no headers) in binary: openssl dgst -sha256 -binary myFile > myHashBin So, I expected that xxd -r < myHashHex > newHashBin generates newHashBin = myHashBin . PS:

OpenSSL Digitally Sign Digest Only

匆匆过客 提交于 2021-01-29 18:40:00
问题 I have a signing server where you can upload a file and it will respond with the digital signature. It is using openssl dgst -sha256 -sign which works fine. However, we've had to start signing large files (>1 GB) and the uploads take forever. I had the idea that we could compute the sha256 digest locally and pass just that to the signing server which would speed things up considerably. However, this seemingly simple task seems crazy hard with openssl. Is there a reason for this? I found one

How do I install libcurl4-openssl-dev together with libssl1.0-dev?

南笙酒味 提交于 2021-01-29 14:52:35
问题 I need to use npm together with building C++ application using curl++. npm cannot be installed with libcurl4-openssl-dev on Ubuntu. If I use libcurl4-nss-dev instead of libcurl4-openssl-dev, my code compiles sucessfully, but gives error "No URL set!" in the same situation, when it worked correctly on libcurl4-openssl-dev. How can I solve this? 回答1: I have found a workaround: using libcurl4-gnutls-dev instead of libcurl4-nss-dev or libcurl4-openssl-dev. 来源: https://stackoverflow.com/questions

OpenSSL Digitally Sign Digest Only

╄→гoц情女王★ 提交于 2021-01-29 12:08:43
问题 I have a signing server where you can upload a file and it will respond with the digital signature. It is using openssl dgst -sha256 -sign which works fine. However, we've had to start signing large files (>1 GB) and the uploads take forever. I had the idea that we could compute the sha256 digest locally and pass just that to the signing server which would speed things up considerably. However, this seemingly simple task seems crazy hard with openssl. Is there a reason for this? I found one

Cannot decrypt in C# an encrypted string done by openssl. Always get Org.BouncyCastle.Security.InvalidKeyException

北城余情 提交于 2021-01-29 11:07:24
问题 I trying to decrypt a string in C# that was encrypted by openssl via command line but it keep thrown the exception below: Exception thrown: 'Org.BouncyCastle.Security.InvalidKeyException' in BouncyCastle.Crypto.dll An unhandled exception of type 'Org.BouncyCastle.Security.InvalidKeyException' occurred in BouncyCastle.Crypto.dll Not an RSA key I am using RSA encryption and these are the commands (from git bash) that I use to generate the .pem file sand encrypt/decrypt a test string: // Create

phpseclib decrypt and encrypt data with only public key

纵饮孤独 提交于 2021-01-29 10:48:23
问题 Hi I would like to know why RSA can be performed (encrypt/decrypt) with only one public key in phpseclib? $rsa is an instance of phpseclib/Crypt/RSA.php (link: https://github.com/phpseclib/phpseclib/blob/master/phpseclib/Crypt/RSA.php) $publicKey keys here are the same. function encryptData($data, $publicKey) { $rsa = new Crypt_RSA(); $rsa->loadKey($publicKey); // public key $rsa->setEncryptionMode(CRYPT_RSA_ENCRYPTION_PKCS1); $output = $rsa->encrypt($data); return base64_encode($output); }

搭建Harbor企业级docker仓库

99封情书 提交于 2021-01-29 09:24:30
一、Harbor简介 1.Harbor介绍 Harbor是一个用于存储和分发Docker镜像的企业级Registry服务器,通过添加一些企业必需的功能特性,例如安全、标识和管理等,扩展了开源Docker Distribution。作为一个企业级私有Registry服务器,Harbor提供了更好的性能和安全。提升用户使用Registry构建和运行环境传输镜像的效率。Harbor支持安装在多个Registry节点的镜像资源复制,镜像全部保存在私有Registry中, 确保数据和知识产权在公司内部网络中管控。另外,Harbor也提供了高级的安全特性,诸如用户管理,访问控制和活动审计等。 2.Harbor特性 基于角色的访问控制 :用户与Docker镜像仓库通过“项目”进行组织管理,一个用户可以对多个镜像仓库在同一命名空间(project)里有不同的权限。 镜像复制 : 镜像可以在多个Registry实例中复制(同步)。尤其适合于负载均衡,高可用,混合云和多云的场景。 图形化用户界面 : 用户可以通过浏览器来浏览,检索当前Docker镜像仓库,管理项目和命名空间。 AD/LDAP 支持 : Harbor可以集成企业内部已有的AD/LDAP,用于鉴权认证管理。 审计管理 : 所有针对镜像仓库的操作都可以被记录追溯,用于审计管理。 国际化 : 已拥有英文、中文、德文、日文和俄文的本地化版本

Failed to build activemq CMS 3.9.5 with OpenSSL 1.1.1

拥有回忆 提交于 2021-01-29 06:51:50
问题 Readme.txt for ActiveMQ CPP library version 3.9.5 states 1.3 OpenSSL If you wish to use the SSL Transport then you will need to have OpenSSL and its includes installed on your system. We recommend that you use version 1.0.0 or higher for best performance and security, but version from 0.9.8 are also known to work. I'm trying to build activemq cms 3.9.5 with OpenSSL 1.1.1 using Visual Studio project (included into activemq-cpp 3.9.5 distribution) and looks like CRYPTO_malloc_init() is removed
订阅 OpenSSL