RE: crypto library in openssl

2008-03-12 Thread Mosteika, Paul Edward (OpenVMS Engineering)
Also I see the algorithm DESCBC - a block cipher. So padding is also involved for blocks not multiples of 8 characters. Do you account for this? I didn't check if you do. Possibly use a stream cipher mode with an IV. paul -Original Message- From:

RE: OPENSSL calls from java

2008-01-29 Thread Mosteika, Paul Edward (OpenVMS Engineering)
Hi, Try Eric Rescorla's SSL and TLS book - the appendix has some Java code. Paul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Tuesday, January 29, 2008 11:54 AM To: openssl-dev@openssl.org Subject: Re:

RE: [openssl.org #1371] Memory corruption (buffer overrun) in AES Cipher Block Chaining mode

2006-08-08 Thread Mosteika, Paul Edward (OpenVMS Engineering)
If encryption buffer size is not a multiple of the block size (in AES that's always 16 bytes)... Have you tried other modes? For the stream cipher modes, CFB and OFB, this statement is not true. It should only encrypt the number of characters (or bits) of plain text presented.

RE: AES CTR mode implementation

2005-07-08 Thread Mosteika, Paul Edward (OpenVMS Engineering)
Hi, RFC 3686 is specific to IPSEC and using AES-CTR as the algorithm for their encapsulated security payload. To me, the RFC indicates a 32 bit counter (when all they really need is 28 bits) to handle the IPV6 jumbogram. From the RFC 3686: . . . Block Counter The block counter field

RE: stale buffer contents question

2004-10-26 Thread Mosteika, Paul Edward (OpenVMS Engineering)
Hi, Can you use the OPENSSL S_SERVER or S_CLIENT commands, depending on which part of your program you want to use or see, and using -debug -msg -state parameters with these client or server programs, see the data you are looking for in the protocol exchange? The flush... Depends on processing

RE: openssl 0.9.7d as an security risk

2004-10-15 Thread Mosteika, Paul Edward (OpenVMS Engineering)
Hi, I just tripped across this same problem yesterday. Which modules is it? I'd like to fix this for OpenVMS. Paul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of dalini Sent: Thursday, October 14, 2004 7:17 PM To:

RE: openssl 0.9.7d as an security risk

2004-10-15 Thread Mosteika, Paul Edward (OpenVMS Engineering)
. Paul -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ives Steglich Sent: Friday, October 15, 2004 9:56 AM To: [EMAIL PROTECTED] Subject: Re: openssl 0.9.7d as an security risk Mosteika, Paul Edward (OpenVMS Engineering) wrote: Hi, I just

RE: build ssl dll

2004-10-15 Thread Mosteika, Paul Edward (OpenVMS Engineering)
Title: Message Hi, Goto the Sources http://www.openssl.org/source/, pull down the kit, expand it and look at : INSTALL.W32 Paul -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Liying AiSent: Friday, October 15, 2004 4:36 PMTo: