Hi list,
when I use OpenSSL I suspect some funny business going on with the HMAC
computation of openssl dgst command line tool. Consider:
$ echo -n foobar | openssl dgst -sha256 -hex -hmac aabbcc
(stdin)= 6e74cdc3b72b8b66535b914357c7d656a22acbb1700b4e6de688fd5c091d305c
But
#include stdio.h
i is an abbreviation for internal, meaning OpenSSL's internal format.
2 means to.
d means DER.
b means blob, and refers to a key blob format used by Microsoft. (That's
based on the OpenSSL source code; I haven't looked into the actual provenance
of this blob format.)
It appears the key blob
On Tue, Feb 03, 2015, jan.w...@ptb.de wrote:
This check fails for some of our certificates and the reason is that
openssl adds a padding byte for BIGNUMs in crypto/asn1/x_bignum.c if the
MSB is set. Our encoding does not contain these padding bytes and,
consequently, the re-encoded
I am trying to get OpenSSL to build for Windows Embebbed Compact 7 using
Visual Studio 2008. Is there a write up some wheres that I have missed for
doing this? I am having troubles finding much of anything in the way of
support for doing this.
___
On 03.02.2015 10:00, Johannes Bauer wrote:
when I use OpenSSL I suspect some funny business going on with the HMAC
computation of openssl dgst command line tool. Consider:
Damn, I'm sorry. Forgot to include the version:
OpenSSL 1.0.1f 6 Jan 2014
Regards,
Johannes
I am building openssl 1.0.2 on a number of platforms, and I am having
problems on a virtual Solaris 11.0 machine running on a Sparc T4.
The code builds fine, but the evp_test core dumps.
Here are the last lines of output from the command (test/evp_test
test/evptests.txt):
Testing cipher
Hi list,
when I use OpenSSL I suspect some funny business going on with the HMAC
computation of openssl dgst command line tool. Consider:
$ echo -n foobar | openssl dgst -sha256 -hex -hmac aabbcc
(stdin)= 6e74cdc3b72b8b66535b914357c7d656a22acbb1700b4e6de688fd5c091d305c
But
#include stdio.h
On 03.02.2015 10:00, Johannes Bauer wrote:
when I use OpenSSL I suspect some funny business going on with the HMAC
computation of openssl dgst command line tool. Consider:
Damn, I'm sorry. Forgot to include the version:
OpenSSL 1.0.1f 6 Jan 2014
Regards,
Johannes
Hi,
we have noticed that with the latest Debian wheezy-security update of the
libssl1.0.0 package sudenly the verification of some of our ECDSA-signed
certificates failed.
I've looked into this and I've traced it down to the following patch
$ echo -n foobar | openssl dgst -sha256 -hex -hmac aabbcc
(stdin)= 6e74cdc3b72b8b66535b914357c7d656a22acbb1700b4e6de688fd5c091d305c
This gets posted every once in a while -- google around. Something
about the hmac switch not doing what you think it's doing.
$ echo -n foobar | openssl dgst
On 03.02.2015 11:16, Billy Brumley wrote:
$ echo -n foobar | openssl dgst -sha256 -hex -hmac aabbcc
(stdin)= 6e74cdc3b72b8b66535b914357c7d656a22acbb1700b4e6de688fd5c091d305c
This gets posted every once in a while -- google around. Something
about the hmac switch not doing what you think it's
Hello.
I see many functions have prefixes: i2d_ d2i_ b2i_ i2b_
For example:
i2d_PublicKey
i2d_PrivateKey
d2i_PublicKey
d2i_PrivateKey
b2i_PublicKey
b2i_PrivateKey
i2b_PublicKey_bio
i2b_PrivateKey_bio
I think these letters: 'i', 'd', 'b' have some meaning. Can somebody help me to
I have found some info and now some questions more clear for me. But still have 2 questions... i2d_ functions write the DER representation of the object into a buffer.d2i_ functions read the DER representation of the object from a buffer and creates the appropriate object in memory. 1. What is
On Tue, Feb 03, 2015, jan.w...@ptb.de wrote:
This check fails for some of our certificates and the reason is that
openssl adds a padding byte for BIGNUMs in crypto/asn1/x_bignum.c if the
MSB is set. Our encoding does not contain these padding bytes and,
consequently, the re-encoded
Hello everybody,
today i tried to rework the cipher suites of my system and I wanted to
integrate the Camellia HMAC-Based ciphersuites from RFC6367, extending TLS
v1.2. I tried to find out, which ciphers are supported within the newest
openssl version 1.0.1l, but openssl did not have any
i is an abbreviation for internal, meaning OpenSSL's internal format.
2 means to.
d means DER.
b means blob, and refers to a key blob format used by Microsoft. (That's
based on the OpenSSL source code; I haven't looked into the actual provenance
of this blob format.)
It appears the key blob
Hi Steve,
thanks a lot for your quick response and for the clarification.
Von: Dr. Stephen Henson st...@openssl.org
The MSB is effectively a sign bit but the explanation in the standard
isn't
very clear. If you take your example of GTS001.pem and do:
openssl asn1parse -in GTS001.pem
CVE-2014-3570 is fixed in 0.9.8ze. Does the BN_sqr implementation in FIPS
Object Module 1.* also need to be fixed?
If I run 0.9.8ze on FIPS mode with using FIPS Object Module 1.x, am I
vulnerable to the CVE-2014-3570 attacks?
___
openssl-users mailing
I am trying to get OpenSSL to build for Windows Embebbed Compact 7 using
Visual Studio 2008. Is there a write up some wheres that I have missed for
doing this? I am having troubles finding much of anything in the way of
support for doing this.
___
As we've already said, we are moving to making most OpenSSL data
structures opaque. We deliberately used a non-specific term. :)
As of Matt's commit of the other day, this is starting to happen
now. We know this will inconvenience people as some applications
no longer build. We want to work with
Hi, Michael. Thank you very much for your answer. Now it's clear. 03.02.2015, 16:08, "Michael Wojcik" michael.woj...@microfocus.com:Lots of things in OpenSSL aren't documented. It's not strange at all - programmers tend to write code first, documentation second (or later). This is true of a great
Hi, Viktor. 02.02.2015, 18:04, "Viktor Dukhovni" openssl-us...@dukhovni.org:It should be sufficient for the server to send its close notifywithout waiting for a client response. If the server destroys theSSL connection without calling SSL_shutdown() I am not sure whetherthe session remains
22 matches
Mail list logo
