= 0xd464b404
},
The rounds value appears to be bigger. Could someone please advise if the
rounds value could be this big or this is again something junk?
I am still trying to understand the AES algo. Any quick help will be
appreciated.
--
Thanks,
Nilesh
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Wednesday, January 15, 2014 1:56 AM
To: openssl-users@openssl.org
Subject: Re: Deadlock in openssl1.0.1e.
On Tue, Jan 14, 2014, Tayade, Nilesh
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Wednesday, January 15, 2014 6:30 PM
To: openssl-users@openssl.org
Subject: Re: Deadlock in openssl1.0.1e.
On Wed, Jan 15, 2014, Tayade, Nilesh
Yes. The issue is fairly reproducible and takes not more than 10-15mins to
occur.
--
Thanks,
Nilesh
Sent via CanvasHD
Dr. Stephen Henson st...@openssl.org wrote:
On Wed, Jan 15, 2014, Tayade, Nilesh wrote:
Thanks. I have already captured the lock details in an array. Please see
below
of bounds, line=387) at ssl_prf.c:665
#3 0x003c79b49403 in ?? ()
--
Thanks,
Nilesh
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Lee Dilkie
Sent: Tuesday, January 14, 2014 7:25 PM
To: openssl-users@openssl.org
Subject: Re: Deadlock in openssl1.0.1e
in BN_BLINDING_update () from /usr/lib64/libcrypto.so.10
No symbol table info available.
#9 0x003c79b07e56 in BN_BLINDING_convert_ex () from
/usr/lib64/libcrypto.so.10 No symbol table info available.
--
Thanks,
Nilesh
Sent via CanvasHD
the performance numbers?
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
using the low level
aes_cbc_encrypt() function.
Any pointers will be appreciated.
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users
-Original Message-
From: Erwann Abalea [mailto:erwann.aba...@keynectis.com]
Sent: Friday, March 08, 2013 9:44 PM
To: openssl-users@openssl.org
Cc: Tayade, Nilesh
Subject: Re: [openssl-users] Extra bytes before the decrypted data.
It's probably the IV.
Yes, it can be IV.
But I am
, and then encrypt it).
Any advice on this will be appreciated.
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated
, Tayade, Nilesh wrote:
Hi,
I am using the RSA_private_decrypt() function in one of the custom
applications, where we expect the premaster to get decrypted faster.
[...]
The explanation is simple:
The cost of an RSA operation depends on the number of bits in the
exponent used (private
all those numbers.
Appreciate the explanation. Thanks.
So I feel like I should try some hardware for asymmetric decryption, in order
to push the performance.
[...]
Enjoy
Jakob
--
--
Thanks,
Nilesh
__
OpenSSL Project
of these PCI based cards?
If it does not need to be correct, I can make it as fast as you'd
like. We'll start by only allowing eNull and aNull :)
Jeff
--
Thanks,
Nilesh
.
Could someone share any experience on any other products? Any pointers if Intel
provides any RSA APIs which are optimized for Intel CPUs?
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User
, Tayade, Nilesh wrote:
Hi,
I am using the RSA_private_decrypt() function in one of the custom
applications, where we expect the premaster to get decrypted faster.
[...]
The explanation is simple:
The cost of an RSA operation depends on the number of bits in the
exponent used (private
.
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
that RSA_private_decrypt is taking almost 64 mili-seconds to decrypt
the premaster secret.
Did someone observe this? Is there some way I can enhance the performance (like
cache some parameters etc.)?
My machine is:
Intel(R) Xeon(R) CPU E5440 @ 2.83GH with Linux-2.6.22.
--
Thanks,
Nilesh
-Original Message-
From: Florian Weimer [mailto:fwei...@redhat.com]
Sent: Friday, December 21, 2012 5:58 PM
To: openssl-users@openssl.org
Cc: Tayade, Nilesh
Subject: Re: RSA_private_decrypt function takes longer time.
On 12/21/2012 01:13 PM, Tayade, Nilesh wrote:
I am using
is HMAC-SHA256 implemented?
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
premaster length.
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
...@openssl.org On Behalf Of Tayade, Nilesh
Sent: Wednesday, 22 August, 2012 16:13
[...]
Only for RSA key-exchange (which is the most commonly used).
For DH* and ECDH* suites ClientKeyExchange is quite different.
(Not to mention Kerberos or PreShared.)
[...]
If I am correct, the length depends upon
on Linux in recent OpenSSL versions?
If this is the case, how do we confirm if libcrypto is compiled with
multithreading support?
Machine details: x86_64 with Linux-2.6.39 and OpenSSL-1.0.0g.
--
Thanks,
Nilesh
__
OpenSSL Project
Hi,
Could someone please confirm if RSAPrivateKey_dup() function allocates a new
rsa structure instance while duplicating the existing one?
This is just to ensure I free the pointer if it this function allocates it.
--
Thanks,
Nilesh
at 6:12 PM, Tayade, Nilesh
nilesh.tay...@netscout.com wrote:
Hi,
[...]
I see that the error it is trying to give is related to Padding check
failure.
1. How to decide the padding? By default I keep it to
RSA_PKCS1_PADDING always in RSA_private_decrypt().
2. Is there no graceful way
Hi,
Could someone please point me to the link where I can download
OpenSSL-1.0.0g-fips?
On http://www.openssl.org/source/, I see only OpenSSL-1.0.0g. To get '-fips' do
I need to apply any patch?
--
Thanks,
Nilesh
__
OpenSSL
, Nilesh wrote:
Hi,
Could someone please point me to the link where I can download
OpenSSL-1.0.0g-fips?
On http://www.openssl.org/source/, I see only OpenSSL-1.0.0g. To get
'-fips' do I need to apply any patch?
There has never been an official 1.0.0*-fips version of OpenSSL. I
believe
Hi,
I am seeing a core dump in RSA_check_key() function. The backtrace is as below.
I am unable to understand what is causing the issue. The core dump is
intermittent (not always reproduced).
Could someone please provide any pointers if I am missing any check?
--
Thanks,
Nilesh
P.S.
The code
?
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
// This is my function.
Could someone please confirm if this is a known issue?
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users
code attached and point out
any obvious mistake, if present?
P.S. Please ignore any missing error handling in code, I am still trying
to get code working. And still trying to debug it.
--
Thanks,
Nilesh
#include stdio.h
#include stdlib.h
#include openssl/rsa.h
#include openssl/aes.h
#include
.
Could someone please explain if compression operation is configurable
option on Server? Is it not always present?
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
On Tuesday 17 January 2012 04:13 PM, Jakob Bohm wrote:
On 1/17/2012 11:27 AM, nilesh wrote:
Hi,
As per the RFC2246, the data might be compressed and then encrypted.
And the decryption function does the reverse operations.
But when I setup server to capture SSL3.0 and TLS1.0 traces, I have
, nilesh wrote:
[...]
Could someone please explain if compression operation is configurable
option on Server? Is it not always present?
1. I think OpenSSL implements this feature, but I don't know
how a server and client might request it from the OpenSSL code.
2. Most protocols
why this happens? Shouldn't the recent
version be compatible with older ones?
--
Thanks,
Nilesh
#include openssl/rsa.h
#include openssl/aes.h
#include openssl/md5.h
#include openssl/sha.h
#include string.h
#include time.h
#include sys/time.h
void sec_hash_48(unsigned char * out, unsigned char
, sizeof(outbuf));
RC4(sch, 399, inbuf, outbuf);
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
] - client MAC
key_block[16..31] - server MAC
key_block[32..48] - client Write key
key_block[49..64] - server Write key
Please see the test code attached (please pardon the code formatting).
--
Thanks,
Nilesh
#include openssl/rsa.h
#include openssl/rc4.h
#include openssl/md5.h
#include openssl/sha.h
On Tuesday 01 November 2011 04:18 PM, nilesh wrote:
Hi,
I am a newbie in the cryptography area and learning by writing some test
code.
I have setup the apache server and capturing packets using wireshark.
I have a query specific to RC4. With the given server private key, I am
able to generate
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of re.est
Sent: Tuesday, November 01, 2011 7:52 PM
To: openssl-users@openssl.org
Subject: Re: About RC4 decryption.
On 11/01/2011 06:48 PM, nilesh wrote:
[...]
What exact
, how to set the rc4 key.
In your example the key is some random value and XOR'ed twice to get
decrypted data.
In my case I have derived the key material, but the decryption is failing.
--
Thanks,
Nilesh
__
OpenSSL Project
these values (or atleast one of
these values Xa or Xb)? If I host the apache
server (for https) on my machine, is there a specific location where
these values are stored or logged (at least till
the time it completes the key calculation)?
Appreciate any advice.
--
Thanks,
Nilesh
On Friday 14 October 2011 07:36 AM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of nilesh
Sent: Thursday, 13 October, 2011 09:17
[...]
But is there any chance for us to know these values (or
atleast one of
these values Xa or Xb)? If I host the apache
server (for https
TLS_KRB5_WITH_3DES_EDE_CBC_SHA
TLS_KRB5_WITH_RC4_128_SHA
TLS_KRB5_WITH_3DES_EDE_CBC_MD5
TLS_KRB5_WITH_RC4_128_MD5
TLS_KRB5_EXPORT_WITH_RC4_40_SHA
TLS_KRB5_EXPORT_WITH_RC4_40_MD5
--
Thanks,
Nilesh
__
OpenSSL Project
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Richard Könning
Sent: Wednesday, October 12, 2011 7:20 PM
To: openssl-users@openssl.org
Subject: Re: Regarding cipher suites in SSLv3.
Am 12.10.2011 15:29, schrieb nilesh:
Hi,
I am writing
.
[...]
Best Regards,
-G
--
Thanks,
Nilesh
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
On Wednesday 12 October 2011 02:44 AM, Dave Thompson wrote:
From: owner-openssl-us...@openssl.org On Behalf Of nilesh
Sent: Monday, 10 October, 2011 07:35
I have an issue related to RSA decryption while using https.
I have setup a dummy https server and captured packets on wireshark.
If you
to this list. Please
redirect me to correct list, if so.
--
Thanks,
Nilesh
#include openssl/rsa.h
#include openssl/aes.h
#include openssl/md5.h
#include openssl/sha.h
#include openssl/err.h
#include string.h
#include time.h
#include sys/time.h
#include digest.h
#include errno.h
unsigned char
Hi,
I have few queries regarding OpenSSl 0.9.8 :
1. Does it have 64-bit support? If not, which version(s) support
64-bit arch?
2. RHEL version(s) supported
3. GCC version(s) supported
Thanks and regards,
Nilesh
Hi,
I have a few queries regarding OpenSSL 1.0.0d
1. RHEL version(s) supported
2. GCC version(s) supported
3. Is there 64-bit support?
Thanks and Regards,
Nilesh
--
This message w/attachments
Hi,
We are interested in testing FIPS + DTLS. Can we test DTLS + FIPS ?
--Nilesh.
Stratacache Inc.(Santa Clara Office)
Systems Architect
O: 408-844-9810(2110)
M: 408-202-5401
- Original Message -
From: Steve Marquess marqu...@opensslfoundation.com
To: openssl-...@openssl.org
outside US we have to be compatible with encrytion key length requirement which I think is 56 bit maximum.
We do NOT modify OpenSSL library we just use API library call.
Whatare we supposed to do in order to make our product US Export compliant ?
--Nilesh.
Do you Yahoo!?
Yahoo! Mail Address
Thank for the reply.
I did not mean to get legal advice from a maling list but wanted to know general
ideaas to normally US companies who export their products"dothey need to configure openssl specially so that it uses only EXPORT ciphers" ?
--Nilesh.Rich Salz [EMAIL PROTECTED] wrote:
We are
Hello Gurus ,
I'm facing one typical problem while configuring openssl-0.9.6b on RedHat linux 7.1 ,
kernel 2.4.2-2.
I have successfully configured and installed openssl-0.9.6b, mod_ssl-2.8.7-1.1.3.23
and Apache_1.3.23 on Redhat linux 7.2 , kernel 2.4.7-10. It is also working
properly.
How are you ?
When I saw this screen saver, I immediately thought about you
I am in a harry, I promise you will love it!
attachment: gone.scr
Hi,
I went to VeriSign site to get a trial certificate.
They gave me .crt certificate file. When I use that
file as an input to the function
SSL_CTX_use_certificate_file
What type should I give as a third parameter. I gave
SSL_FILETYPE_PEM. But it does not work.
Any hints...
-- nilesh
());
It only works for SSLv2 requests..
Could anybody tell me what am I missing
-- Nilesh
__
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com
55 matches
Mail list logo