Hello,
since the upgrade from 0.9.8g to 0.9.8h the code below to generate a PKCS12
object failed! I have observed this on linux64 (debian 3.1) and WinXP. The
parameter have not been changed and 'key' is an RSA key.
The code:
ERR_clear_error();
PKCS12 *pkcs12cont = PKCS12_create ((char*)
Hi,
After applying the patch http://cvs.openssl.org/chngview?cn=17196 the problem is
gone!
Any ideas, what has been changed and how I can work around it?
Thanks
__
OpenSSL Project
Kyle Hamilton wrote:
The FIPS certification process is a black box. Literally, it will be
complete when it will be complete, and we can't know until it goes
into final recommendation phase (which is usually the last step before
NIST grants the certification).
If I had to make a guess I'd say
On Wed, May 28, 2008 at 07:55:35PM +1200, Deane Sloan wrote:
Finally - how real is this concern? What is the probability that say a
2048bit generated key could fall into the 32,767 keys in the metasploit
SSH example on unaffected systems?
32,768 = 2^15
number of 2048 bit keys: 2^2048
On Sat, May 31, 2008 at 2:32 PM, Yves Rutschle [EMAIL PROTECTED] wrote:
On Wed, May 28, 2008 at 07:55:35PM +1200, Deane Sloan wrote:
Finally - how real is this concern? What is the probability that say a
2048bit generated key could fall into the 32,767 keys in the metasploit
SSH example on
On Sat, May 31, 2008 at 09:32:54PM +0200, Yves Rutschle wrote:
On Wed, May 28, 2008 at 07:55:35PM +1200, Deane Sloan wrote:
Finally - how real is this concern? What is the probability that say a
2048bit generated key could fall into the 32,767 keys in the metasploit
SSH example on
On Wed, May 28, 2008 at 03:37:06PM -0400, [EMAIL PROTECTED] wrote:
A malicious legitimate client can enforce a ciphersuite not supported by
the server to be used for a session between the client and the server. This
can result in disclosure of sensitive information.
If a malicious client is
