Sounds like you want to look into the ocf-linux patchset.
http://ocf-linux.sourceforge.net/
That said, you should realize that even if you have a hardware
crypto accelerator, small encryption blocks will probably be
faster in pure userland due to the penalty of kernel/userland
context switches,
Commenting below.
For better clarification, I have attached the trace of Valgrind on the
Pastebin:
http://pastebin.com/f1e222abd
Here is the last lines
1. ==3290== LEAK SUMMARY:
2. ==3290==definitely lost: 268 bytes in 1 blocks.
3. ==3290==indirectly lost: 66,807
Does the release of 0.9.8j also include the FIPS module support?
(i.e., is this a bug-fix only release, or does this include what you
have been working on for the past few months as well?)
The actual 0.9.8j release announcement stated:
This is the first full release of OpenSSL that can link
Use RAND_egd(/var/opt/prngd/egd-pool)
in whatever program you're compiling to use with OpenSSL.
Just make sure you call that routine before doing any
SSL functions.
-Brad
KING,RICHARD (HP-Boise,ex1) wrote:
OS: HPUX 11
SSL VER: OpenSSL 0.9.6g 9 Aug 2002
Hello,
I'm compiling SSL from source.
My company has had great success with PRNGd. It basically takes
log files, and whatever else it can get its hands on to generate
a pool of random characters...
Anyhow, you can get it from here:
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
It supports about any OS that
? I'm specifically
considering this for Solaris 2.7.
Also, do Apache and/or modSSL have to be compiled at the same bit level
as openSSL or is that a separate decision?
If anyone knows or can direct me to relevent info it is appreciated...
--
-
Brad House
Sr
I don't think this is an appropriate question for this
mailing list, though I will answer your question.
The problem is with dependancies and RPMs ...
The first error you got obviously was because you
already had a previous version of OpenSSL installed.
The second error occurred because there
Well, here it is... Works great for me, passed all tests.
Creates a 64bit OpenSSL package for Solaris using the newly
released GCC 3.1
Just patch and run ./Configure solaris64-sparcv9-gcc31
I'd recommend creating both 64bit and 32bit versions depending
on your project, where for the 64bit
Ok, I looked at the openssl documentation stating that
blowfish accepts a variable key length. But it also says
to use the EVP method of encryption for Applications because
it provides a more generic way to use multiple algorithms, etc...
Anyhow, I can't set a different key length for blowfish
char iv[]={ 1, 2, 3, 4, 5, 6, 7, 8 };
int do_crypt(char *source, long src_len, char *target, char *key)
{
int outlen, tmplen;
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(ctx);
EVP_EncryptInit(ctx, EVP_bf_cbc(), key, iv);
/* let's try to extend the key length used */
But when I comment out the key length line, and truncate the key
so it's only 16 bytes instead of 32, it returns the same ciphertext.
Is it not possible with EVP to change the key size??
I've checked the return code of EVP_CIPHER_CTX_set_key_length, and
everything looks like it should be
from my experience on Mac OS X, you have to move
/usr/lib/*ssl.dylib* and /usr/lib/*crypto.dylib* out of
the library path (because OpenSSL seems to try to link
against those objects instead of the newly created ones)
Then rebuild openssl ... anyhow, that has worked for me
in the past ...
Just
The certs are not hard-coded into IE at all...
While in IE6, go to
Tools-Internet Options
Click on the Content Tab
Click on the Certificates Button
Click on Trusted Root Certificat Authorities
Then select the entire list (click on first one the
shift-click the last one)
And click the export
Or how about using popen ??
you might have to specify an absolute path as well.
-Brad
Grant wrote:
I am trying to execute this command openssl ca -batch -msie_hack -in
req.pem -out crt.pem -config myconf.cnf -key mykey in a PHP sript with
the exec function but the output of the command
14 matches
Mail list logo
