Re: RFC 2246

Hello, Output from attached code: admin# ./mcl_tls1_PRF 0x8b 0x13 0xc7 0x58 0xc3 0x4f 0x99 0x3a 0x18 0x7d 0x29 0x45 0xed 0x5b 0x69 0x1d Best Regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 04/11/2013 09:48:51 PM: Sergei Gerasenko ser

Re: RFC 2246

code: admin# ./mcl_tls1_PRF 0x8b 0x13 0xc7 0x58 0xc3 0x4f 0x99 0x3a 0x18 0x7d 0x29 0x45 0xed 0x5b 0x69 0x1d Best Regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 04/11/2013 09:48:51 PM: Sergei Gerasenko ser

Re: SSL_CTX_new() failing when i try to do connect the server third time.

Hello, # openssl errstr 140A90F1 error:140A90F1:SSL routines:SSL_CTX_new:unable to load ssl2 md5 routines Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 04/22/2013 06:00:37 PM: Venkataragavan Vijayakumar venkataragava...@gmail.com Sent

RE: RSA_verify problem

only decryption by creating buffer with all bytes set to 1: /* prepare encrypted data */ enc_len = RSA_size(rsa_pub); memset(enc_bin, 1, enc_len); In your situation, you should put real data here. Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: Which folder and source files required to port for work on SSL

designed for easy porting and small resource usage (MatrixSSL is an example) Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List

Re: install openssl from source while rpm is their on RHEL 4

of the libraries which the previous server has installed ? or will it install all components inside --prefix directory. make install will install libraries inside --prefix Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project

Re: install openssl from source while rpm is their on RHEL 4

: --prefix=/usr/local/openssl-0.9.8g Then, feature/past versions may be installed in its own directory and you be able to switch between them. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project

Re: openssl server + smart card

. You may use smartcard if TLS server requires client verification, then your (client) private key from smartcard is used to prove your identity. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project

Re: openssl server + smart card

your identity. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List

Re: OpenSSL wants to read on connection?

connection callback: /* callback for connection information on SSL/TLS session negotiation */ SSL_CTX_set_info_callback(ctx, tls_connection_info_cb); Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project

Re: Problem with encrypting using ofb

-in c:\o penssl\encrypted_data.enc -k/-iv 0123456789abcdef0123456789abcdef/1234567890abcd ef - 8 unknown option '-k/-iv' Try: ... -k 0123456789abcdef0123456789abcdef -iv 1234567890abcd ... Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: enc-aes-cbc and enc-aes-ecb

benefit. Look at PKCS#5 document (especially PBKDF2 function), this function is implemented in OpenSSL as PKCS5_PBKDF2_HMAC_SHA1() function. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project

Re: key iv generation?

regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Re: i2d_ASN1_INTEGER definition in src code

../crypto/asn1/tasn_typ.o:1060 T d2i_ASN1_INTEGER $ cd ./crypto/asn1/ $ gcc -E tasn_typ.c | grep d2i_ASN1_INTEGER | indent Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http

Re: footprint of openssl

then this is practically not possible (or very complicated) and result may be not satisfied. All what you may try is to use some defines to disable some crypto algorithms. Look at source code for NO_ preprocessor definitions. Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: generating CSR

to openssl req ... command. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated

Re: OpenSSL trusted root store

for end users. You should contact application/system developers which distribute such root certificates in its own products (browsers, linux systems, ...). After new installation (from source) of OpenSSL or MatrixSSL no new certificates appears in any application/system. Best regards, -- Marek

Re: How to use the HMAC() function

covert byte to hex form). Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated

Re: OpenSSL Error

[EMAIL PROTECTED] digestclient.obj : error LNK2001: unresolved external symbol [EMAIL PROTECTED] Add -lcrypto -lssl libraries to linking process. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project

Re: No Shared Cipher

ciphers -v 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH' and next you may build your own ciphers list. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support

Re: OpenSSL client through proxy

Hello, I have to connect to my OpenSSL server through proxy server. How can I establish this connection? Establish tcp connection through proxy (connect, socks5, transparent, reverse or any other) and next run SSL on this tcp connection. Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: Help regarding error

to `BN_new' p192.c:(.text+0x5c): undefined reference to `BN_set_word' p192.c:(.text+0x71): undefined reference to `PEM_write_DHparams' collect2: ld returned 1 exit status Add -lcrypto to gcc command. Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: cipher algorithms

of chosen ciphersuite. Look at: $ openssl ciphers -v Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users

RE: cipher algorithms

regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Re: Doubt about the PKCS5_PBKDF2_HMAC_SHA1() function

receive the same result on both sides? Yes. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users

Re: Problem in openssl Master key Generation

for negotiations SSL3 or TLS1 (only one handshake packet). Best regards, -- Marek Marcola [EMAIL PROTECTED]

Re: querry about content of the RSA key file

Hello, I need to know the content of RSA key files (private and public both). is there any header that we write in these files? what all parameters(n,e,d,p,q) are written in each file? RSA key is encoded with ASN.1. Look at PKCS#1 specification for details. Best regards, -- Marek

Re: Salted password generation/digest

developer can pass a password and as a result he becomes a password of the specified length? Try: PKCS5_PBKDF2_HMAC_SHA1() Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http

Re: Problems about how to store private key safely

private key, is it possible for other persons to steal and decrypt that key. Or do you have more feasible ways to implement it? Smartcards. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project

Re: SHA support

fine. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Re: What scenario will cause openssl can't send client hello request?

while initializing OpenSSL library, creating client_hello packet is another. Log files may answer your question. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http

Re: SHA support

transformations) is truncated to 224 bytes. SHA384 uses the same algorithm as SHA512 but with different init constants witch initiates 8 64-bit state variables and output (8 64-bit state variables after transformations) is truncated to 384 bytes. Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: 3DES encryption how to

algorithm i m confused which is the way to go ..using ciphers EVP apis like EVP_des_ede3_cbc() or built in custom functions like DES_ede3_cbc_encrypt() Use EVP with EVP_des_ede3_cbc() - high level API. DES_ede3_cbc_encrypt() is low level API Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: Salted password generation/digest

becomes a password of the specified length. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users

Re: openssl performance

instead of DES3, its faster. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated

Re: What is wrong with this code?

: Encrypting... std::endl; AES_cbc_encrypt(fbuf_in, fbuf_out, len, m_encrypt_ctx, m_iv, AES_ENCRYPT); std::cout aes::encrypt_file: Writing... std::endl; out.write((char *)fbuf_out, len); } } Best regards, -- Marek Marcola [EMAIL PROTECTED

RE: CRYPTO_add_lock() segmentation fault (core dump included)

(mutex_buf[i]); } Maybe changing i to i++ may help. free(mutex_buf); mutex_buf = NULL; return 0; } Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http

Re: Problem with SSL_CTX_use_certificate_ASN1

regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Re: SSL_connect failing with error -1

(), SOAP_SSL_ERROR); soap-fclosesocket(soap, fd); return SOAP_INVALID_SOCKET;** My program is returning from here. Try to initialize SSL library with SSL_library_init() first. Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: Problem with SSL_CTX_use_certificate_ASN1

is wrong with SSL_CTX_use_PrivateKey_ASN1 ? Try EVP_PKEY_RSA for RSA key instead of SSL_FILETYPE_ASN1. Is the OP's file a private key or an X.509 certificate? Line: fp = fopen(../keys/prkey.der, r); suggest that this is private key. Best regards, -- Marek Marcola [EMAIL PROTECTED]

Re: Problem with SSL_CTX_use_certificate_ASN1

() OR SSL_CTX_use_certificate_ASN1() Yes, indeed. According to OP second function works (after conversion). But first function has bad key type specified. I think that output from command: $ openssl asn1parse -in pekey.der -inform der may be very helpful in this case. Best regards, -- Marek

Re: SSL_connect failing with error -1

informative. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Re: SSL_connect failing with error -1

my client server people are working of the certificate, so that will be sorted out in meantime. Try something like: SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL); Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL

Re: Hash input and output

don't get the expected output. Did I miss something? Expression above looks good, but there is too little information of real implementation to say something reasonable. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL

Re: Hash input and output

the output of the second SHA1 is not the same when I run the program several times. But I think the problem is in the m1 storing, but I don't know how to resolve that. Best regards, -- Marek Marcola [EMAIL PROTECTED]

Re: Can PEM_read_RSAPublicKey() load public key from private key ?

Hello, One thing I will conform you is we can not get public key from a private key . I do not remember where i studied , but it is true. So do not try to get a public key from private key. This is not true. Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: Public key from a x509v3 certificate

to hexadecimal thanks to : cout setw(2) setfill('0') right hex (int) key-data[c]; ) 30:82:01:0A:02:82:01:01:___the_public_key___:02:03:01:00:01 How can i get only the public key ? Try X509_get_pubkey(). Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: DER encoding SubjectPublicKeyInfo

= 0x10 which gives you 0x30 Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated

Re: question about RSA in openSSL

. if(!BN_GENCB_call(cb, 2, n++)) goto err; } Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User

Re: s_client GET request

: */*\r\n It would have any other apps I can do this test? You may use wget (with ssl support compiled in) instead. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http

Re: d2i_DSAPrivateKey defination

-name *.o | grep d2i_DSAPrivateKey dsa_asn1.o:01c0 T d2i_DSAPrivateKey $ gcc -E dsa_asn1.c | grep d2i_DSAPrivateKey Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http

RE: Building OpenSSL without Crypto Support

not need any software algorithms which comes with OpenSSL. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List

Re: No error messages on Linksys Openwrt

:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List

Re: newbie: problem + RSA

bit RSA key. - add SSL_load_error_strings() and SSL_library_init(). Best regards, -- Marek Marcola [EMAIL PROTECTED] :��IϮ��r�m (Z+�K�+1���x��h[�z�(Z+���f�y���f���h��)z{,���

Re: Help with UNICODE md5...

variable: $ ZZ=`cat /tmp/zz.txt` $ echo $ZZ | openssl md5 611af9d8272a34478514927b922f53b6 but when printing ZZ without new line: $ echo -n $ZZ | openssl md5 8aa2b617944427353697e694a2e35a07 Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: Need help on OpenSSL error

or not. You should consider also that data encrypted with private key may by decrypted by anyone with public key (if public key is really public). Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project

Re: ldaps client and oracle internet directory

routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:562: Try to add -debug -msg -state flags to this command to get more verbose output. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project

RE: ldaps client and oracle internet directory

, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL

Re: OPENSSL Problem

Best regards, -- Marek Marcola [EMAIL PROTECTED]

Re: Difference in packet contents

with encrypted contents. If you look at packets dump, you will see ChangeCipherSpec packet Finished packet. All packet after ChangeCipherSpec should use encryption, this is something like switch witch turn on encryption. So, Finished packet should be decrypted before analysed. Best regards, -- Marek

Re: Difference in packet contents

puts handshake header and data, add MAC and PAD, encrypt this, encapsulate encrypted data with 5 byte protocol header and sent to peer: protocol_header, {handshake_header,handshake_data,MAC,PAD} ^^ ENCRYPTED Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: From RSA to string and compare problem

from another pem file and return, comparing keys, is are egual or not. What about just reading your .pem file with simple read() to char table and send this to server ? Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL

Re: How-To encrypt using rsautl ??

for PKCS1). Because of this RSA encryption is not use for encryption whole files but for encryption symmetric keys (for AES or DES) that encrypt files with symmetric algorithm. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL

Re: From RSA to string and compare problem

regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Re: R: From RSA to string and compare problem

encoded data. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Re: Decrypting Fragmented packets

but will break MAC (message authentication code) because when MAC is calculated implied message number is used. When you merge this packet - one packet will be lost in this calculation. Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: Decrypting Fragmented packets

last block padding. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List

Re: Creating RSA key from given prime numbers

) this is not possible. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Re: OpenSSL support for RFC2898 / PBKDF2

openssl function should be used to derive a key in a compliant way. Does openssl support RFC2898, and if so, what function should I be looking at? PKCS5_PBKDF2_HMAC_SHA1() Best regards, -- Marek Marcola [EMAIL PROTECTED

Re: OpenSSL support for RFC2898 / PBKDF2

by keylen? Yes, example attached. What is the meaning of the int that this function returns? This function always returns 1. Best regards, -- Marek Marcola [EMAIL PROTECTED] pkcs5.c Description: Binary data

Re: How to use a hardware RNG with openssl?

genrsa as openssl genrsa -rand /dev/qrandom 2048 ? I am not shure about the role of /dev/urandom: does it deliver a (pseudo) random number or the salt for the PRNG? Salt (32 bytes) for the PRNG Best regards, -- Marek Marcola [EMAIL PROTECTED

RE: .der to .crt file conversion

-out crt.der $ openssl x509 -in crt.der -inform der -text -noout Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List

Re: Installation Steps for OpenSSL on AIX Unix

/tmp/sw/openssl all Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List

Re: how to trace aes quickly?

, -- Marek Marcola marek.marc...@malkom.pl __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Re: build openSSL for an embedded system without an OS

needed for Montgomery method may are not required (bn_mont.c). The most complicated part is to properly define header files depending on you platform architecture (8bit/16bit/32bit). Best regards, -- Marek Marcola marek.marc...@malkom.pl

Re: Which version of SSL is supported in OpenSSL 0.9.7e

Hello owner-openssl-us...@openssl.org wrote on 02/19/2009 08:30:04 PM: We are using OpenSSL 0.9.7e and would like to know if it supports SSL 3.0? Yes. Best regards, -- Marek Marcola marek.marc...@malkom.pl __ OpenSSL Project

Re: hash chaine

Hello, Use RAND_bytes(). This function uses hashes for you. Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 02/26/2009 07:59:14 PM: hello i want to create a some random values (N values )using SHA1, ( like lamport authentication protocol

Re: Secure Command Line MAC Computation

already. admin# echo 100 /tmp/p.txt admin# sleep `cat /tmp/p.txt` [1] 21988 admin# ps -ef | grep sleep | grep -v grep root 21988 3150 0 22:29 pts/000:00:00 sleep 100 Best regards, -- Marek Marcola marek.marc...@malkom.pl

Re: RSA_private_decrypt without e and d

) dmq1= d mod (q?1) iqmp = q^?1 mod p you have recomputed. You do not need d on the receiving site if you have this parameters. Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 02/24/2011 05:48:19 AM: Victor Duchovni victor.ducho

Re: RSA_private_decrypt without e and d

Hello, Try to disable RSA blinding with: RSA_blinding_off(new_key); before RSA_private_decrypt(). Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 02/24/2011 03:46:53 AM: Shaheed Bacchus (sbacchus) sbacc...@cisco.com Sent by: owner

RE: RSA_private_decrypt without e and d

Hello, Remember, you do not need to recover this parameters to decrypt message. Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 02/24/2011 05:19:30 PM: Shaheed Bacchus (sbacchus) sbacc...@cisco.com Sent by: owner-openssl-us...@openssl.org

RE: RSA_private_decrypt without e and d

routines:RSA_EAY_PRIVATE_DECRYPT:internal error You can experiment. Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 02/24/2011 10:30:17 PM: Shaheed Bacchus (sbacchus) sbacc...@cisco.com Sent by: owner-openssl-us...@openssl.org 02/24/2011 10:32 PM Please respond

Re: How to retrieve error about private key loading.

Hello, Maybe you may try something like this: int log_err(void) { char buf[256]; u_long err; while ((err = ERR_get_error()) != 0) { ERR_error_string_n(err, buf, sizeof(buf)); printf(*** %s\n, buf); } Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us

Re:Re: How to retrieve error about private key loading.

Hello, Agree, or even: SSL_load_error_strings(); Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 02/25/2011 03:10:45 PM: lzyzizi lzyz...@126.com Sent by: owner-openssl-us...@openssl.org 02/25/2011 03:13 PM Please respond

Re: Query in EVP_PKEY_cmp for a particular value of .crt and .key

... and check if output maches. Best regards, -- Marek Marcola marek.marc...@malkom.pl __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org

Re: Query in EVP_PKEY_cmp for a particular value of .crt and .key

also test this files using simple openssl ssl server: 1) Run server on one terminal $ openssl s_server -accept 1212 -key key.pem -cert crt.pem -debug -msg 2) Connect to server from another terminal $ openssl s_client -connect localhost:1212 -debug -msg Best regards, -- Marek Marcola

Re: Query in EVP_PKEY_cmp for a particular value of .crt and .key

Hello, I'm sure you know that but just to remind: After sending to the list the output of command: $ openssl rsa -in server.key -text -noout you can not use this key (and certificate) for production. Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org

Re: SSL error: SSL error code 336151528 (a seemingly rare error/bug?)

Hello, $ echo obase=16;336151528 | bc 140943E8 $ openssl errstr 140943E8 error:140943E8:SSL routines:SSL3_READ_BYTES:reason(1000) Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 03/27/2012 01:09:56 AM: Blake Mizerany blake.mizer...@gmail.com

Re: How to do encryption using AES in Openssl

/Block_cipher_modes_of_operation Example of using AES_cbc_encrypt() attached (pay attension of block padding). Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 03/28/2012 09:01:25 AM: Prashanth kumar N prashanth.kuma...@gmail.com Sent by: owner-openssl

Re: OpenSSL 1.0.1 handshake timeout

Hello, Try some test connections: # openssl s_client -connect hostname:443 -debug -msg # openssl s_client -connect hostname:443 -debug -msg -bugs Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 03/28/2012 06:02:01 PM: James Earl ja

Re: How to do encryption using AES in Openssl

Hello, Maybe attached simple example will help. Use: # gcc -o evp_enc evp_enc.c -lcrypto # cat /etc/group | ./evp_enc Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 03/28/2012 09:02:59 AM: Prashanth kumar N prashanth.kuma...@gmail.com

Re: How to do encryption using AES in Openssl

). After decryption remove last 8 bytes (filed with value 8). For printf() you may fill this last 8 bytes to 0. Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 03/29/2012 04:02:17 PM: Prashanth kumar N prashanth.kuma...@gmail.com Sent by: owner

Re: AES-256 Implementation and OpenSSL

for learning but not in real life. Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 04/02/2012 05:09:57 PM: Theodore Tolstoy filaho...@gmail.com Sent by: owner-openssl-us...@openssl.org 04/02/2012 05:11 PM Please respond to openssl-users

Re: no shared cipher

is 2048 bit Secure Renegotiation IS supported Compression: zlib compression Expansion: zlib compression SSL-Session: Protocol : TLSv1 Cipher: RC4-SHA Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 04/06/2012 06:17:38 PM: crk c

Re: no shared cipher

Hello, Maybe there is library initialization problem, try to add: SSL_load_error_strings(); SSLeay_add_ssl_algorithms(); Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 04/06/2012 07:06:22 PM: crk c...@crook.de Sent by: owner-openssl-us

Re: ECC generate public key with given private key

*G using chosen EC curve. Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 04/14/2012 12:32:22 PM: opensshelpmeplz okayh...@mailinator.com Sent by: owner-openssl-us...@openssl.org 04/15/2012 02:24 PM Please respond to openssl-users

Re: Looking for (easy) help.

aes-256-cbc -in enc.bin -K 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -iv 000102030405060708090A0B0C0D0E0F -d marek I other words, when you prepare source buffer for excryption you shoud manualy pad this data. Best regards, -- Marek Marcola marek.marc...@malkom.pl

RE: Looking for (easy) help.

Hello, Do not pad with spaces, look at: http://en.wikipedia.org/wiki/Padding_%28cryptography%29 Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 05/11/2012 11:08:52 PM: scott...@csweber.com Sent by: owner-openssl-us...@openssl.org 05/11

Re: Are those TLS-SRP cipher suites supported?

Hello, $ openssl version OpenSSL 1.0.0 29 Mar 2010 $ openssl ciphers -V Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 05/13/2012 12:57:40 PM: Krzysztof Jercha nefa...@gmail.com Sent by: owner-openssl-us...@openssl.org 05/14/2012 01:46 PM

Re: Question on enhancing OpenSSL logs

negotiation */ SSL_CTX_set_info_callback(ctx, ssl_connection_info_cb); Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 05/16/2012 05:15:40 PM: kthiru...@inautix.co.in Sent by: owner-openssl-us...@openssl.org 05/16/2012 05:25 PM Please

  1   2   3   4   5   6   7   8   >