There seems to be a bug in ssl/s3_clnt.c in both 0.9.6g
and 0.9.7beta3. The problem is that the OpenSSL client software
will send an IllegalParameter alert and abort the handshake with certain SSLv3
and TLS servers.
In 0.9.6g, the code starts on line 643 (line 639 in 0.9.7beta3):
if ((j !=
Attached is a patch to the CryptoSwift engine to let it use the card for
random number generation.
The patch was done as a unified context diff against OpenSSL 0.9.7 beta2,
and retested against OpenSSL 0.9.7 beta3.
Lynn Gazis
Rainbow Technologies
CryptoSwiftRNGOpenSSLPatch.zip
I want to implement an external session cache with openssl
but I can't find a function that will give me the session id when
storing a new session in the cache.
According to the man pages the get-session-callback used for retrieval
of session
from the cache will give me the session id as an
On Tue, Sep 10, 2002 at 08:52:42AM +0200, Leif Thuresson via RT wrote:
I want to implement an external session cache with openssl
but I can't find a function that will give me the session id when
storing a new session in the cache.
According to the man pages the get-session-callback used
Are there any plans to add PKCS#9's signingDescription attribute to
OpenSSL's repertoire?
Cheers,
TJ
This truth - to prove, and make thine own:
Thou hast been, shalt be, art, alone.
-Matthew
If one calls COMP_METHOD *comp = COMP_zlib(), the first time this
call is made, a valid COMP_METHOD is returned, and the comp-type is
set correctly. However, if you make the call a second time, a valid
COMP_METHOD is returned, however the comp-type is set to 0.
This is with OpenSSL
On Mon, Sep 09, 2002 at 10:43:51AM -0500, Kenneth R. Robinette wrote:
If one calls COMP_METHOD *comp = COMP_zlib(), the first time this
call is made, a valid COMP_METHOD is returned, and the comp-type is
set correctly. However, if you make the call a second time, a valid
COMP_METHOD is
Hello,
I'm looking for advice on SSL-related problems in my application.
I'm developing an OpenSSL-based SSL sniffer that monitors decrypted
SSL traffic using the webserver's private keys on real site traffic
(similar to ssldump). For some reasons, part of the SSL traffic is
not being
Subject:Re: [openssl.org #277] COMP_zlib Problem
From: Lutz Jaenicke via RT [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Copies to: [EMAIL PROTECTED]
Date sent: Tue, 10 Sep 2002 10:15:19 +0200 (METDST)
Send reply to:
Afchine
When are you going to submit a 0.9.7 pkcs#11 engine??
As I understand things, 0.9.6 will not have any new
submissions included 0.9.7 is probably frozen, but the
0.9.8 function will be built on the 0.9.7 base and
a PKCS#11 engine for 0.9.7 would be more likely to be
incorporated into
On Tue, Sep 10, 2002 at 01:07:01PM -0500, Kenneth R. Robinette wrote:
Subject: Re: [openssl.org #277] COMP_zlib Problem
From: Lutz Jaenicke via RT [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Copies to:[EMAIL PROTECTED]
Date sent:
OpenSSL-0.9.7-BETA3 has a problem in kssl.c, which prevents the
server portion of the kerberos authentication to function correctly.
The problem is related to how internal OpenSSL code handes des/des3
encryption/decryption verses how the Kerberos libraries handle the
logic. Since the code
Hi all,
i have a problem with the PKCS12_gen_mac() which is called from within
PKCS12_verify_mac().
I've a function which extracts the private key from a PKCS#12 file. If I
call it once all is fine, but if I call it twice (with the same or another
PKCS#12 file) the second run fails calling
Title: hash function slowdown in 0.9.7?
Has anyone else noticed a considerable decrease in performance of md5 and sha1 from 0.9.6* to 0.9.7-beta*? It doesn't seem so bad for large data sizes, but it's particularly bad for data sizes less than 1024 bytes. I've found consistent results on
14 matches
Mail list logo