Hi,
I am sniffing packets over wireless of 802.11i packets,
Which uses EAP-TLS,
So i have two way data and private key of CA.
Client-Hello--
Server-Hello
ClientKeyexchange
So now i can derive key-block,
But openssl utlity for SSL3/TLS methods are built
Can You pass tell me the cipher suite it is using ?
if the Key Exchange algo is Diffie and Helman .. then there is no way You
can decrypt.
Regards,
krishna.
On Mon, Jun 29, 2009 at 3:30 PM, Harsha gowda harsha.k.go...@gmail.comwrote:
Hi,
I am sniffing packets over wireless of 802.11i
its Diffie and Helman Key exchange algorith.
There is no way You decrypt this session.
for info on DIffie and Hellman see this url
http://en.wikipedia.org/wiki/Diffie-Hellman.
for public key and private key exchange algos You need private key file to
decrypt the sessions.
Regards,
krish.
Hi,
:)
Ya i have private key of server,
Regards
Harsha
On Mon, Jun 29, 2009 at 6:02 PM, krish krishna.kumar.i...@gmail.com wrote:
its Diffie and Helman Key exchange algorith.
There is no way You decrypt this session.
for info on DIffie and Hellman see this url
Hi,
Within the framework of our Export Control survey activity for
components of THALES equipments, and in order to update our databases,
and in order to comply with the export regulation, we need to know the
applicable *Export Control Code* and *ECCN* (Export Control
Classification Number)
Hi Team,
I want to have OpenSSL support in wpa_suplicant in order to get the
support for the functionality needed for EAP-FAST in wpa_suplicant. For
this I have downloaded the openssl-0.9.8d.tar.tar file and I have
openssl-0.9.8d-tls-extensions.patch file with me.
But I am not sure what
Hi Gaurav,
Gaurav Halwasia -X (ghalwasi - at Cisco) schrieb:
I want to have OpenSSL support in wpa_suplicant in order to get the
support for the functionality needed for EAP-FAST in wpa_suplicant. For
this I have downloaded the openssl-0.9.8d.tar.tar file and I have
Philip A. Prindeville wrote:
Stephen Henson via RT wrote:
[philipp_s...@redfish-solutions.com - Mon Jan 26 12:04:34 2009]:
The OCF code has been ported to Linux:
http://sourceforge.net/project/showfiles.php?group_id=133575
it would be very nice if this were supported in openssl
[philipp_s...@redfish-solutions.com - Mon Mar 09 18:21:52 2009]:
Stephen Henson via RT wrote:
There have been some concerns expressed in the mailing list about
how
portable this is to the many version of 'make' it has to work with.
Steve.
The '@' command for quiet has been
[philipp_s...@redfish-solutions.com - Mon Jan 26 12:04:23 2009]:
The target:
fips_standalone_sha1$(EXE_EXT): sha/fips_standalone_sha1.c
$(CC) $(CFLAGS) -DFIPSCANISTER_O -o $@
sha/fips_standalone_sha1.c $(FIPSLIBDIR)fipscanister.o
is built, but the extension is dropped when it's
Stephen Henson via RT wrote:
[philipp_s...@redfish-solutions.com - Mon Mar 09 18:21:52 2009]:
Stephen Henson via RT wrote:
There have been some concerns expressed in the mailing list about
how
portable this is to the many version of 'make' it has to work with.
Steve.
The '@' command for
Currently OpenSSL always uses the values in client hello and server
hello to negotiate compression even for a resumed session. So provided
the client includes the compression method from the original method in
client hello (as required by standards) the server should end up using
compression
Hi openssl-dev,
Here is a series of patches against the openssl-SNAP-20090628 release.
The patches fix a number of bugs and also add functionality from the
ocf-linux and uClinux-dist projects.
ocf-linux is a linux port of the OCF framework from BSD. The project
has been running since 2004.
If makedepend fails (for example, if it isn't in the path), then domd
should fail so the build can stop on the error.
---
util/domd |8 ++--
1 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/util/domd b/util/domd
index 27c0211..bab48cb 100755
--- a/util/domd
+++ b/util/domd
Some combinations of algorithm removal cause compilation errors.
Fix this case for SHA/SHA1.
---
crypto/evp/c_alld.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/crypto/evp/c_alld.c b/crypto/evp/c_alld.c
index 5032e7c..aa565a6 100644
--- a/crypto/evp/c_alld.c
+++
Some support for OCSP was not ifdef'd and prevents its exclusion from
openssl via the config options.
---
apps/progs.h |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git a/apps/progs.h b/apps/progs.h
index d323a1c..79e479a 100644
--- a/apps/progs.h
+++ b/apps/progs.h
@@
Do not run off the end of the RSA params arrays freeing values
or we will crash (or worse, corrupt the heap).
---
crypto/engine/eng_cryptodev.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index
Some implementations of DES (ie., linux kernel) will not tolerate
extremely weak keys, fix this by making it non-repetitive.
---
crypto/engine/eng_cryptodev.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
words was unsed (compiler warning) remove it.
b was uninited memory causing us to generate bogus numbers to pass into
cryptodev.
---
crypto/engine/eng_cryptodev.c |3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/crypto/engine/eng_cryptodev.c
Change the speed test to only test sizes up to 4096. Most cryptodev
HW drivers fail with 8192 sized requests. 4K seems like a reasonable
limit to test up to.
---
apps/speed.c |4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/apps/speed.c b/apps/speed.c
index
Needed to include all the headers in the links target to get openssl
cross compiling nicely within the uClinux-dist.
---
Makefile.org |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/Makefile.org b/Makefile.org
index ba29744..57265c6 100644
--- a/Makefile.org
+++
Add --with-cryptodev option to config so that an OS like linux may enable
cryptodev support if it has been ported (ie., ocf-linux).
Add --with-cryptodev-digests to optionally include hash support via
cryptodev (disabled by default as it is usually too slow to be useful).
Add a working cryptodev
Add support for calculating the CPU usage while doing crypto.
This is useful for showing the gains through HW acceleration
other than just speed. It is best used with the '-elapsed' option
to get real-world values.
Currently only linux supports cpu calculations, but it should be easy
to add
Cleanup some compile time warnings/magic numbers.
---
crypto/engine/eng_cryptodev.c | 18 +-
1 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/crypto/engine/eng_cryptodev.c b/crypto/engine/eng_cryptodev.c
index 186eb36..1e5d3a3 100644
---
Please mail these each as attachments to r...@openssl.org. This will
ensure that each gets entered into a trackable state, and also ensures
that the formatting for the patch files stays consistent.
-Kyle H
On Mon, Jun 29, 2009 at 7:54 PM, David
McCulloughdavid_mccullo...@securecomputing.com
Jivin Kyle Hamilton lays it down ...
Please mail these each as attachments to r...@openssl.org. This will
ensure that each gets entered into a trackable state, and also ensures
that the formatting for the patch files stays consistent.
No problems, I wasn't sure if I should do that or not,
OpenSSL is distributed under a clause in US law which allows
openly-available cryptographic software to be exempt from ECCN filing,
under exemption TSU (EAR, section 740.13(e)).
It is very possible that what you are doing with it falls under ECCN
5D002 or another in the 5Dnnn series.
I am not a
27 matches
Mail list logo