Hi Jack,
I don't have huge issues with it myself (in terms of entropy generation,
CryptGenRandom
has been fairly painless compared to some other mechanisms), but CryptoAPI
is somewhat
big, and there are various annoyances, such as the fact that repeatedly
initializing and
shutting down
That's an interesting blog article. The 2nd comment
is by the author and lists the entropy sources. I recall there was
discussion on this list quite some time ago where it was stated that OpenSSL
wouldn't use only the CryptoAPI random number generator since Microsoft hadn't
provided details
Two sentences after that one are these:
To form the seed for the random number generator, a calling
application supplies bits
it might have-for instance, mouse or keyboard timing input-that are
then added to both
the stored seed and various system data and user data such
RAND_poll for XP/2003 Server/Vista
On Fri, Dec 02, 2005 at 12:45:44AM +1100, Steven Reddie wrote:
That's an interesting blog article. The 2nd comment is by the author
and lists the entropy sources. I recall there was discussion on this
list quite some time ago where it was stated
The approach I took with wcecompat and integration with OpenSSL was to make
OpenSSL have as little special knowledge of CE as possible. This means that
wcecompat emulates missing ANSI/Posix functionality so that OpenSSL simply
continues to program to the standard interfaces. Wcecompat should be
Of Michael Sierchio
Sent: Tuesday, 18 October 2005 2:49 AM
To: openssl-dev@openssl.org
Subject: Re: ideas on replacing where ERR_STATE is stored?
Steven Reddie wrote:
Hi Michael,
I'm familiar with that approach, having used it many times myself.
The choice of poll over select isn't important
To: openssl-dev@openssl.org
Subject: Re: ideas on replacing where ERR_STATE is stored?
Steven Reddie wrote:
Do you mean using select() to handle multiple simultaneous connections?
I'm late in catching this thread, but I'll wager that Rich would use poll
rather than select, or /dev/poll, or some
choose to
define them) rather than threads?
-Original Message-
From: Rich Salz [mailto:[EMAIL PROTECTED]
Sent: Thursday, 29 September 2005 12:15 AM
To: Steven Reddie
Subject: Re: ideas on replacing where ERR_STATE is stored?
Do you mean using select() to handle multiple simultaneous
Rich,
How do you mean that the scheme doesn't work with worker threads? Doesn't
judicious use of ERR_remove_state overcome any problems of a new job on a
given thread remembering the error state of the previous job(s)?
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Do you mean using select() to handle multiple simultaneous connections?
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Rich Salz
Sent: Wednesday, 28 September 2005 2:28 PM
To: Steven Reddie
Cc: openssl-dev@openssl.org
Subject: RE: ideas on replacing
Windows CE has been supported since OpenSSL 0.9.7. Some post 0.9.8 patches
seem to have fixed some issues that were preventing eVC4 from being used.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Erich Titl
Sent: Thursday, 22 September 2005 11:39 PM
Steven Reddie wrote:
Windows CE has been supported since OpenSSL 0.9.7. Some post 0.9.8
patches seem to have fixed some issues that were preventing eVC4 from
being used.
Thanks for the info, do you know if anyone has a binary package available,
else I will have to dig in embedded VC++
Thanks
`*.¸¸.*´¯`*.¸¸.*´¯`*.¸¸.*´¯`*.¸¸.*´¯`*.¸¸.*´
-Mensaje original-
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] En
nombre de Steven Reddie Enviado el: jueves, 22 de septiembre de 2005 16:26
Para: openssl-dev@openssl.org
Asunto: RE: openssl for windows
Hi
All,
This is something
that I think I've raised before but don't remember getting resolution
on.
OpenSSL maintains
various global variables and structures, and there are cleanup functions that
must be used to properly release the resources when finished. One example
is the OID
Satoshi Nakamura wrote:
And I'm thinking of creating a list which includes:
1. Environment variables which are set by the batch file.
2. Compiler/Linker options which are set by IDE and how they are
expanded.
for each major platform and cpu.
Hi Satoshi,
I did this a couple of years ago
been more
with conflicts with other instances of OpenSSL in customer products. IBM
libraries are used by customers who integrate them with their code as
well. Peter Peter Waltenberg
"Steven Reddie"
[EMAIL PROTECTED] Sent by: [EMAIL PROTECTED]
Hi Andy,
I haven't been keeping on top of the issues with CE builds (since they
worked for me with a few minor tweaks). What was the problem with
wcedefs.mak? I had made a whole lot of changes to better support some more
CE platforms but with it gone won't be able to role them in so easily.
results.
ps. another note that the current 0.9.8-beta6 is totaly broken and i fall
back to the 0.9.7g after start with the new beta:-( yours.
Steven Reddie wrote:
Hi Levente,
I did the Windows CE port but have not found the time to complete an
update
for the latest compiler and SDKs. I think
Yes, simple casting isn't going to result in much other that emergency foot
surgery. It's been some time since I did any WinCE work, but I seem to
recall that there is only the W variant of most functions on Windows CE.
Windows CE, if my memory is correct, is Unicode-only. The original patches
Hi,
I've tested it on the platforms below with no problems. Looking good!
Commands executed on Windows (not Cygwin):
perl Configure VC-WIN32
ms\do_ms (didn't have MASM/NASM handy)
nmake -f ms\ntdll.mak
cd out32dll
..\ms\test
Commands executed on all
Hi Levente,
I did the Windows CE port but have not found the time to complete an update
for the latest compiler and SDKs. I think the last kit I used for the
current OpenSSL support was eVC 3.0 for PPC2002.
OPENSSL_SYS_WINCE is the correct tag to use; you'll find these in the source
code
I think you'll find that design decision predates the people on this list.
Performance is probably the secondary reason. The first is probably that it
makes lifetime management of the objects easier -- you just release your
reference to the object and don't have to worry about whether it needs to
I don't know that the compiler knows anything about write reordering. The
restriction that the write of c must happen before the read of c is
something that the processor itself is aware of. The compiler will generate
code to do the write then read in sequence, and the processor is smart
enough
FWIW, the Itanium compiler included with the Microsoft Platform SDK does
employ release/aquire semantics when accessing volatile variables. However,
the standard x86 cl.exe does not and although it seems that the Pentium4
does not reorder as much as the spec allows, the spec does still allow it
It's all in the interest of increased processing speed. Tighter models,
such as strict ordering, are inherently slower than reordering models. The
more reordering that can be done the better performance can be. Write
combining buffers are an extreme example where overwriting the same address
in
Hi Jim,
The C abstract machine definition doesn't take into account multi-processing
and therefore ignores memory operation reordering as seen by external
observers. Volatile means little more than don't keep this variable in a
register, it must be accessed directly from memory. It however
Hi All,
OpenSSL makes use of the DCLP (double-checked locking pattern) in a number
of places (rsa_eay.c and at least one engine; I haven't done an exhaustive
search), with code that usually looks like this:
if (x == NULL)
{
CRYPTO_w_lock(CRYPTO_LOCK_XXX);
/* Avoid a
-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Steven Reddie
Sent: 06 April 2005 10:02
To: openssl-dev@openssl.org
Subject: OpenSSL use of DCLP may not be thread-safe on multiple processors
Hi All,
OpenSSL makes use of the DCLP (double-checked locking pattern) in a number
of places
Check out A Formal Specification of Intel Itanium Processor Family Memory
Ordering (http://www.intel.com/design/itanium/downloads/25142901.pdf). It
describes in excruciating detail how reordering of memory operations can be
observed by other processors. Example A.1 (in Appendix A) is a simple
-unsafe and
extremely slow under some circumstances...
Ferda
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Steven Reddie
Sent: Monday, April 04, 2005 7:45 AM
To: openssl-dev@openssl.org
Subject: How good a random
-Original Message-
From: Richard Levitte - VMS Whacker [mailto:[EMAIL PROTECTED]
Sent: Monday, 4 April 2005 5:17 PM
To: openssl-dev@openssl.org; [EMAIL PROTECTED]
Subject: Re: How good a random source is Crypto API?
In message [EMAIL PROTECTED] on Mon,
4 Apr 2005 16:53:21 +1000, Steven
The non-thread-safe
nature of RAND_poll for Win32 is something I need to address as it's impossible
given the use of my libraryto expect RAND_poll to be called before other
threads exist. This leads me to the question of how good a random source
is the CryptGenRandom function on Windows. If
Hi
All,
As you are aware,
RAND_poll() is not thread safe and must be called with only a single active
thread in the process. The section in whichI have experienced
crashesis the heap walking. The entire section is protected by a
mutex, but the issueseems to bethat the snapshot references
Hi Kim,
No, I haven't seen Windows CE 5.0 yet so haven't tried to get OpenSSL to
build for it. You may find that it's just a matter of adding a few lines to
wcedefs.mak around line#20.
Regards,
Steven
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of
openssl dgst -md5 works for me with my 0.9.7c build. It sounds like you
have a dodgy build, or MD5 hasn't been included. Can you see MD5 listed
when executing openssl ciphers -v?
The debugger handling a call like EVP_get_digestbyname as atomic probably
indicates that you don't have debug
There
are a large number of differences in the exported symbols between Windows and
Linux builds. Some of them seem
surprising.
I built 0.9.7d on Windows with the following
commands:
perl Configure
VC-WIN32
ms\do_ms.bat
nmake -f ms\ntdll.mak
And on Linux, after adding
: Re: [openssl.org #951] FW: New port to the AS/400 (iSeries)
In message [EMAIL PROTECTED] on Thu,
30 Sep 2004 10:15:04 +1000, Steven Reddie [EMAIL PROTECTED] said:
smr I'm surprised that nobody has responded.
I feel I need to raise a little bit of awareness here. The OpenSSL Project
is entirely
Hi George,
I'm surprised that nobody has responded. I may have to port an application
using OpenSSL to AS/400 at some stage so I would appreciate it if you would
post the patches. Perhaps if you post them the team will integrate them.
Regards,
Steven
-Original Message-
From: [EMAIL
Hi Jeffrey,
Come to think of it, maybe OpenSSL should simply perform a call to
RAND_poll() as part of the DLL initialization. This would solve many
problems.
No, it would create some. RAND_poll() calls LoadLibrary() which is a no-no
from DllMain(). malloc() is not safe to call from
to support legacy systems where the shared lib
initialization code just doesn't get called. Peter
"Steven Reddie"
[EMAIL PROTECTED] Sent by: [EMAIL PROTECTED]
07/14/04 03:08 PM
Plea
Hi Mark,
I think I've seen this one before, and it was due to an environment
variable. Something like MAKEMODE, MAKE_MODE, MAKE_FLAGS; I don't recall
which exactly, but it was definitely a MAKE* or MK* variable. Unsetting it,
or setting it to empty did the trick.
Regards,
Steven
Right, I was flat out today and forgot about that, probably because I don't
understand what is significant about how ar/lib is invoked. We're relying
on the OpenSSL build to use Cygwin's ar and it turns out that the resulting
libcrypto.a is compatible with Microsoft's tools (eg. link ...
Yes, I was surprised too. I don't know if it's because Cygwin's ar has been
made compatible with Microsoft's lib format, or if the two formats have
always been the compatible.
One advantage of using gcc2cl is that you don't need to worry about most of
the Microsoft specifics such as .obj vs .o.
-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Steven Reddie
I believe I wrote gcc2cl originally to get the OpenLDAP build working
(OpenLDAP doesn't seem to support a Windows build out-of-the-box,
although the code supports Windows, and a separate IDE project file is
needed
I believe I wrote gcc2cl originally to get the OpenLDAP build working
(OpenLDAP doesn't seem to support a Windows build out-of-the-box, although
the code supports Windows, and a separate IDE project file is needed). Yes,
autoconf was the difficulty with OpenLDAP that required gcc2cl. Later when
Hi Andy,
We have standards for the compilers that we use on each platform, and on
Windows it is Microsoft's toolset. In our lab we use cygwin for the build
framework so that we can use the same framework on Windows and Unix
platforms.
What I was trying to say was that rather than using the .bat
May 2004 12:54 PM
To: [EMAIL PROTECTED]
Subject: Re: Win32 compiles under cygwin
Steven,
Thanks for your response. This sounds like it would be an excellent
solution to my dilemma. Please feel free to forward your contribution
as you see fit.
Mark
On May 9, 2004, at 5:40 PM, Steven Reddie wrote
I get on unix:
libssl.a and libcrypto.a. What I want to know is how do I get
ssleay32.dll and libeay32.dll? These are required to link m2crypto on
Win32.
Mark
On May 10, 2004, at 5:17 PM, Steven Reddie wrote:
Hi Andy,
We have standards for the compilers that we use on each platform
will be the same. I know that with other packages such as Kerberos
you absolutely do not get the same result when building under cygwin because
the environment is more Unix like and therefore different assumptions are
made.
Jeffrey Altman
Steven Reddie wrote:
Jeffrey,
Are you saying that using
I receive one of the following for every message I send to the list.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, 11 May 2004 2:08 PM
To: Steven Reddie
Subject: Mail Returned (550 5.1.1 [EMAIL PROTECTED]... User unknown
(RCPT))
Your mail
Hi Mark,
I've written a command-line utility called gcc2cl which acts like a gcc
front-end while using Microsoft's compiler/linker at the backend. It
translates options and does some munging of cl's stdout/stderr so as to fool
autoconf into thinking it is really using gcc. This enables us (I
Hi,
I think the term you were looking for was binary, meaning not a text file.
If by dgst you mean the openssl command line utility, try adding the
parameter -keyform der. If that doesn't work you'll need to convert the
key to PEM (base64 encoding of the DER). The command openssl rsa -inform
This issue has been fixed and committed. The check for NULL that you
propose was added to the free_index function itself so that all callers of
free_index benefit from the protection.
Regards,
Steven
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of
This has been fixed in the latest 0.9.7 snapshots.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Fiel Cabral via RT
Sent: Thursday, 1 April 2004 7:59 PM
Cc: [EMAIL PROTECTED]
Subject: [openssl.org #866] BUG REPORT: openssl-0.9.7d, ca command, null
Of Steven Reddie
Sent: Thursday, March 18, 2004 7:49 PM
To: [EMAIL PROTECTED]
Subject: RE: OpenSSL 0.9.7c Pocket PC 2003 Compile Error
Hi Chris,
I haven't seen that particular error before, but I have seen reports of
problems with PPC2003. Try removing the /Gs0 option from the makefile are
rebuild
Hi Richard,
Sorry for the delay. The snapshot from after you asked me to test it the
first time (openssl-0.9.7-stable-SNAP-20040327) passed my tests.
Thanks,
Steven
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Richard Levitte via RT
Sent:
That was one of the worms doing the rounds at the moment. It sends a
20-30KB zipfile and fakes the sender's email address.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Bruce Christensen
Sent: Thursday, 25 March 2004 12:22 PM
To: [EMAIL PROTECTED]
Re: openssl-dev thread: New CA index subfiles (.attr, .attr.new, .attr.old,
.new)
OpenSSL 0.9.7d introduces a bug on Windows in the openssl executable in
relation to the renaming of temporary serial and index files. The renames
are failing since the special WIN32_rename() function (which
Title: Message
Hi
All,
I've attached a
simple patch (against 0.9.7d) which adds support for -crlsecs to the ca
command. This is useful for testing of components that automatically fetch
updated CRLs as they expire -- the current granularity of an hour makes for a
long test.
Regards,
Title: Message
Hi
All,
I'm getting a crash
in apps/ocsp.c in the new 0.9.7d kit. Line 876 now calls free_index(rdb)
where it used to use TXT_DB_free. If rdb is NULL (as can happen with ocsp
when -index isn't specified) free_index fails due to a NULL pointer
dereference. free_index at the
Title: Message
Hi
Ben,
How is the FIPS
accreditation progressing? The OSS Institute website doesn't seem to have
been updated recently, but I see you're still checking in changes. Do you
have any idea of an expected end date?
Regards,
Steven
I think I recall that since GeneralName is a CHOICE that using it with
IMPLICIT tags requires the implicit tag to be declared explicitly to avoid
ambiguity. I'm not an ASN.1 expert but I've come across this problem before
and had to work around it by reversing the implicit tag of GeneralName.
, Steven Reddie wrote:
I think I recall that since GeneralName is a CHOICE that using it with
IMPLICIT tags requires the implicit tag to be declared explicitly to avoid
ambiguity. I'm not an ASN.1 expert but I've come across this problem
before
and had to work around it by reversing the implicit tag
I can't speak on behalf of the OpenSSL team, but it's more usual to refer to
such ports as OpenSSL for VOS. This has become the standard approach due to
lawsuits where Microsoft forced companies to change the names of their
products from Windows XXX to XXX for Windows. I think Sun also won a
Thanks for the info Chris. As per our private email these issues are with
wcecompat and so don't require any changes to OpenSSL. I'm very busy at the
moment so haven't got around to fixing it, but it sounds like it's not a
showstopper for you.
Regards,
Steven
-Original Message-
From:
[EMAIL PROTECTED] on Tue, 3 Dec
2002 02:38:33 +1100, Steven Reddie [EMAIL PROTECTED] said:
smr I've made some changes to wcecompat to support other Windows CE
platforms,
smr the necessary changes to OpenSSL are attached. I've also included
smr cryptlib.h in several files so that the OPENSSL_cleanse
Have you tried the same code on some other platform like Linux or Windows?
I don't have time to look over your code, but I did notice that the first 8
bytes of the output are not what you expected and the remaining data is
decrypted correctly. Seems like maybe you need to initialise a salt/IV
Richard, I think the FLAT_INC in ectest.c was something you introduced when
committing the Windows CE changes. It looks like other files, like
enginetest.c, simply include openssl/e_os2.h.
Steven
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of [EMAIL
Richard Levitte - VMS Whacker said:
time_t can be anything. It can be a nose-picking monster for all I
know. All that matters is that it should represent time in some way,
and be usefull in that way for any function that takes a time_t as an
argument. Under VMS (with DEC C), time_t is
]
Subject: Re: [PATCH] Windows CE support for 0.9.7 (against 20021114
snapshot)
In message [EMAIL PROTECTED] on Mon, 18 Nov
2002 22:24:18 +1100, Steven Reddie [EMAIL PROTECTED] said:
smr Since I'm using the MSVC++ /W3 /WX options (max warnings, treat
warnings as
smr errors), the following two numbered
: [EMAIL PROTECTED]
Subject: Re: [PATCH] Windows CE support for 0.9.7 (against 20021114
snapshot)
In message [EMAIL PROTECTED] on Sat, 16 Nov
2002 15:18:12 +1100, Steven Reddie [EMAIL PROTECTED] said:
smr Everything is done from the Windows box. The test*ce*.bat files use
cecopy
smr to copy files
Finally I've finished this port. The patches are very minimal because the
majority of the work is in a seperate library available from my website
(www.essemer.com.au/windowsce/).
After applying the patch:
cd openssl-0.9.7-stable-SNAP-20021114
unzip
I thought that OPENSSL_SYSNAME_* was the new way of doing things, so I
changed the Microsoft standard UNDER_CE to OPENSSL_SYSNAME_WINCE at the last
minute. I think I had to pull in e_os.h in one of the files to make sure
this was defined. I'll change it all back.
Whoops, last-minute late-night
Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Steven Reddie
Sent: Saturday, 16 November 2002 2:51 PM
To: Richard Levitte - VMS Whacker; [EMAIL PROTECTED]
Subject: RE: [PATCH] Windows CE support for 0.9.7 (against 20021114
snapshot)
I thought that OPENSSL_SYSNAME_
Chris, thanks for taking the time to test the patch. I'll take a look at
using the %TARGETCPU% to output built files to tmpARM, outARM, outdllARM
instead of tmp32, out32, out32dll.
Steven
-Original Message-
From: Chris Brook [mailto:[EMAIL PROTECTED]]
Sent: Saturday, 16 November 2002
Everything is done from the Windows box. The test*ce*.bat files use cecopy
to copy files to the device and cerun to invoke the test programs. The
output of the tests is redirected back through cerun, kind of like using
rsh.
I'll look into the time_t problem and get back to you later today.
These are based on the 1113 snapshot. The first two are warnings, but the
compiler options being used treat warnings as errors.
crypto/aes/aes_cbc.c at lines 84 and 106 need a typecast to avoid
signed/unsigned mismatch warning:
for(n=0; n len; ++n)
becomes:
for(n=0; n (int)len;
[EMAIL PROTECTED] on Fri, 15 Nov
2002 02:28:11 +1100, Steven Reddie [EMAIL PROTECTED] said:
smr These are based on the 1113 snapshot. The first two are warnings, but
the
smr compiler options being used treat warnings as errors.
smr
smr crypto/aes/aes_cbc.c at lines 84 and 106 need a typecast
I'm looking at the 0.9.7 version of that file, and the #include unistd.h
is inside something like #if !defined(MSDOS) || defined(DJGPP). MSDOS
get's defined in e_os2.h for Windows builds, so this block of code should be
disabled. Does it look to be the same for the source you have?
I've just downloaded the November 5th 0.9.7 snapshot and found a bug on
Windows. The fix is a single liner, so I haven't gone to the trouble of
preparing a patch:
apps/ca.c line#96 needs to be changed from:
# elif !defined(OPENSSL_SYS_VXWORKS)
to:
# elif
In message [EMAIL PROTECTED] on Fri, 8 Nov
2002 00:14:54 +1100, Steven Reddie [EMAIL PROTECTED] said:
smr apps/ca.c line#96 needs to be changed from:
smr
smr# elif !defined(OPENSSL_SYS_VXWORKS)
smr
smr to:
smr
smr# elif !defined(OPENSSL_SYS_VXWORKS) !defined(OPENSSL_SYS_WINDOWS)
smr
smr
In message [EMAIL PROTECTED] on Wed, 6 Nov
2002 01:45:57 +1100, Steven Reddie [EMAIL PROTECTED] said:
smr I'm a few days away from submitting my patch. It looks like
smr we've done quite similar work which I guess isn't surprising
smr since we've both had to plug the holes in the Windows CE CRT
smr
Hi Martin,
I'm a few days away from submitting my patch. It looks like we've done
quite similar work which I guess isn't surprising since we've both had to
plug the holes in the Windows CE CRT implementation. My approach differs in
that I've seperated out this compatibility layer into a
Someone on the list is infected with the Win32.Bugbear worm, see
www.vet.com.au. I've been getting a fair bit of these strange messages
recently. Bugbear scans the computer for email, and can compose a message
taken from a fragment of email that it finds, fake the from address with an
address
Richard,
I found that the no-hw option didn't work. After discussing it on the list
I agreed to contribute a no-engine option. I understand that no-engine
doesn't imply the same thing as no-hw, but it still seems like a good option
to have. Until the software crypto gets moved into an engine
I think it was about a month ago and would have mentioned no-hw and
no-engine in the messages, in fact there probably aren't too many messages
with no-engine in them. I don't recall giving any details about what was
wrong with no-hw and don't recall the details now. Though I do remember
that if
Is there any interest in this patch? I was under the impression that it
would be commited if I did the work.
Steven
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Steven Reddie via RT
Sent: Friday, 20 September 2002 5:25 PM
Cc: [EMAIL PROTECTED
The size of the data must be less than the size of the modulus of the key.
If it's a 1024-bit key (128 bytes) then the data must be at most 128 bytes.
In fact, the data when viewed as a long integer must be of a smaller value
than the modulus.
-Original Message-
From: [EMAIL PROTECTED]
Welcome to the club. I also sent in for a patch for this one, and then
Stephen Henson told me that it had been fixed. It in CVS but not in any of
the official releases.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Zoltan Glozik
Sent: Monday, 23
Here is the patch for configuring-out the engine. This one should work; the
previous one had a single misplaced #ifndef. I've tested it both with and
without the no-engine option for the following platforms:
Cygwin
VC-WIN32 (dll and static)
VC-CE (dll and static)
This page (http://mictlan.sfsu.edu/~dachen/documents/Overview.htm) has a
good description of the states. CLOSE_WAIT means that the peer shutdown the
connection and the application still has it open.
- Original Message -
From: 周光华 [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday,
The patch that I submitted is incomplete. I thought that it was working
because I forgot that the tests need to be invoked manually. Looks like a
little more work to do.
Steven
- Original Message -
From: Steven Reddie via RT [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Tuesday
PROTECTED]]On Behalf Of Geoff Thorpe
Sent: Wednesday, 28 August 2002 12:57 AM
To: [EMAIL PROTECTED]
Subject: Re: 0.9.7: no-hw
Hi there,
On Wed, 28 Aug 2002, Steven Reddie wrote:
Specifying no-hw to config/Configure in 0.9.7 defines OPENSSL_NO_HW but
builds the engine directory. Parts of those files
Specifying no-hw to config/Configure in 0.9.7 defines OPENSSL_NO_HW but
builds the engine directory. Parts of those files are ifdef'd out but there
is still a fair amount built. Also, #ifndef OPENSSL_NO_HW isn't used much
throughout the code, so engine.h is included even with no-hw, and the
This sounds like the same old problem with passing an RSA public key to this
function and getting a segv, which seems to bite new users quite often. Can
this function be fixed to do a sanity check on the key before proceeding? I
assume it's the same with a hardware key. If a user ends up with
to
WinCE. I came to know from the mail archive that Steven Reddie was
looking at it. Any more updates on the same?
If the thing is done, can I have one version?
Thanks and regards,
Das.
__
OpenSSL Project
Richard, that was Zoran from Eracom and myself (as a Computer Associates
employee). We never got together, but Zoran did submit his code. I put my
submission on the back-burner long enough that I think it's irrelevant now.
I still haven't looked at Zoran's submission but it sounds like it works
Java has SSL support in the JSSE for v1.3. For v1.4 JSSE has been rolled
into the JDK.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Sargrad, Dave
Sent: Tuesday, 23 October 2001 11:46 PM
To: '[EMAIL PROTECTED]'
Subject: Java SSL
Are there reliable
Something like this should do the trick:
byte[] encodedKey; // read from file
PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(encodedKey);
KeyFactory keyFactory = KeyFactory.getInstance(DSA);
DSAPrivateKey privKey =
Yes, you've misinterpreted the output. I added up all of the number=
fields and got 899. I'm guessing that you added up the first number on each
line. That number represents the order of the allocations.
Regards,
Steven
-Original Message-
From: Gleison Santos [mailto:[EMAIL
100 matches
Mail list logo