Richard Koenning schrieb:
Frank Büttner wrote:
Non blocking is not possible because Qt returns only an non blocking fd.
What is the problem?
What do you mean with the select() function. In the openSSL doc I can't
Ok I have taken comment so far and this is my plan - if I am way off
please let me know
create a public salt (anyone can see this and will) of X length (128bits)
take sha512 hash of file to be encryted (and keep it)
supply a password to the pbkdf2 - to create a 256bit key for my AES256
CFB
Thanks Marek for that reply. It helped me :)
Regards,
Prabhu. S
- Original Message -
From: Marek Marcola [EMAIL PROTECTED]
To: openssl-users@openssl.org
Sent: Wednesday, August 09, 2006 3:02 PM
Subject: Re: query on SSL_CTX_set_verify();
Hello,
I have client application program in
I've found the reason.http://www.openssl.org/support/faq.html#PROG2On 8/18/06,
Jiyong Xu [EMAIL PROTECTED] wrote:
Hi,I am a newbie to openssl. Maybe my questions here is silly. Please be kind to me.I recently downloaded the openssl source, and compiled it under win32 successfully.When I use VC6
The only signals that I have is readyRead() (emit when I can read data
form socked) and bytesWritten() (emit when data was written to the
socked). I seen that OpenSSL will only have data for read when an Record
was complete transmitted. How can I find out the size of an Record?
Then I can
Hi,
On 8/16/06, David Schwartz [EMAIL PROTECTED] wrote:
[...] The SSL engine may have already read the data and your
'select' may block forever. You should only wait for 'select'
to give you
read hit before calling SSL_read if your last SSL operation returned a
WANT_READ indication.
Hello,
Ok I have taken comment so far and this is my plan - if I am way off
please let me know
create a public salt (anyone can see this and will) of X length (128bits)
take sha512 hash of file to be encryted (and keep it)
supply a password to the pbkdf2 - to create a 256bit key for my
Hello,
I want to decrypt using 3DES and want to use the EVP api.
Here's what i'm doing, it will be nice someone could validate if my approach
is correct. here's the code that i have come up with...
int 3desDecrypt(unsigned char * pEncData, int pDataSize)
{
int dec_data_size = 0;
Marek Marcola wrote:
Hello,
Ok I have taken comment so far and this is my plan - if I am way off
please let me know
create a public salt (anyone can see this and will) of X length (128bits)
take sha512 hash of file to be encryted (and keep it)
supply a password to the pbkdf2 - to
Well - this was really a stupid mistake.
However, after some hours of furter debugging i am stuck now with a problem
again.
Basically, it looks like the client and the server do not find a shared
cipher to use.
I tried the code without specifiying the ciper (according to the
documentation,
Please be kind to me.
--
There is no fear. All were newbies at some point in their careers, and all have
made mistakes, met with failures and become experts.
This
should work. It works for me. Perhaps, you shold check the return from
BIO_new_fp like (if bio_out == NULL) return 1; - this will
--- Florian G otter [EMAIL PROTECTED] wrote:
Added code:
if(SSL_set_cipher_list(m_ssl,EXP-RC4-MD5)==1)
{
cout setting cipher went okay endl;
}
else
{
cout cipher not set endl;
}
Dont use EXP- ciphers!
__
Do You Yahoo!?
Tired
#include stdio.h
#include openssl/bio.h
int main ()
{
BIO *bio_out;
bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
BIO_printf(bio_out, Hello World\n);
getchar();
return(0);
}
The code was compiled successfully.
When the code went to BIO_printf(bio_out, Hello World\n);, it
Hello,
create a public salt (anyone can see this and will) of X length (128bits)
take sha512 hash of file to be encryted (and keep it)
supply a password to the pbkdf2 - to create a 256bit key for my AES256
CFB encryption
use the hash with same salt in pbkdf2 and create a 128 bit iv
Hello !
However, when using DES-CBC3-SHA instead, i still have the same behaviour.
Any idea ?
Many thanks !!
Florian
Girish Venkatachalam wrote:
--- Florian G otter [EMAIL PROTECTED] wrote:
Added code:
if(SSL_set_cipher_list(m_ssl,EXP-RC4-MD5)==1)
{
cout setting cipher went
Hello !
However, when using DES-CBC3-SHA instead, i still have the same behaviour.
Any idea ?
Many thanks !!
Florian
Did you add these ciphers?
Try something like:
EVP_add_cipher(EVP_des_cbc());
EVP_add_cipher(EVP_rc2_cbc());
EVP_add_cipher(EVP_rc4());
David Schwartz schrieb:
The only signals that I have is readyRead() (emit when I can read data
form socked) and bytesWritten() (emit when data was written to the
socked). I seen that OpenSSL will only have data for read when an Record
was complete transmitted. How can I find out the size of an
Hello again
Marek Marcola wrote:
Hello,
create a public salt (anyone can see this and will) of X length (128bits)
take sha512 hash of file to be encryted (and keep it)
supply a password to the pbkdf2 - to create a 256bit key for my AES256
CFB encryption
use the
Well, i tried this, but unfortunately, there is no change.
Is my understanding wrong that per default, there are ciphers defined ?
I am happy to define them if required - however, i don't understand the error.
Any idea ?
Florian
David Schwartz wrote:
Hello !
However, when using
David Schwartz schrieb:
The only signals that I have is readyRead() (emit when I can read data
form socked) and bytesWritten() (emit when data was written to the
socked). I seen that OpenSSL will only have data for read when
an Record
was complete transmitted. How can I find out the
Well, i tried this, but unfortunately, there is no change.
Is my understanding wrong that per default, there are ciphers defined ?
I am happy to define them if required - however, i don't
understand the error.
Any idea ?
Make sure you've removed any test code you added that limited
Hello !
Here is again the complete code as of now.
The restricitions are removed so far.
Output from Server:
SSL PrivateKey opened successfully
LOG; Now accepting connections on fd...connection accepted.
LOG; Now accepting (ssl)...SSL Handshake (SSL_accept) failed - error
code -1
SSH Handshake
Hi
I haven't ever used BIO.. One more thing, after calling SSL_read we
need to call SSL_pending also to make nothing is buffered.. In case
SSL_pending returns non-zero than we can iteractively call the
SSL_read again until it returns SSL_WANT_read or Write..
Whatvever it returns, based on that
Hi
We have used the code present in ca.c to make a library to generate
the certs on fly.. OpenSSL CA generates the certificates. We have used
the same.. Plz chk ca.c it would give more insigh.. I am sorry to say
but to us it appears they aren't any simple direct API for this..
HTH
-Krishna
On
Hi
I don't remember the internals of the SSL_CTX and SSL structures but t
we need to create SSL object once all the initialization of SSL_CTX is
completed...
m_ssl=SSL_new(m_ctx);
should come after all the calls to add cipher etc. that sets something
in the context are done else the m_ssl
Not sure whether it failed with bio.. But for non-blocking sockets u
must use the select call else it would be too complex to handle the
sockets.. Have u tried that..?
On 8/18/06, Frank Büttner [EMAIL PROTECTED] wrote:
Krishna M Singh schrieb:
Hi
I haven't ever used BIO.. One more thing,
Krishna M Singh schrieb:
Not sure whether it failed with bio.. But for non-blocking sockets u
must use the select call else it would be too complex to handle the
sockets.. Have u tried that..?
I can't use the select() call, because I only have an fd for the socket.
But no direct connection
Hello !
I have changed the order now - however, in my understanding, setting the
ciphers is not required in any case.
The behaviour is unfortunately still the same.
Is there a way to debug the handshake further down ?
Thanks
Florian
Krishna M Singh wrote:
Hi
I don't remember the internals
Hi Frank
Don't know anything about Qt socket system but I feel there must be
some other API in place of select in that. Non-blocking sockets cant'
be handled without select easily and efficiently..
Its very crude way but u can sort of implement select functionality like this..
a) timeout = 100
Hello,
I would recommend to actually load the server certificate in addition
to the key. Without certificate the key/certificate pair is not complete
and only anonymous ciphers would be valid. These are not enabled by
default so that no shared cipher for which all necessary data are
available can
Krishna M Singh schrieb:
Hi Frank
Don't know anything about Qt socket system but I feel there must be
some other API in place of select in that. Non-blocking sockets cant'
be handled without select easily and efficiently..
Its very crude way but u can sort of implement select functionality
Frank Büttner wrote:
So I found out that SSL don't take teh data from the socket:(
The Qt buffer will grow and grow, but SSL don't read the data:(
It seems to me that you have an architecture problem. As i understand your
descriptions you have OpenSSL and Qt accessing a socket in *parallel*,
So I found out that SSL don't take teh data from the socket:(
The Qt buffer will grow and grow, but SSL don't read the data:(
If you use bio pairs, SSL doesn't have to touch the network at all ever. You
can read and write data to and from the network and to and from OpenSSL.
This is probably
Ah - okay.
Actually, loading the certificate also into the server and loading the ciphers
in
the client and also in the server resolved the problem.
Unfortunately, i used incomplete documentation from a university presentation
from
the internet, which contained logic as well as other errors.
The
David Schwartz schrieb:
So I found out that SSL don't take teh data from the socket:(
The Qt buffer will grow and grow, but SSL don't read the data:(
If you use bio pairs, SSL doesn't have to touch the network at all ever. You
can read and write data to and from the network and to and from
Richard Koenning schrieb:
Frank Büttner wrote:
So I found out that SSL don't take teh data from the socket:(
The Qt buffer will grow and grow, but SSL don't read the data:(
It seems to me that you have an architecture problem. As i understand
your descriptions you have OpenSSL and Qt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I don't see an 'ssl' command on my system -- is this a shell script or an
alias? If you have a script 'ssl' calling 'openssl' then you're going to
have to deal with layers of quoting.
For example, if 'ssl' is a script, then upon entering the
Hello,
So I found out that SSL don't take teh data from the socket:(
The Qt buffer will grow and grow, but SSL don't read the data:(
It seems to me that you have an architecture problem. As i understand
your descriptions you have OpenSSL and Qt accessing a socket in
*parallel*,
I have try this, but it fails, because the is no way to find out when
the write buffer BIO has data that must send. I have try it with the
callback function. But this will not work, because the function must be
static. And than I can not acces the network object form Qt.:(
I can't
39 matches
Mail list logo
