Hi,
I am working on an application that is both a client and a server. The
DH prime is stored in the binary for the server. Since the Server will
exists inside the Client is there a considerable risk of embedding the
DH p into the code? The alternative is to have the Server generate a
Julian schrieb:
Hi,
I am working on an application that is both a client and a server. The
DH prime is stored in the binary for the server. Since the Server will
exists inside the Client is there a considerable risk of embedding the
DH p into the code? The alternative is to have the Server
Hi:
We are using only the OpenSSL cryptographic functionality, the EVP and
HMAC functions, in a multi-threaded application. Do we need to do
anything to ensure thread safety ? The documentation mentions
CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() ,but we are
not calling these
Bernhard Froehlich wrote:
Julian schrieb:
Hi,
I am working on an application that is both a client and a server. The
DH prime is stored in the binary for the server. Since the Server will
exists inside the Client is there a considerable risk of embedding the
DH p into the code? The
Hi,
I wrote an SSL layer over a custom network layer (IOCP on Windows,
poll() on UNIX) for my employer, using the non-copy functions BIO_nread
and BIO_nwrite. I am aware that they are not official, and in
particular lack documentation. So it doesn't make much sense to speak
about bugs, as there
My fear is that get a hold of P will allow for someone else to use it
to start a protocol disassembly. For instance anyone could create a
DHE-RSA-AES256-SHA TLS server and use P to listen for connections, of
course if would have to have a cert signed by CA to proceed even if
they have P.
We are using only the OpenSSL cryptographic
functionality, the EVP and
HMAC functions, in a multi-threaded application. Do we need to do
anything to ensure thread safety ? The documentation mentions
CRYPTO_set_locking_callback() and CRYPTO_set_id_callback()
,but we are
not
Julian wrote:
My fear is that get a hold of P will allow for someone else to use it to
start a protocol disassembly. For instance anyone could create a
DHE-RSA-AES256-SHA TLS server and use P to listen for connections, of
course if would have to have a cert signed by CA to proceed even if they
Thanks jb that clears up a lot.
j
On Apr 14, 2008, at 6:14 AM, jimmy bahuleyan wrote:
Julian wrote:
My fear is that get a hold of P will allow for someone else to use
it to start a protocol disassembly. For instance anyone could
create a DHE-RSA-AES256-SHA TLS server and use P to listen
We have our own TCP implementation, and we're thinking of using a
BIO_s_mem to add an SSL layer to it. The plan is: read the socket, put
the encrypted data into the ssl object's BIO, and then do a read from
it. Likewise, produce the data, feed it into OpenSSL, and then take
the data from the BIO
Hi ,
I have encrypted the data using pkcs7_encrypt and stored the content in one
file . and I called the same file as a input for the decrypt using
pkcs7_decrypt Api and copied the data to a file .
then if i open the output file, i have the orginal data which i encrypted .
but the problem is on
On Mon, Apr 14, 2008, shankar ks wrote:
Hi ,
I have encrypted the data using pkcs7_encrypt and stored the content in one
file . and I called the same file as a input for the decrypt using
pkcs7_decrypt Api and copied the data to a file .
then if i open the output file, i have the orginal
Julian wrote:
My fear is that get a hold of P will allow for someone else to use it to
start a protocol disassembly. For instance anyone could create a
DHE-RSA-AES256-SHA TLS server and use P to listen for connections, of
course if would have to have a cert signed by CA to proceed even if they
I'm getting started with ssl, and there's a lot of things I don't get
about the library, small, and quite a lot of them
Isn't there an IRC channel, or some kind of faster communication way than this?
The documentation's poor at best, and I don't completely get the
general concepts. From reading
general concepts. From reading examples I figure that only the
BIO_f_ssl does encryption-decryption when written into? so what should
Or doing SSL_write into a SSL object with a BIO_s_mem object as the
write-bio will write the encrypted data into it?
T
--
|_|0|_|
|_|_|0|
|0|0|0|
(\__/)
One dev wrote:
El vie, 11-04-2008 a las 17:01 +0300, Deceased escribió:
Hi,
I'm using apache and pkcs12 certs to for auth., but I cannot make web
browser to ask pass phrase every time I connect to it, only for import
pass on cert install. I'm using firefox.
Is there any way to make pkcs12
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tomas Neme wrote:
| The documentation's poor at best, and I don't completely get the
| general concepts. From reading examples I figure that only the
| BIO_f_ssl does encryption-decryption when written into? so what should
| I do if I want to
The documentation's poor at best, and I don't completely get the
general concepts. From reading examples I figure that only the
BIO_f_ssl does encryption-decryption when written into? so what should
I do if I want to provide an api that has functions b_encrypt and
encrypt_flush?
I think you
Does anyone know of any documentation or examples on how to use a custom
elliptic curve with ECDSA and ECDH of openssl's crypto library?
It doesn't look like support of custom curves is built-in. So, I have
tried to duplicate what was done with built-in curves in
crypto/ec/ec_curve.c to
From: [EMAIL PROTECTED] On Behalf Of Badra
Sent: Friday, 11 April, 2008 09:57
static char *login=login;
static char *password=password;
static char *label=label;
These could better be pointers to const char, since you shouldn't
and don't try to modify the strings pointed to.
const
From: [EMAIL PROTECTED] On Behalf Of Kyle Hamilton
Sent: Thursday, 10 April, 2008 07:39
David Schwartz wrote:
And with respect to the other thread, I agree with you. The
level of security should be the highest that doesn't require
sacrificing things that are more important than
21 matches
Mail list logo