On 05/15/2012 12:03 PM, Dirk Menstermann wrote:
> Hello,
>
> are the sassumptions below correct?
>
> For 0.9.8 I have to use fips123
>
> For 1.0.1 I have to use fips2
>
> For 1.0.0 there isn't a fips implementation.
Correct.
-Steve M.
--
Steve Marquess
OpenSSL Software Foundation, Inc.
1829
On 15/05/12 20:21, Fábio Resner wrote:
I don`t know if this is the correct place to make this conceptual
question but here it goes:
In DH you must exchange the parameters in order to generate the keys
for the algorithm to work properly. (Am I wrong?)
But in ECDH (accordingly to the code abov
Hi Cool SSL people.
I am trying to extract the public key of a self signed cert…Here is how I am
doing, and what the problem is:
I set a verify call back function, in which I do:
X509 *cert = X509_STORE_CTX_get_current_cert(x509_ctx);
int depth = X509_STORE_CTX_get_error_depth(x509_ctx);
Thanks Matt and Rick.
Rick's version of the program is working properly!
I don`t know if this is the correct place to make this conceptual question
but here it goes:
In DH you must exchange the parameters in order to generate the keys for
the algorithm to work properly. (Am I wrong?)
But in ECDH
When a user logs in over https to a login server, my goal is to have
the login server take the __username+timestamp__ and encrypt it to get
a 'session key', which can then get passed around as a POST variable
to all our other servers, so each server doesn't need to re-validate
the user's credential
On Mon, May 14, 2012 at 1:33 PM, Andy GOKTAS wrote:
The bottom line is that *. does prompt with the Mismatched address
in the certificate, but testing the same cert configuration with
. as the subjectAltName rather than *., it tests
successfully (picks up the SubjectAltName and no prompts).
I
Hi Fabio!
I've been looking for some example and i adapted to your program.
This code works...
It seems that it's simpler than you thought.
#include
#include
#include
#include
#define ECDH_SIZE 67
static void *KDF1_SHA1(const void *in, size_t inlen, void *out, size_t
*outlen)
{
#ifndef O
Hello,
are the sassumptions below correct?
For 0.9.8 I have to use fips123
For 1.0.1 I have to use fips2
For 1.0.0 there isn't a fips implementation.
Thanks
Dirk
__
OpenSSL Project http://www.op
On 15 May 2012 15:22, Fábio Resner wrote:
> Hi,
>
> I'm trying to write an app to generate public/private/shared key for ECDH.
> Here is what I was able to build based on examples:
>
> #include
>
> #define ECDH_SIZE 67
>
> int main() {
> EC_KEY *ecdh = EC_KEY_new();
> const EC_POINT *point = NULL
Dear Dave T,
Thanks a lot for your nice explanation.
Please see my reply and let me know if i am wrong.
1) Yes the Openssl version is very old on our server side. I did not find
any information regarding SSL log on server side apart from connection
information.
Probably we may need some other wa
Hi,
I'm trying to write an app to generate public/private/shared key for ECDH.
Here is what I was able to build based on examples:
#include
#define ECDH_SIZE 67
int main() {
EC_KEY *ecdh = EC_KEY_new();
const EC_POINT *point = NULL;
EC_POINT *point2;
const EC_GROUP *group;
// const void *pub
Good coverage of this topic is in the chapter "4 Support Infrastructure",
section "4.1 Multithread Support"
http://my.safaribooksonline.com/book/networking/security/059600270x/support-infrastructure/openssl-chp-4-sect-1
from the book
Network Security with OpenSSL
By: John Viega; Matt Messi
Hi.
I'm trying to install OpenSSL-1.0.1b on a z/OS 1.13 system.
I have managed to do the MAKE part but now when I'm trying the MAKE TEST I have
runned into problems and I'm hoping that someone here could help me.
I found that someone a couple of years ago had a similar problem, but there was
n
Hello,
Thanks for your response.
You asked for the exact shortname - It's an internal site, so that will
not help you - if you plan on viewing it as a test.
Our setup has to do with VLAN routing, DNS zoning per environment for
alias shortname resolution per zone within our internal domain.
Hi.
Thanks for looking into this.
Would this say that the php_openssl is bugged, or can`t do the job ?
-Opprinnelig melding-
Fra: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
På vegne av Jeffrey Walton
Sendt: 13. mai 2012 22:39
Til: openssl-users@openssl.org
15 matches
Mail list logo