Hi Dr. Stephen Henson,
Thanks for your answer.
I know this cipher suite is rarely used however we do need this feature
and we do want to test it using openssl.
Do you happen to know how to get a DH certificate or how to generate a DH
certificate using openssl or other tools.
-Zyan
From:
On 8/15/13 11:51 PM, Patrick Pelletier wrote:
On Aug 15, 2013, at 10:38 PM, Nico Williams wrote:
Hmm, I've only read the article linked from there:
http://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html
Yeah, that's the only place I've seen it, and then the Google+
On 8/21/13 12:19 AM, Patrick Pelletier wrote:
Nikolay Elenkov wrote a proof-of-concept that shows the pid-wrapping bug
on Android, and then I took it one step further and wrote a
proof-of-concept using OpenSSL in C, demonstrating that this is an
underlying OpenSSL bug:
On Wed, Aug 21, 2013, Zyan Wu wrote:
Hi Dr. Stephen Henson,
Thanks for your answer.
I know this cipher suite is rarely used however we do need this feature
and we do want to test it using openssl.
Well as I said it is only supported by OpenSSL 1.0.2 and later, not in any
currrent
Hi,
Thanks for the reply.
That's because it's not a raw public key; it's a base64 encoded
structure containing the key parts. It's a lot more than just stripping
the header and footer.
I was not aware of this.
But I think my requirement is to send the public key in Base64 encoded
structure
Hi all,
although I issued a certificate for an intermediate CA (CA2) with a
pathlength of zero (pathlen:0), I could use this certificate to create
certificates for further CAs (CA3).
Due to pathlen:0 I expected openssl would either cancel creation of sub-CAs
with an error massage or would
I am not 100% sure this is a real bug, hence mailing openssl-users
instead of rt@.
641 if (is_sslv3)
642 {
snip
647 unsigned overhang = header_length-md_block_size;
648 md_transform(md_state.c, header);
649
Hi Dave,
Thanks for the reply.
I do have access to the server code but cannot change it's implementation to
suite my requirement as the server is serving other clients in other
platforms as well.
Below is the java code to encrypt an AES symmetric key with the public key
it recieves from the
On 21 August 2013 03:19, Patrick Pelletier c...@funwithsoftware.org wrote:
On 8/15/13 11:51 PM, Patrick Pelletier wrote:
On Aug 15, 2013, at 10:38 PM, Nico Williams wrote:
Hmm, I've only read the article linked from there:
http://android-developers.**blogspot.com/2013/08/some-**
I am new to OpenSSL and have a private RSA key and am trying to read a
encrypted message that looks to be in base64 format but I'm not to sure.
When i do the below code i get this error if you can offer any help it
would be great.
Thanks
OpenSSL rsautl -decrypt -inkey privatekey.pem -in
On Wed, Aug 21, 2013 at 2:19 AM, Patrick Pelletier
c...@funwithsoftware.org wrote:
An easy way to work around this, if you don't mind linking against pthreads,
is to do this at the start of your application, after initializing OpenSSL:
typedef void (*voidfunc) (void);
if
Hi,
this shouldn't be, because you marked this extension as critical;
what is your OpenSSL release?
and in case of Linux, which distro (version/release) are you using?
Walter
On 20.08.2013 20:18, Peter1234 wrote:
Hi all,
although I issued a certificate for an intermediate CA (CA2) with a
You misunderstand how it's supposed to work.
OpenSSL does not prevent you from signing anything. It can't; for example, you
could use other software and generate the signature.
Instead, when the recipient gets a certificate, and verifies the chain, it
should reject the chain because the
On Wed, Aug 21, 2013 at 5:41 AM, Ben Laurie b...@links.org wrote:
Something needs to be done, but won't this re-introduce the problem of
/dev/random starvation, leading to more use of /dev/urandom (on platforms
where this is a problem)?
Mixing in the time seems like a safer solution that
*openssl Configuration question:*
I am using these command to create a CA signed cert.
opensslreq-new-nodes-out my.csr -days 730 -keyout
mykey.pem
-batch*-extensions * v3_OCSP-config configname.cnf
openssl ca -out *mycert.pem* -in my.csr -passin
On Wed, Aug 21, 2013, redpath wrote:
*openssl Configuration question:*
I am using these command to create a CA signed cert.
opensslreq-new-nodes-out my.csr -days 730 -keyout
mykey.pem
-batch*-extensions * v3_OCSP-config configname.cnf
openssl
16 matches
Mail list logo