The OpenSSL wiki states that there is support for built-in standard sets of
Diffie-Hellman parameters
(http://wiki.openssl.org/index.php/Diffie_Hellman#Working_with_Parameters_and_Generating_Keys).
However, I was unable to find any documentation about which sets of parameters
those actually
I'm using the capi API to access certificates in the Windows Cert Store. I'm
using the following to get access to the private key
EVP_PKEY *key = ENGINE_load_private_key(e, subject, 0, 0);
This seems to work as far as I can tell. Even if the certificate requires a
password the OS prompts the
Hello Openssl Team,
I would like to understand how Renegotation DOS impacts our current TLS
session and its issues.
How we can avoid Renegotation initialized by client during the TLS/SSL
session at openssl0.9.8q version.
Please provide documents if any describes about Renegotiation DOS.
And
OBJ_sn2nid() doesn't contain the full list of supported digest methods.
How can I find this list using the library?
I cannot fork/exec 'openssl list-digest-algorithms' and crack the output
as a solution.
--
Harlan Stenn st...@ntp.org
http://networktimefoundation.org - be a member!
Hello, I think the documentation for d2i_X509 is insufficiently clear about the
reuse behaviour. The DESCRIPTION has the following:
https://www.openssl.org/docs/crypto/d2i_X509.html
If *px is not NULL then it is assumed that *px contains a valid X509
structure and an attempt is made to
On 9/24/2013 11:58 AM, Roberto Spadim wrote:
There's space to create a new random device at /dev if you want too =)
/dev/nbrandom ? no block random? :)
2013/9/24 Richard Könning richard.koenn...@ts.fujitsu.com:
Am 24.09.2013 02:05, schrieb starlight.201...@binnacle.cx:
At 12:59 9/23/2013
hi david!
do you have a patch about this hack?
2013/9/25 David Johnston d...@deadhat.com
On 9/24/2013 11:58 AM, Roberto Spadim wrote:
There's space to create a new random device at /dev if you want too =)
/dev/nbrandom ? no block random? :)
2013/9/24 Richard Könning
Hello Openssl dev team,
Currently we are using openssl 0.9.8q version. Earlier we have used openssl
0.9.8k.
We have seen change in the return value handling of ssl_verify_cert_chain()
at function ssl3_get_client_certificate().
At openssl 0.9.8k, ssl_verify_cert_chain() is handled like this
Using OpenSSL libraries to provide basic encryption between client and server.
Using non-blocking sockets, and client can connect to multiple servers.
I have an intermittent issue where server reports 'SSL3_GET_RECORD:wrong
version number' during client hello.
I have added trace statements to
On 9/25/2013 2:19 PM, Roberto Spadim wrote:
hi david!
do you have a patch about this hack?
Actually Fedora 18 fixes the primary problems. It has an update to rngd
so that it uses RdRand and it gets invoked properly. I passed
information on to RedHat about the problems and they fixed it in
10 matches
Mail list logo