On Thu, Jul 31, 2014 at 5:10 PM, Laurent Broussy lbrou...@elbeconseil.com
wrote:
Hi,
Like describe in the FIPS 46-3 a DES key must have it heavy bit as parity
bit. I try to encipher with a key without no correct parity bits and with
this key where I put the correct parity bits the same
Hi,
I'm testing SSL_clear() which is supposed to reset the SSL status to
allow a new connection (given that the client will set the same SSL
parameters as in the previous handshake).
And that is my case, I use the same client script to test this feature
in a server. Scenario:
- client sends
Hi,
I am using “openssl-1.0.1h” to do X509 certificate validation for accessing
from app1 to app2 (these are 2 separate applications).
- In app2, I have uploaded the X509 certificate generated by app1 and
I am using the following code segment in app2 to verify the certificate (when
You have to look at the character string type of the DN. For example, in
printableString the exclamation point is an illegal character.
--
Principal Security Engineer
Akamai Technologies, Cambridge MA
IM: rs...@jabber.memailto:rs...@jabber.me Twitter: RichSalz
Hi Thulasi,
You are right! It's a bug on my part.
I have a follow-up question regarding what EVP_DecryptFinal is doing.
In my case, the original string is 27 bytes long, the ciphertext length
is 48 ( I am using AES-CBC-128). The decrypted plaintext before
finalization is 32 but the
Tom:
Thanks for the quick response (I'm under the gun):
1. The XP SP3 box I'm working on has ActivePerl 5.10.0, an old release
(2008?), which was suitable for building openssl-0.9.8l at the time. Of
course, it's easy to install a newer version it there's a requirement to do so.
2. Given the
On Fri, Aug 01, 2014, Thomas Herchek wrote:
Hi All,
We are using cURL and OpenSSL, version 1.0.0.1, in our product and am
getting an error I?m hoping to get help with.
We have a customer who created a self-signed server cert, on the host server
(net-oh1-ca-03.internal1.com), and then
On Thu, Jul 31, 2014, Welling, Gerhart G. wrote:
Tom:
Thanks for the quick response (I'm under the gun):
1. The XP SP3 box I'm working on has ActivePerl 5.10.0, an old release
(2008?), which was suitable for building openssl-0.9.8l at the time. Of
course, it's easy to install a newer
Anyone had a chance to look at this? I would really appreciate any help
someone offers.
Thanks,
--
Peter Barton
NetProtec
Original Message
Subject: OpenSSL FIPS 140-2 Compliant
From: pbar...@netprotec.com
Date: Sat, July 26, 2014 10:15 am
To: openssl-users@openssl.org
I am
On Sat, Aug 2, 2014 at 12:16 AM, David Li dlipub...@gmail.com wrote:
Hi Thulasi,
You are right! It's a bug on my part.
I have a follow-up question regarding what EVP_DecryptFinal is doing.
In my case, the original string is 27 bytes long, the ciphertext length
is 48 ( I am using
Just wanted to say that Thulasi’s explanations and advice are exactly correct;
thanks!
--
Principal Security Engineer
Akamai Technologies, Cambridge MA
IM: rs...@jabber.memailto:rs...@jabber.me Twitter: RichSalz
From: owner-openssl-us...@openssl.org On Behalf Of dave paxton
Sent: Thursday, July 31, 2014 20:12
In looking at this today I found what the new ec key is doing. It
does a BN_rand_range operation. That does have the rand.h include. It
looks like it is using from the random area
If by heavy bit you mean the most significant bit, that's backwards.
DES (and 3DES) keys put the parity bits in the least significant bit.
The low-level DES_* API in OpenSSL has options to set a key with
checking for parity and weak and semi-weak keys, or without,
and also routines to
This is almost certainly belongs in -users only, but if I restrict reply it
looks unanswered.
From: owner-openssl-us...@openssl.org On Behalf Of Nayna Jain
Sent: Thursday, July 31, 2014 17:37
We got one of our openssl version upgraded to openssl 1.0.1e version.
But after that I am facing
14 matches
Mail list logo