On Wed, Sep 03, 2008 at 04:16:57PM +0200, Graham Leggett wrote:
Does openssl support RFC2898
Not in 0.9.8.x.
You have to write it yourself.
--
Eric Murray Sr. Security Architect
SafeNet www.ingrian.com www.safenet-inc.com
On Mon, Aug 28, 2000 at 09:15:25AM +0300, Wirta, Ville wrote:
-Original Message-
From: Eric Murray [mailto:[EMAIL PROTECTED]]
Sent: Friday, August 25, 2000 10:04 PM
To: [EMAIL PROTECTED]
Subject: Re: I'm still so very confused about certificates
The certificate has no effect
in '96 was posted to the
cypherpunks list. The archives move; a web search should
find them.
Newer versions might be in the Mozilla open-source project.
--
Eric Murray http://www.lne.com/ericm ericm at lne.com PGP keyid:E03F65E5
Consulting Security Architect
()
meth = TLSv1_client_method()
and attempt to make a connection. If the v3 one fails, try again with v2, etc.
apps/s_client.c is an example of the use of the calls.
SSLv23_client_method() sends a modified v2 ClientHello which indicates
that the client will do v3 if the server will.
--
Eric
?
Draw a pentagram on the floor, stand in the middle, wave a dead chicken
at the four compass points, and then type
% make linux-shared install
--
Eric Murray http://www.lne.com/ericm ericm at lne.com PGP keyid:E03F65E5
Consulting Security Architect
__
is a good asn.1 printer.
--
Eric Murray http://www.lne.com/ericm ericm at lne.com PGP keyid:E03F65E5
Security consulting: secure protocols, security reviews, standards, smartcards.
__
OpenS
not the cleanest code
to read, but you can figure out what's needed from that.
--
Eric Murray http://www.lne.com/ericm ericm at lne.com PGP keyid:E03F65E5
Security consulting: secure protocols, security reviews, standards, smartcards
that using the 'openssl enc *' IIRC
anyone recall?
"Openssl enc" just does bulk symmetric encryption, not SSL.
Thus there's no ciphersuite negotiation.
--
Eric Murray http://www.lne.com/ericm ericm at lne.com PGP keyid:E03F65E5
Security consulti
that don't use the RSA algorithm, especially
in TLS1. There also ones that don't use RSA Inc's trademarked RC4
algorithm.
--
Eric Murray http://www.lne.com/ericm ericm at lne.com PGP keyid:E03F65E5
Security consulting: secure protocols, security reviews, standards,
nstructive.
--
Eric Murray http://www.lne.com/ericm ericm at lne.com PGP keyid:E03F65E5
Security consulting: secure protocols, security reviews, standards, smartcards.
__
OpenSSL Project http://www.o
SS-DES-CBC-SHA
EDH-DSS-DES-CBC-SHA
All except the anon-DH (or ADH) are authenticated.
--
Eric Murray http://www.lne.com/ericm ericm at lne.com PGP keyid:E03F65E5
Security consulting: secure protocols, security reviews, standards,
is.
If it starts with 0x30,0x8{1,2,3} it's probably DER.
2. Is DER-encoding base64 by default?
Nope.
--
Eric Murray www.lne.com/~ericm ericm at the site lne.com PGP keyid:E03F65E5
Security consulting: security models, reviews, protocols, crypto
.
or SSL_WITH_NULL_MD5.
--
Eric Murray www.lne.com/~ericm ericm at the site lne.com PGP keyid:E03F65E5
Security consulting: security reviews, protocols, crypto, ssl.
__
OpenSSL Project http://www.openssl.org
a signature.
5- Who uses Base64 encoding, and what for? Is it an alternative to DER?
Base64 is a way to encode binary data using only legal seven-bit
ASCII characters. You can use it to encode anything; it's not
restricted to crypto.
--
Eric Murray www.lne.com/~ericm ericm at the site lne.com
ange/mutual authentication has occured. Since
this is an SSL list, I'd say that you should let the SSL session
negotiation occurr and _then_ send your private data. That way it's
automatically encrypted and authenticated.
--
Eric Murray N*Able Technologiesww
15 matches
Mail list logo
