On Thu, May 24, 2012 at 8:16 AM, Sudarshan Raghavan
sudarshan.t.ragha...@gmail.com wrote:
Hi,
I am using CRYPTO_set_mem_functions to use our own custom memory
routines in a non blocking proxy implementation. This was working fine
in 0.9.8 and 1.0.0 but with 1.0.1c I can see that the custom
On Fri, May 25, 2012 at 11:25 AM, Ken Goldman kgold...@us.ibm.com wrote:
On 5/25/2012 11:03 AM, Steffen DETTMER wrote:
I think crashing with NULL is quite good: a must-not-happen situation
leads to a defined dead of SIGSEGVs, at least for platforms supporting
that, typically with good aid for
On Sun, May 13, 2012 at 1:55 PM, Thomas Anderson zeln...@gmail.com wrote:
openssl probably just doesn't recognize that OID. Here's what
phpseclib (the latest SVN) shows for that particular extension:
[8] = Array
(
[extnId] = id-ce-subjectAltName
[critical] =
On Sun, May 13, 2012 at 4:31 PM, Thomas Anderson zeln...@gmail.com wrote:
On Sun, May 13, 2012 at 2:00 PM, Jeffrey Walton noloa...@gmail.com wrote:
On Sun, May 13, 2012 at 1:55 PM, Thomas Anderson zeln...@gmail.com wrote:
openssl probably just doesn't recognize that OID. Here's what
phpseclib
On Tue, May 8, 2012 at 9:13 AM, Edward Ned Harvey open...@nedharvey.com wrote:
Suppose you have a single resource to be encrypted, and it should be
accessible by multiple users. Is there a way to encrypt something such that
multiple keys would work? I can't seem to find any such solution...
On Tue, May 8, 2012 at 4:33 PM, Dave Thompson dthomp...@prinpay.com wrote:
From: owner-openssl-us...@openssl.org On Behalf Of Adrian Manuel Vázquez
Betancourt
Sent: Tuesday, 08 May, 2012 15:21
I have a p12 certificate file and I would like to extract the private
key from it and export it as a
On Sun, Apr 29, 2012 at 5:40 PM, Mike Hoy mho...@gmail.com wrote:
We use McAfee to scan our website for vulnerabilities. They claim the
following:
Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use
Hi Paul,
On Wed, Apr 18, 2012 at 2:01 PM, Muschick, Paul paul.musch...@itron.com wrote:
So, it’s ironic that only after I post to the mailing list, I solve my first
problem. For visitors from the future, to fully add a new cipher suite, you
can’t forget to add your cipher’s EVP_CIPHER*
On Wed, Apr 18, 2012 at 9:04 AM, Edward Ned Harvey
open...@nedharvey.com wrote:
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Jeffrey Walton
On Tue, Apr 17, 2012 at 9:47 PM, Edward Ned Harvey
open...@nedharvey.com wrote:
From: owner-openssl-us
On Tue, Apr 17, 2012 at 7:59 AM, Edward Ned Harvey
open...@nedharvey.com wrote:
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Edward Ned Harvey
attacker doesn't know is your key and your plaintext. There is only one
solution. You must use a
On Tue, Apr 17, 2012 at 9:47 PM, Edward Ned Harvey
open...@nedharvey.com wrote:
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
us...@openssl.org] On Behalf Of Ken Goldman
The standard answer: If this is a real security project, hire an
expert. If you design your own crypto
On Sun, Apr 15, 2012 at 12:01 PM, toredhiddenu...@tormail.net wrote:
Hello guyz and cryptobrains! :P
One of the main disadvantages of EC on openssl seems to be the inability
to create arbitrary-sized keys and advantage for RSA: you can create 32768
bit RSA key but... not greater than 521
On Sat, Apr 14, 2012 at 7:20 PM, Nathan Smyth naf...@ymail.com wrote:
Hi there,
I have a dumb question. How can I tell whether SSL is actually protecting a
tcp connection - is there anyway from outside the application. I assume I
should look for something in Netstat?
I have quite a
On Fri, Apr 6, 2012 at 1:42 PM, crk c...@crook.de wrote:
Hi,
unfortunately this didn't help.
Besides, I am using SSL_library_init. The manual says
OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are
synonyms for SSL_library_init().
The client and server each call a different
On Wed, Apr 4, 2012 at 5:41 AM, pkumarn prashanth.kuma...@gmail.com wrote:
Hi,
I had earlier posted query on AES_Keywrap() usage and had good response on
the same and got lot of things clarified. Now i am successful in using
AES_wrap_key() API but i am running into a new problem.
I need to
On Thu, Apr 5, 2012 at 12:18 PM, sandeep kiran p
sandeepkir...@gmail.com wrote:
Jakob,
The last time we had this discussions, I mentioned when 0 is passed as the
second argument to CreateToolhelp32Snapshot, it takes a snapshot of all the
heaps for all the processes in the system. I was wrong.
On Thu, Apr 5, 2012 at 12:07 AM, Prashanth kumar N
prashanth.kuma...@gmail.com wrote:
You can use the below API's
RAND_bytes()
RAND_pseudo_bytes()
Sorry to nitpick. Its gets old auditing high integrity code where the
damn programmers ignore return values as if every succeeds.
#include
On Thu, Apr 5, 2012 at 6:06 PM, Jakob Bohm jb-open...@wisemo.com wrote:
On 4/5/2012 9:01 PM, Jeffrey Walton wrote:
On Thu, Apr 5, 2012 at 12:18 PM, sandeep kiran p
sandeepkir...@gmail.com wrote:
Jakob,
The last time we had this discussions, I mentioned when 0 is passed as
the
second
On Thu, Apr 5, 2012 at 6:58 PM, Jeffrey Walton noloa...@gmail.com wrote:
On Thu, Apr 5, 2012 at 6:06 PM, Jakob Bohm jb-open...@wisemo.com wrote:
On 4/5/2012 9:01 PM, Jeffrey Walton wrote:
[SNIP]
The following list of permission bits are most (not all) of those that
may appear in the DACL
On Wed, Mar 28, 2012 at 6:15 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Tue, Mar 27, 2012 at 4:26 PM, Ken Goldman kgold...@us.ibm.com wrote:
On 3/27/2012 3:51 PM, Jakob Bohm wrote:
On 3/27/2012 9:37 PM, Dr. Stephen Henson wrote:
You should really be using EVP instead of the low level
On Tue, Mar 27, 2012 at 4:26 PM, Ken Goldman kgold...@us.ibm.com wrote:
On 3/27/2012 3:51 PM, Jakob Bohm wrote:
On 3/27/2012 9:37 PM, Dr. Stephen Henson wrote:
You should really be using EVP instead of the low level routines.
They are well documented with examples.
Where, precisely?
I
On Tue, Mar 27, 2012 at 5:19 PM, Jakob Bohm jb-open...@wisemo.com wrote:
On 3/27/2012 10:42 PM, Jeffrey Walton wrote:
On Tue, Mar 27, 2012 at 4:26 PM, Ken Goldmankgold...@us.ibm.com wrote:
On 3/27/2012 3:51 PM, Jakob Bohm wrote:
On 3/27/2012 9:37 PM, Dr. Stephen Henson wrote:
You should
On Tue, Mar 27, 2012 at 4:26 PM, Ken Goldman kgold...@us.ibm.com wrote:
On 3/27/2012 3:51 PM, Jakob Bohm wrote:
On 3/27/2012 9:37 PM, Dr. Stephen Henson wrote:
You should really be using EVP instead of the low level routines.
They are well documented with examples.
Where, precisely?
I
On Mon, Mar 26, 2012 at 11:28 AM, anu anujc...@gmail.com wrote:
When I am using AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
const AES_KEY *key, const int enc);
then there is no linking error in my code
but when i use
AES_cbc_encrypt(const unsigned char *in, unsigned char
On Mon, Mar 26, 2012 at 1:49 AM, Prashanth kumar N
prashanth.kuma...@gmail.com wrote:
[SNIP]
: In my case, i would be storing the wrapped key and
not the original
key. So when user tries to decrypt the wrapped key, he would get the
original key but how do i make sure that is the
On Sun, Mar 25, 2012 at 7:31 PM, jeremy hunt jere...@optimation.com.au wrote:
Thomas J. Hruska wrote:
On 3/23/2012 12:53 AM, jeremy hunt wrote:
This posting is to help people to build OpenSSL 1.0.1 with Microsoft
Visual Studio. It may also indicate a required change to the build
On Thu, Mar 8, 2012 at 1:40 PM, aram_baghom...@hushmail.com wrote:
Hi,
I use this commands for compile it on a FreeBsd 8.2.
# ./Configure
# ./config
# make
Try gmake.
__
OpenSSL Project
On Fri, Feb 24, 2012 at 4:08 PM, Jakob Bohm jb-open...@wisemo.com wrote:
On 2/24/2012 2:14 PM, sandeep kiran p wrote:
You mentioned that OpenSSL is holding a snapshot lock in rand_win.c. I
couldn't find anything like that in that file. Can you specifically point me
to the code that you are
On Thu, Feb 23, 2012 at 2:12 PM, burtbick l...@burtbicksler.com wrote:
Hi, I'm working on a project where I need to interact with a hardware device
that is using Triple DES-ECB for encrypting keys.
One of the first things that I'm trying to do is to generate a 16 byte key
to be uploaded to
On Tue, Feb 21, 2012 at 3:51 PM, Andy Polyakov ap...@openssl.org wrote:
Another option (but shoot it down if its bogus :-): I noticed that if I
compile
fipscanister.o without -fPIC, then the const variables do get placed in
the (really readonly) .rodata section as desired. I thought maybe if
On Tue, Feb 14, 2012 at 3:22 PM, Timothy Kay tim...@not.com wrote:
Thanks for the pointer. It's very helpful.
HOWEVER, I can give you dozens of different sites that do it wrong, yet they
all work in the browsers. Clearly that particular part of the spec is no
longer relevant, and openssl
On Tue, Feb 14, 2012 at 4:42 PM, Johan Samyn johan.sa...@gmail.com wrote:
Hi,
I just compiled openssl-1.0.0g on a Win7 box using MingW. All went well,
except I got a virus alert from Avira for 'TR/Graftor.10418.101' found
in the file .../openssl-1.0.0g/test/asn1test.exe. That virus was added
On Tue, Feb 14, 2012 at 7:53 PM, anthony berglas anth...@berglas.org wrote:
Hello All,
I want to set up a simple system in which the private key is derived
entirely from a pass phrase.
I.e. the pass phrase provides all the Entropy that is used. This means
that the private key can be
On Tue, Jan 24, 2012 at 4:09 AM, Jakob Bohm jb-open...@wisemo.com wrote:
Informational note to others, as this information used to
be hard to obtain:
On Linux (for comparison):
/dev/urandom produces as many random bytes as you want (with
multiple calls if necessary), but if you read more
Hi All,
Is anyone interested in implementing FHMQV in OpenSSL?
I recently implemented FHMQV in Crypto++ (hopefully the patch will be
submitted soon). But I don't have a reference implementation to test
it against (or interoperate with). If interested, I can provide a
Crypto++ reference for
On Tue, Jan 17, 2012 at 1:32 PM, Magosányi Árpád m...@magwas.rulez.org wrote:
My application uses openssl-fips for random number generation, where the
seeding have to have at least 100 bits of entropy coming from a hardware
random generator which is certified either to FIPS or CC EAL4. Due to
On Wed, Dec 21, 2011 at 1:26 PM, nandan shantharaj iamnand...@gmail.com wrote:
Hi All,
SSL_CTX_load_verify_locations() is causing memory leak in my
application. Folowing is the function trace.
262 1072 bytes leaked in 4 blocks (2.25% of all bytes leaked)
263 These range in size
On Sun, Dec 18, 2011 at 10:57 AM, Helegurbann abdullahaydi...@gmail.com wrote:
Hi.I tried int his example code.But it doesn't runs:
[code]
#include stdio.h
#include string.h
#include curl.h
/* This is a simple example showing how to send mail using libcurl's SMTP
* capabilities. It
2011/12/17 Yang Chun-Kai waitmefore...@hotmail.com:
Date: Fri, 16 Dec 2011 14:52:27 -0500
Subject: Re: Generate private key problems
From: noloa...@gmail.com
To: openssl-users@openssl.org
2011/12/16 Yang Chun-Kai waitmefore...@hotmail.com:
1. If I use openssl genrsa -out
2011/12/17 Yang Chun-Kai waitmefore...@hotmail.com:
Hello~everyone~
As titled, genpkey command not found in 0.9.8, so is this new in latest
version?
RSA (112 bits of security):
$ openssl genrsa -out rsa-openssl.pem 2048
$ openssl pkcs8 -nocrypt -in rsa-openssl.pem -inform PEM -topk8
-outform
2011/12/16 Yang Chun-Kai waitmefore...@hotmail.com:
1. If I use openssl genrsa -out my_private_key.key 2048 this command then
I will get the encrypted private key or not encrypted key ?
because I want to use python ssl module and heard python ssl lib not support
encrypted private key for
On Thu, Dec 8, 2011 at 8:45 AM, John Emmas john...@tiscali.co.uk wrote:
Please ignore my previous email for the moment. It seems we're not sure
whether out binaries are official, pre-built ones or if they were built
elsewhere.
Presumably there are some official Windows DLLs and libs
On Mon, Dec 5, 2011 at 7:35 AM, hamid.sha...@sungard.com wrote:
Hi,
I am trying to make a simple C++ (64-bit) client program that can establish
a SSL connection with a remote server using OpenSSL on windows-7. I can
successfully execute the followings to create a new context block;
On Fri, Dec 2, 2011 at 1:55 PM, hamid.sha...@sungard.com wrote:
Hi,
I am trying to make a simple C++ (64-bit) client program that can establish
a SSL connection with a remote server using OpenSSL on windows-7. I can
successfully execute the followings to create a new context block;
Hi Maurice,
On Mon, Nov 7, 2011 at 8:01 AM, Maurice Mahieu mauri...@chello.nl wrote:
I mean the first case, to verify the signature.
As I understand the signature is the encyrpted digest of the certificate, I
was wondering if it is possible to decrypt the digest using the public key
of the
On Fri, Nov 4, 2011 at 6:05 AM, Shashidhar RP shashidhar...@hcl.com wrote:
HI
I disabled SSLv2 on the server. When the client which is capable of SSLV2
and SSLV3 sends the hand shake, client sends first V2 hello rt So the
server is not capable of handling V2 packet as SSLV2 is
On Mon, Oct 31, 2011 at 3:01 PM, Guilherme G. Rafare graf...@in3.com.br wrote:
Hi, how can I unsubscribe to the list and stop receiving emails?
http://www.openssl.org/support/community.html
Check your SPAM folder for the confirmation emails. I recently noticed
Google swallowed nine separate
On Mon, Oct 31, 2011 at 4:15 PM, dave.mclel...@emc.com wrote:
I’m looking into the use of SSL_get_shutdown to possibly avoid unnecessary
calls to SSL_shutdown. I noticed that SSL_get_shutdown() returns a 3
sometimes, but I can’t find a symbol that tells what that means. In ssl.h I
see:
On Thu, Oct 27, 2011 at 8:09 AM, Matthias Meixner
matthias.meix...@verifone.com wrote:
Hello!
When upgrading to version 0.9.8r my system stopped supporting session
resumption.
It looks like session tickets are the reason for this.
I was using some external session cache to support session
On Tue, Oct 18, 2011 at 6:47 AM, Nico Flink fl...@coolux.de wrote:
I have a question concerning the size of the out buffer filled by
EVP_CipherUpdate() and EVP_CipherFinal().
The evp man page gives the following description:
EVP_EncryptUpdate() encrypts inl bytes from the buffer in and
On Fri, Oct 7, 2011 at 1:55 PM, Diffenderfer, Randy
randy.diffender...@hp.com wrote:
How worried should I be about the contents of this?
http://www.kb.cert.org/vuls/id/864643 (published 2011-9-27)
Is this the topic that flitted across the board a week or so ago?
SSL_OP_ALL includes
On Tue, Oct 4, 2011 at 10:58 AM, brajan balamurugan@gmail.com wrote:
hi
can any one tell me why the signature verification in openssl fail when the
message is signed bu java IBM fips compliant.i am using openssl 0.9.8g in
power Pc. i am getting error in
if (((unsigned
On Wed, Oct 5, 2011 at 12:59 AM, William A. Rowe Jr.
wr...@rowe-clan.net wrote:
On 10/4/2011 10:45 PM, Bill Durant wrote:
Does anyone know how to produce a FIPS-capable OpenSSL that works on Windows
NT?
It's likely not possible...
But when I run it under Windows NT, I get the following
On Fri, Sep 23, 2011 at 4:59 AM, alok sharma alokonm...@gmail.com wrote:
So is there any method on Windows to generate non-predictable
randomnumbers. I think mostly FileSytem time is used to seed randomness
which is failing in my case.
One typically uses CryptGenRandom.
Jeff
On Mon, Sep
On Tue, Sep 13, 2011 at 5:53 AM, Mrunal Nerpawar p.mru...@gmail.com wrote:
I have a use case for one of the product that I work on. I need to know if
the passwords on the unix machines are weak.
The passwords are hashed using blowfish algorithm. I shall be doing
dictionary encryption using
On Tue, Sep 13, 2011 at 6:49 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Tue, Sep 13, 2011 at 5:53 AM, Mrunal Nerpawar p.mru...@gmail.com wrote:
I have a use case for one of the product that I work on. I need to know if
the passwords on the unix machines are weak.
The passwords are hashed
On Wed, Aug 17, 2011 at 1:51 PM, Kchitiz Saxena
kchitiz.sax...@gmail.com wrote:
Hi Wim
Thanks for the response. Actually, I am trying to compile openssl for WinCE
5.0. That's why I was trying to figure out whether I should define this
macro while compiling or not. However, if this macro is
On Wed, Jul 20, 2011 at 8:48 AM, brandon...@aol.com wrote:
It didn't fix it. In the end, I cannot link statically without libsasl2.a,
which I am having difficulty obtaining, but which must be somehow
obtainable.
http://asg.web.cmu.edu/sasl/sasl-library.html
In the meantime, I am including
On Sat, Jul 16, 2011 at 2:39 AM, brandon...@aol.com wrote:
Hi.
I am writing some C++ on Linux with g++. When I try to link statically to
libcrypto, by using the libcrypto.a library, it complains that
RSA_generate_key and DH_generate_parameters are undefined references.
Actually, I believe
On Fri, Jul 15, 2011 at 5:36 PM, Kyle Hamilton aerow...@gmail.com wrote:
On Fri, Jul 15, 2011 at 10:32 AM, Gaglia san...@paranoici.org wrote:
On 07/15/2011 08:23 AM, Kyle Hamilton wrote:
...
Excuse me, I got lost somewhere... Does this mean that it is not
possible to use EC crypto with
On Thu, Jul 14, 2011 at 6:22 PM, Kyle Hamilton aerow...@gmail.com wrote:
ECDSA is the elliptical curve (discrete-logarithm-based) variant of DSA, the
Digital Signature Algorithm. DSA was developed by the US National Security
Agency as a means of creating prime-factorization-based signatures
On Tue, Jul 12, 2011 at 9:03 AM, rick freitag quizzki...@gmail.com wrote:
Questions include:
Why do I need ActivePerl not plain Perl?
I am only using the Cryptolibrary functions from Visual C++.
Sorry to go offlist - I don't know the answer. But on Windows, I found
the easiest way to go is
On Thu, Jul 7, 2011 at 11:56 AM, Gene Kligerman
gene_kliger...@ca.ibm.com wrote:
Hi SSLers!
I am seeing an intermittent problem using EVP_md5 function to hash
user-specified passwords.
The application works fine most of the time except when I run a stress
test: 3 user applications
2011/7/1 yyy y...@inbox.lv:
Hello!
s_server (and probably other TLS servers), requires ECDH parameters, if
using ECDH ciphersuites. (probably similarily as for DH parameters with DH
ciphersuites).
It seems, that these are supposed to be generated using:
ecparam -name 'name_of_named_curve',
On Fri, Jul 1, 2011 at 1:14 PM, Vladimir Belov ml.vladimbe...@gmail.com wrote:
Hello.
I'll collect entropy(random bytes) myself on Windows. How many random
bytes I must give for function RAND_seed to seed PRNG properly in two cases:
Why not allow OpenSSL to auto seed itself? If you have an
On Fri, Jul 1, 2011 at 8:58 AM, Daniel Wambold wambo...@gmail.com wrote:
Hello list. Sorry for what is likely a simple question but I'm running out of
time and could use a quick hand. I have a program that encrypts data using
AES256 CBC mode and a 256 bit (obviously) key provided directly to
Hi mp3geek,
On Wed, Jun 22, 2011 at 6:05 PM, Ryan B mp3g...@gmail.com wrote:
Is this supported in OpenSSL trunk? Do I need any additional patches
or updated patches?
It is supported in OpenSSL 1.0.0, but you will need to patch (IIRC).
Jeff
On Tue, Jun 7, 2011 at 3:21 PM, Eric S. Eberhard fl...@vicsmba.com wrote:
I would point out in that last approach -- encrypting and sending un secure
(which is a good idea in many cases) does have a few considerations. If the
data is sensitive (like magnetic strip data from a credit card) this
On Thu, May 26, 2011 at 6:01 PM, Matt Thompson thompson...@gmail.com wrote:
I get an error when I try the following:
PS C:\bin\OpenSSL-Win32\bin gc .\secrets.m.text
U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o
PS C:\bin\OpenSSL-Win32\bin .\openssl aes-256-cbc -d -a -in
On Tue, May 24, 2011 at 12:05 AM, ciphertexto cipherte...@gmail.com wrote:
On May 23, 2011, at 7:20 PM, Dr. Stephen Henson wrote:
On Sun, May 22, 2011, Bill Durant wrote:
Hello,
Has anyone been able to build a working 64-bit version of the
FIPS-capable OpenSSL on Mac OS X 10.6.7
On Thu, May 19, 2011 at 5:44 AM, Tim Watts t...@dionic.net wrote:
Hi folks,
I'm setting up a new CA/SSL infrastructure for work - the CA is self signed
and all SSL certs (mostly server certs rather than client certs) will be
signed off against this CA.
I've just made the effort to try to
On Mon, May 16, 2011 at 8:51 AM, Sergey sh0...@gmail.com wrote:
Hello,
I have a program, written on C++ and QT.
I need to implement checking of file signature in my program, so that it
would do the same check, as this openssl command:
openssl dgst -sha1 -signature signature.bin -verify
On Mon, May 16, 2011 at 9:53 AM, John Hascall j...@iastate.edu wrote:
Duh, thanks to the people who pointed out that the pointer returned by
PEM_read_bio_RSA_PUBKEY might be null, and indeed it is (sadly I have to use
Xcode, which refuses to show any local variables and GDB claims they don't
On Mon, May 16, 2011 at 1:15 AM, raghib nasri raghibna...@gmail.com wrote:
I have also observed that changing my application code causes a different
HMAC sig generated by premain. So if it is covering just validated module
(fipscanister.o) then sig should remain same as i m using the same
2011/5/4 Prashant Batra prashant0...@gmail.com:
http://pastebin.com/0BG97RDH
This does not contain complete source code, but will definitely give you the
idea about what I am trying to do.
After a quick look, it does not appear there is enough code to say
what is wrong. For example, you
char mykey[EVP_MAX_KEY_LENGTH] = blowfish_key;
char iv[EVP_MAX_IV_LENGTH] = blowfish;
These look problematic. Is it the case that EVP_MAX_KEY_LENGTH ==
sizeof('blowfish_key')? Is it the case that EVP_MAX_IV_LENGTH ==
sizeof('blowfish')?
EVP_EncryptInit(ctx, EVP_bf_cfb(), (unsigned
On Tue, Apr 26, 2011 at 5:49 AM, Michel (PAYBOX) msa...@paybox.com wrote:
Hi,
I am no expert on the matter, but on my humble opinion,
I think you can rely on this book because most of its content is about
fundamental concepts,
not implementation details ( padding, message encoding, ... ) for
On Thu, Apr 21, 2011 at 7:44 AM, ikuzar razuk...@gmail.com wrote:
Ok,
I see now what you mean. I 'll try to hash the shared value with SHA1, then
truncate it to obtain 128 bits ...
In addition to Dave's comments, see NIST 800-135 and RFC 5869 for
guidelines and recommendations on
On Fri, Mar 25, 2011 at 3:56 PM, Anthony Gabrielson
agabriels...@comcast.net wrote:
This will do what you want:
http://agabrielson.wordpress.com/2010/07/15/openssl-an-example-from-the-command-line/
memset(plaintext,0,sizeof(plaintext));
The optimizer might remove your zeroization.
Jeff
On Sun, Mar 6, 2011 at 4:51 AM, pattabi raman rprt...@gmail.com wrote:
Hi,
I have to implement the RSA algorithm in our solaris10 ( which has openssl
already) using C programming.
Anyone please forward any doc / sample code / Weblink anything would be a
great help me.
c = m^e mod n
m = c^d
On Sun, Mar 6, 2011 at 5:23 AM, pattabi raman rprt...@gmail.com wrote:
Hi ,
I need to implement the entire RSA logic in C program to encrypt the
customer key for one of our application functionality.
I am bit confused on RSA API, which gives me struggle like Which method to
call / order
Hi Yann,
I know , but i haven't file .KEY (eg. cert.key) , i must convert file .cer
into .pfx without file .key
Factor n, or solve the discrete log to recover the private exponent.
On Mon, Feb 14, 2011 at 11:44 AM, yann458 sival...@gmail.com wrote:
I know , but i haven't file .KEY (eg.
On Thu, Jan 20, 2011 at 5:01 PM, Welling, Conrad Gerhart
conrad.gerhart.well...@saic.com wrote:
My team just received a directive from our customer to start using SHA-2
immediately. Yes, in effect, the directive is that vague, and, no, details
have not been forthcoming! So, I intend to tell
On Wed, Jan 5, 2011 at 12:45 PM, Harshvir Sidhu hvssi...@gmail.com wrote:
Hi,
Is the CAPI engine from OpenSSL supported on WinCE?
I don't believe OpenSSL will compile on Windows Mobile. I also
believe a patch by Pierre
Delaage is available at
On Thu, Dec 23, 2010 at 3:35 PM, aerow...@gmail.com wrote:
Export the environment variable OPENSSL_FIPS=1, and then try openssl md5?
I am aware of two companies which are (were?) claiming a FIPS
validated module via OpenSSL sources, but not building the canister.
For completeness, the companies
On Thu, Dec 23, 2010 at 3:48 PM, Mike Mohr akih...@gmail.com wrote:
Good afternoon,
When generating an RSA key, several components are described in the
output file. Per the RSA specification on wikipedia,
You should question anything on Wiki since it is generally unedited.
Don't make the
, Jeffrey Walton noloa...@gmail.com wrote:
On Thu, Dec 23, 2010 at 3:35 PM, aerow...@gmail.com wrote:
Export the environment variable OPENSSL_FIPS=1, and then try openssl md5?
I am aware of two companies which are (were?) claiming a FIPS
validated module via OpenSSL sources, but not building
fipscanister.
Agreed. Sorry about the traces of cynicism. I just don't trust
corporate or government. They collude all the time.
Jeff
On Thu, Dec 23, 2010 at 3:48 PM, Jeffrey Walton noloa...@gmail.com wrote:
On Thu, Dec 23, 2010 at 5:56 PM, aerow...@gmail.com wrote:
OPENSSL_FIPS=1 causes openssl
On Wed, Dec 15, 2010 at 12:55 AM, Kannan J
kannan_jayapraka...@yahoo.co.inwrote:
From my relentless search on the internet I hit upon this webpage
http://www.mobilefish.com/services/rsa_key_generation/rsa_key_generation.php
On Wed, Dec 15, 2010 at 12:58 AM, Victor Duchovni
victor.ducho...@morganstanley.com wrote:
On Tue, Dec 14, 2010 at 09:46:11PM -0800, Kannan J wrote:
I'm copying and pasting the text from the smart card guide. It is too
big to attach.
Please use plain-text (non-HTML) email when sending mail
On Sun, Dec 12, 2010 at 12:12 PM, S Mathias smathias1...@yahoo.com wrote:
i can use natively openssl for anonymous chat:
# Chat:
# server side:
openssl req -x509 -nodes -days 365 -newkey rsa:8192 -keyout mycert.pem -out
mycert.pem
# server side - generate a self-signed cert.
openssl
On Sun, Dec 5, 2010 at 11:12 AM, Eugene N neverov.biks.0...@gmail.com wrote:
Dear sirs
I am looking for a way to perform a set of heterogeneous operations, with
some parameters being BIGNUM and some just 32 bit integers.
for example, multiply a bignum by 2, increment a bignum by 1, find a
2010/11/22 Ing. Fabián Martínez Osorio fab...@autodocuments.com:
Hi:
I have a C++ program that uses the openssl library, and on some computers, I
got the message “La aplicación no se ha podido inicializar correctamente,
error 0xc0150002. Haga clic en aceptar para terminar la aplicación” Can
On Wed, Nov 3, 2010 at 9:12 AM, David Schwartz dav...@webmaster.com wrote:
On 11/2/2010 6:25 PM, Md Lazreg wrote:
r=select(m_sock_fd + 1, fds, 0, 0, ptv);
if (r = 0 (Errno == EAGAIN || Errno == EINTR))/*if we timed
out with EAGAIN try again*/
{
r = 1;
Hi Rajesh,
I've had success with integrity checking using MACs and signatures for
both PE/PE+ and Elf32/64 executables and dynamic libraries on their
respective platforms (not limited to a OpenSSL dll). If I recall,
OpenSSL is only trying to embed a MAC.
5292:error:2507606A:DSO support
Hi All,
Forgive me if this has been answered else where.
I did not see a multi-threaded unit test, and searching the archives
(http://www.mail-archive.com/openssl-...@openssl.org/) returned 0
hits. Grepping the site returns one reference to unit test regarding
to Thomas Wu's SRP at [1] (Ticket
So I wasted my precious time preparing a patch while someone
else had already posted a patch off-list.
Lol... If you're going to throw a tantrum every time someone beats you
ta a patch, you owe us a tantrum:
WinCE patch:
http://www.mail-archive.com/openssl-users@openssl.org/msg61765.html
Pierre
LNK2001: http://msdn.microsoft.com/en-us/library/f6xx1b1z%28VS.71%29.aspx
When i try to link Libeay32.lib in my application i see following link
errors where as these errors are not seen when build without FIPS.
It appears you are missing a library (non-fips has it, fips is
lacking). Compare
On Wed, Oct 6, 2010 at 8:45 PM, Darryl Miles
darryl-mailingli...@netbauds.net wrote:
[SNIP]
Oh, and stdint.h is not available with all compilers!
Isn't this an ANSI requirement, ah well, poor compiler users what standards
do they conform to then ?
Like the safer string functions (strcpy_s
I think part of my problem is that EVP_BytesToKey only returns a 16 byte key.
You will probably need to duplicate Crypt-CBC-2.30's algorithm for
creating or deriving the key. Blowfish uses a variable length key
(some hand waiving) [1], so there should be no algorithm to duplicate.
Use the 56
601 - 700 of 744 matches
Mail list logo