Re: SSL_get_finished determine length

> Is it valid to call: > > size_t size = SSL_get_finished(ssl, NULL, 0); No > Because SSL_get_finished invokes memcpy even if the size is 0, so is the > undefined behaviour? Yes

Re: writev over OpenSSL

y on your CPU at a throughput of 2-4 GB/s, which is about an order of magnitude slower than streaming memory throughput. -Marian Am 02.02.20 um 15:27 schrieb Eran Borovik: > Hi all, > I am in the process of integrating OpenSSL with my application. My > application uses scatter-gather u

Re: Help

SLES 10 is 13 years old and stopped receiving (security) updates three years ago. The best course of action here is to upgrade the operating system. -Marian Am 22.05.19 um 11:16 schrieb pcraghavendra.pra...@dell.com: > Hi Team, > >   > > Need help on the openssl librar

Re: aes-cbc-256 mode descryption without an IV

As it just so happens here is a gist implementing EVP_BytesToKey in Python: https://gist.github.com/tly1980/b6c2cc10bb35cb4446fb6ccf5ee5efbc -Marian Am 25.03.19 um 17:14 schrieb Tim Webber: > Thanks Marian.  i did read the man pages for enc .  not sure how that > gets you to the  EVP_Byte

Re: aes-cbc-256 mode descryption without an IV

s://www.openssl.org/docs/man1.1.0/man3/EVP_BytesToKey.html -Marian Am 25.03.19 um 01:20 schrieb Tim Webber: > I just posted a message which i have copied below to a python forum.  It > might be better asked here.  The coles notes version of my question is this: > > I have received an e

Re: CVE-2019-1559 advisory - what is "non-stiched" ciphersuite means?

ially). I believe OpenSSL uses stitched implementations in TLS for AES-CBC + HMAC-SHA1/2, if they exist for the platform. Also note that "AEAD ciphersuites are not impacted", i.e. AES-GCM and ChaPoly are not impacted. Cheers, Marian Am 27.02.19 um 03:56 schrieb M K Saravanan: > Hi, >

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

. ... if this is code going in the general direction of "production deployment", then get a crypto-person on board, or at least get them to review and sign off the code. Otherwise this *will* end in a debacle. -Marian -- openssl-users mailing list To unsubscribe: https://mta.openssl.o

Re: SSL port 990 mainframe ???

(or equivilent) that defines port access in terms of facility, there should be some error messages in the syslog if that is the problem. the tcpip profile should show you whether or not the privleged port are reserved. On Tue, Nov 3, 2009 at 2:22 PM, Marian Turczyn turc...@isc.upenn.edu wrote: Hello Folks

Re: Apache 2.0.61 and OpenSSL 9.8g

David, The bug you encountered more looks like the one that I too have experienced with Apache 2.2.6 (not 2.0.61) + OpenSSL 0.9.8g for which a resolution was available at http://issues.apache.org/bugzilla/show_bug.cgi?id=43334. By the way, this is more an Apache bug. Even after applying the

OPENSSL for z/OS 1.4 ???

Hello ... where can I find OPENSSL for z/OS 1.4 ?? The IBM site directs me to the OPENSSL site but I do not see an OPENSSLversion specifically listed for z/OS ??? thanks so much for any info you can supply !!! marian