for cryptography. While Sec_Aficionado is quite
eloquent and makes several valid points, I think his overall argument does
not hold water. I have audited the crypto implementations in a number of
open-source projects over the years found wide variance in their quality.
In one instance a popular
While implementing one's own security and/or cryptography is certainly not
advisable for a novice (or even advanced programmers), creating cipher
implementations from scratch is probably one of the best ways to learn and
understand the intricacies of the problem at hand.
Learning about the
This is an excellent explanation in plain English. Thank you!
On Apr 28, 2015, at 4:31 PM, Steve Marquess marqu...@openssl.com wrote:
On 04/28/2015 03:44 PM, Sec_Aficionado wrote:
Hi there,
Total n00b question here. I recently ran across a question on an iOS
forum where someone
Hi there,
Total n00b question here. I recently ran across a question on an iOS forum
where someone was building an app with FIPS 140-2 compliant communications.
Now, from reading here (mailing lists) about FIPS certification, it involves
both the bits and the platform. So it would not be
Thanks for the heads up. Just to confirm, is this highest severity defect a
yet-to-be-disclosed vulnerability, or a fix for an already known one?
Sent from my mobile
On Mar 16, 2015, at 3:05 PM, Matt Caswell m...@openssl.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
, 2015 at 3:31 PM, Sec_Aficionado secaficion...@gmail.com
wrote:
Matt,
Thanks for keeping me honest! I see it now, but I totally missed it before.
I must have just played with the cli and not read the full page.
Can you please confirm that EVP is the way to go? I'll create my own little
for your help!
Sent from my mobile
Please forgive any autocorrections I may have missed
On Feb 10, 2015, at 9:21 AM, Matt Caswell m...@openssl.org wrote:
On 10/02/15 14:09, Sec_Aficionado wrote:
Ah, thank you! I tried a lot of things and was very frustrated. I wish the
documentation reflected
.
Thanks for your help.
Sent from my mobile
On Feb 9, 2015, at 9:23 PM, Dr. Stephen Henson st...@openssl.org wrote:
On Mon, Feb 09, 2015, Sec_Aficionado wrote:
Hello,
I am trying to encrypt a short message using AES-256-GCM as mentioned in the
subject.
My command is:
openssl enc -aes
Hello,
I am trying to encrypt a short message using AES-256-GCM as mentioned in the
subject.
My command is:
openssl enc -aes-256-gcm -p -in payload.txt -out enc.txt
I get prompted for password as expected.
The encryption goes well, and then I proceed to decrypt using:
openssl enc -d