On Wed, May 28, 2008 at 12:24 PM, Silvia [EMAIL PROTECTED] wrote:
Hi,
I'm trying to test some algorithm with openssl comman line and oprofile.
Then, to separate the time used for the real cryptographic operation from
the time used for I/O operation, I need to know which library is used to
On Wed, May 28, 2008 at 6:47 PM, Deane Sloan [EMAIL PROTECTED] wrote:
To tie this off - is it fair to say that the impact of say 2048bit RSA
SSL(etc) using a private key in the affected range is a valid
consideration/concern, however in combination with the likelihood
stated, the overall risk
On Tue, May 27, 2008 at 03:23:27PM -0500, [EMAIL PROTECTED] wrote:
So a developer at my company is having a problem.
When our business partner signs a data object using Bouncy Castle
(PKCS#7 CMS), outputs PEM, and we use OpenSSL and read it in, that
works fine, but when we try to get the
Hello,
We're performing PCI audit security scan on our machines and this one
vulnerability keeps coming back on our apache 2.2 server. I followed the
solution is provided and changed the line ssl/ssl.h (0x0FFFL -
0x0FFFL^SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG and also added the
entire
* Victor Duchovni wrote on Wed, May 28, 2008 at 21:10 -0400:
Only against random attacks of course, if all attackers
first check these keys, then removing them strengthens the
algorithm against (non-random) brute-force attack. This
said, the effort of explicitly avoiding these is
Hi all,
Steps to reproduce:
1. Download and unpack openssl-0.9.8h.tar.gz
2. Open Visual Studio 2005 Command Prompt
3. ms\do_masm.bat
4. nmake -f ms\ntdll.mak
Gives error:
ml /Cp /coff /c /Cx /Focrypto\sha\asm\s1_win32.obj
.\crypto\sha\asm\s1_win32.asm
Microsoft (R) Macro Assembler
I've found out that it's related to how SSL_Write() expects the same
buffer pointer after an SSL_ERROR_WANT_WRITE occurs.
I also found out that this can be avoided by issuing a SSL_ctrl() which
I tried, but now I get corrupted data from certain point.
How EXACTLY is SSL_Write in non-blocking
hi,
i am stuck with the error Unable to get local issuer certificate and then
SSL3_GET_CLIENT_CERTIFICATE: peer certificate not return.
I have created my own certificates using Openssl.exe . I have created
CACert.pem which is self signed CA certificate and then two other
certificates one is
Hi vinni,
As a hint i will reformulate how i understand your problem
The server cannot accept the client certificate because it cannot check
that the certificate have been issued by a trusted CA.
This arise because the CA certificate is not available so the questios are
1) Is the CA
vinni rathore a écrit :
hi,
i am stuck with the error Unable to get local issuer certificate and
then SSL3_GET_CLIENT_CERTIFICATE: peer certificate not return.
I have created my own certificates using Openssl.exe . I have created
CACert.pem which is self signed CA certificate and then
Hello,
we are currently programming on an integration of OpenSSL into our
existing Socket architecture. We have a problem with non-blocking
connections.
In our test scenario we coded a simple server and client that shall
communicate encrypted via SSL. But for now we simply use an unencrypted
On Thu, May 29, 2008 at 09:48:38AM +0200, Steffen DETTMER wrote:
On the other hand, someone else could assume that all potentially
weak keys are regenerated and the concerned (boxes,
systems, admins, security professionals, ...) now are more
sensitive, carefully exchanged all keys against,
Discard, while originally the problem was with a moving buffer, the
later trouble I had were my own bugs (SMTP CRLF line break algorithm had
problems).
Ales
__
OpenSSL Project
On Wed, May 28, 2008 at 02:23:44PM -0500, [EMAIL PROTECTED] wrote:
On Tue, May 27, 2008 at 03:23:27PM -0500, [EMAIL PROTECTED] wrote:
So a developer at my company is having a problem.
When our business partner signs a data object using Bouncy Castle
(PKCS#7 CMS), outputs PEM, and we use
Only against random attacks of course, if all attackers first check these
keys, then removing them strengthens the algorithm against (non-random)
brute-force attack. This said, the effort of explicitly avoiding these
is probably wasted (unless one suspects one has a identically weak RNG).
--
Hi,
This is a bug that has been reported on openssl-dev. It's due to a bug in
the file x86ms.pl responsible for the generation of MASM assembly code. To
be corrected, the line 273 of this file containing $extra should be
removed.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Hello,
I getting crazy !
In one application I insert CA certificates and CRLs in the X509_STORE.
This store is included in the SSL_CTX. No problem. The certificate
verification process during handshake runs like a charm.
In a second application, I create an X509_STORE and try to insert my
Sorry for the double ;-)
Hello,
I getting crazy !
In one application I insert CA certificates and CRLs in the X509_STORE.
This store is included in the SSL_CTX. No problem. The certificate
verification process during handshake runs like a charm.
In a second application, I create an X509_STORE
Hi,
The only thing I see in your code is that, inside the while block, you are
not setting the CA variable to the next element of the list Gl_listeCA.
Thus, at the second loop you will always get an error when calling
X509_STORE_add_cert because CA-x509 is pointing to the same certificate
as in
I complie 0.9.8h today and attempted to run onwin32 machine,
but I have bug:
openssl pkcs12 -export -in MyCert.pem -inkey MyKey.pem -out MyCert.p12
Loading 'screen' into random state - done
Enter pass phrase for MyKey.pem:
Enter Export Password:
Verifying - Enter Export Password:
20 matches
Mail list logo