This is not working...
I have just done a hex dump and the key still bears no resemblence to the
key reported by the command lineis it because i have version 0.9.8k of
the SDK and 0.9.8g of the command line?
Dr. Stephen Henson wrote:
On Mon, Aug 10, 2009, MusicAndy wrote:
The Key
GOT IT WORKING!! WOOHOO! (open up the champagne!)
Now I just need to get it working with salt (maybe with a tequilla and
lemon)
MusicAndy wrote:
This is not working...
I have just done a hex dump and the key still bears no resemblence to the
key reported by the command lineis it
Hi folks. Well almost got things to work the way i want to :jumping:
One more question. The salt format of a file in DES3.
I notice that the file that has been encrypted with the use of salt has
Salted__ followed by bytes of data.
If i read this from a stream, do i strip the Salted__ part off
Also, do I need to strip out these salt characters in my input buffer? The
reason i ask is that it is decrypting most of the file but leaves this at
the top (if you see the rest of this string is an xml header)
›³žšb+pÙ\ªú6*ýÑ.Ë€ÆÑErsion=1.0 encoding=UTF-8?
MusicAndy wrote:
Hi folks.
On Tue, Aug 11, 2009, MusicAndy wrote:
Hi folks. Well almost got things to work the way i want to :jumping:
One more question. The salt format of a file in DES3.
I notice that the file that has been encrypted with the use of salt has
Salted__ followed by bytes of data.
If i read this
So Steve, do I strip out the salted__ characters plus the following 8 bits?
Dr. Stephen Henson wrote:
On Tue, Aug 11, 2009, MusicAndy wrote:
Hi folks. Well almost got things to work the way i want to :jumping:
One more question. The salt format of a file in DES3.
I notice that
On Tue, Aug 11, 2009, MusicAndy wrote:
So Steve, do I strip out the salted__ characters plus the following 8 bits?
If by strip out you mean, don't try to decrypt them and if by 8 bits you
mean 8 bytes then yes ;-)
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial
Furthermore, why when it is decrypting does it appear to be overwritting with
these characters
?xml version=1.0 encoding=UTF-8 ?
MusicAndy wrote:
So Steve, do I strip out the salted__ characters plus the following 8
bits?
Dr. Stephen Henson wrote:
On Tue, Aug 11, 2009, MusicAndy
ALL SORTED NOW :jumping: :handshake::clap:
Many thanks for your help Steve! :)
Furthermore, why when it is decrypting does it appear to be overwritting
with these characters
?xml version=1.0 encoding=UTF-8 ?
So Steve, do I strip out the salted__ characters plus the following 8
bits?
On
Hi All
I am using SSL_CTX_set_cert_verify_callback(ctx, callback, (void *)arg)
API to register the callback function for certificate verification.
However I need to set the mode (SSL_VERIFY_PEER) for SSL Context.
I am using below code to set mode and callback function. Is it right way
of doing
Recently there has been some discussion on the Internet regarding so called
null-prefix attacks, see
http://www.thoughtcrime.org/papers/null-prefix-attacks.pdf. Is openssl
vulnerable to this attack?
/Roger
_
Med Windows Live kan
Hi,
I am new to OpenSSL and I was going through the following post.
http://marc.info/?l=openssl-usersm=112774769218757w=2
Well I want achieve a similar thing. I want to reduce the per connection
memory usage of OpenSSL. Now, I am facing a few issues :
*i) Connecting a client to the server.*
First Time I have seem Cannot find path to openssl/engines/ .
In FreeBSD-7.2 and64 it is a show stopper. In the old
BSDI BSD/OS 4.3.X just create directory and away you go.
Suggestion:
Can the path to openssl/engines/ point ot path to openssl/lib/
after all only .so's are being installed.
--
Hi,
I read the PDF and my first question would be.
How is this relevant to openssl, since it is normally only used for
creating and signing certificates
It is more up to a brower to do the proper checking;
That's why the PDF states
While many SSL/TLS implemntations fall victim to this, Mozila's
Recently there has been some discussion on th Internet regarding so called
null-prefix attacks, see
http://www.thoughtcrime.org/papers/null-prefix-attacks.pdf. Is openssl
vulnerable to this attack?
I read the PDF and my first question would be.
How is this relevant to openssl, since it is
When I read through the null prefix attack paper I took it to mean that browser
and certificate vendors were not doing an adequate job of verifying domain
names.
There's nothing inherently wrong with using counted strings (actually that is a
step in the right direction IMHO). The problem is
Roger No-Spam wrote:
Recently there has been some discussion on the Internet regarding so
called null-prefix attacks, see
http://www.thoughtcrime.org/papers/null-prefix-attacks.pdf. Is openssl
vulnerable to this attack?.
The attack is not an attack against SSL/TLS, but against
implementation
For some reason I didn't get any newsfeeds after re-subscribing, so I can't
really post to my earlier inquiry.
I've figured this out.
1) Convert Key's CipherValue from base64-to-binary
2) rsautl against the Key's CipherValue.bin - gives binary version of the
decoded key (uses the private key)
18 matches
Mail list logo