Hi,
I am currently debugging an issue in which our 64 bit library that uses
OpenSSL 0.9.8k throws error (WSAENOTSOCK, 10038) while doing SSL_write,
SSL_read and creating socket.
Upon further investigation I found that the OpenSSL library uses socket
descriptor as an int whereas for windows 64
Ok,
I see now what you mean. I 'll try to hash the shared value with SHA1, then
truncate it to obtain 128 bits ...
2011/4/20 Mike Mohr akih...@gmail.com
Look, the typical way you'd use the DH shared secret would be to hash
it using an appropriate hash function. I personally like using Tiger
Hi, I tried the dhtest sample provided in the test folder of openssl-0.9.8g.
What it does is-
Creates 2 DH objects using a single prime and generator value. It then
calculates the public, private keys pairs using the 2 DH's.
Then computes the secret for each DH using the public key of the other
I believe this [freely available] book should interest you :
Handbook of Applied Cryptography
http://www.cacr.math.uwaterloo.ca/hac/
Le 21/04/2011 00:03, Patrick Rutkowski a écrit :
I'm pretty new to this PKI stuff, but I'm very confused about why pkcs12 files
are encrypted.
As I understand
Wow, awesome. I just read the foreword and the preface before getting to work.
They're very well written, and now I'm excited for the coming chapters for sure
:-)
I'll probably read it over the coming week or two. But I'm mildly worried about
the date the book was written, which was 1996; and
I have a pretty simple, probably newbie question.
My app works great, no trouble there.
But I'm having some trouble with cleanup when I have some test cases.
I'm calling
SSL_CTX_use_certificate_chain_file(ctx, certificateFile);
That works fine.
However, at the very end of my test, I want to
I'm trying to generate a PKCS#10 CSR using an Aladdin eToken Pro 64k
with a 2048 bit key.
I'm using Windows Vista 32bit, with the Aladdin PKI Client drivers
v5.1, OpenSC 0.12.0, and Win32 OpenSSL 1.0.0d.
I can generate the CSR with a 1024 bit key generated on board with no
problems. When I use
Never mind. Stupid user error. Got it. Thanks for anyone who looked.
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Greene, Geoffrey N
Sent: Thursday, April 21, 2011 12:59 PM
To: openssl-users@openssl.org
Subject: closing off the .pem file
I have
From: owner-openssl-us...@openssl.org On Behalf Of tera tellence
Sent: Wednesday, 20 April, 2011 09:15
I am trying in vain to find out why the AES decrypt won't work here.
I have found where exactly is the problem and now looking for
some wise-crack to help me
From: owner-openssl-us...@openssl.org On Behalf Of ikuzar
Sent: Tuesday, 19 April, 2011 18:57
So, have I to generate a prime with length = 3200 bits ?,
( the corresponding exponent will belong to 3200-bit MODP group )
in order to generate an AES 128 session key ? ( I use
From: owner-openssl-us...@openssl.org On Behalf Of Steffen DETTMER
Sent: Wednesday, 20 April, 2011 12:25
* Luc Perthuis:
Is there any theoretical proof for a good selection of 2
HASH (computing the results of two different algorithms on
the same data) that would annihilate the
From: owner-openssl-us...@openssl.org On Behalf Of Prashant Batra
Sent: Thursday, 21 April, 2011 09:16
Hi, I tried the dhtest sample provided in the test folder of
openssl-0.9.8g.
What it does is-
Creates 2 DH objects using a single prime and generator value.
I have done this multiple years in a row with the exact same process but now
I get the following error when I try to create my SSL:
openssl pkcs12 -export -chain -CAfile cachain.crt -out my.domain.com.p12
-inkey my.domain.com.key -in MY.DOMAIN.COM.crt
Error unable to get local issuer certificate
I managed to get this to work with a 2048 bit key by using the Aladdin
PKCS#11 library instead of the OpenSC one:
engine dynamic -pre SO_PATH:C:\WINDOWS\SYSTEM32\engine_pkcs11.dll -pre
ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre
MODULE_PATH:C:\WINDOWS\SYSTEM32\eTPKCS11.dll
req -engine pkcs11 -new
On Thu, Apr 21, 2011 at 7:44 AM, ikuzar razuk...@gmail.com wrote:
Ok,
I see now what you mean. I 'll try to hash the shared value with SHA1, then
truncate it to obtain 128 bits ...
In addition to Dave's comments, see NIST 800-135 and RFC 5869 for
guidelines and recommendations on
15 matches
Mail list logo
