On 06-04-2012 01:12, Jeffrey Walton wrote:
On Thu, Apr 5, 2012 at 6:58 PM, Jeffrey Waltonnoloa...@gmail.com wrote:
On Thu, Apr 5, 2012 at 6:06 PM, Jakob Bohmjb-open...@wisemo.com wrote:
On 4/5/2012 9:01 PM, Jeffrey Walton wrote:
[SNIP]
The following list of permission bits are most (not
Thanks Dave for your great support... you rock... after changing KEYBITS,
it worked... my ignorance that i mistook it for Key and set it to 512...
Please find my response below...
Firstly Jeff,
256 is valid KEK and max one. Key can be of 'n' blocks each block being 64
bits in size and 'n'
Dave,
I had a suggestion for AES_unwrap() function. As of now, if IV doesn't
match it return 0. It would be good to change this to some other error
value which can be eye catchy. Normally the fist thing which comes to mind
when we see return 0 is things are fine... my 2cents
On Fri, Apr 6,
Hi,
I am asked to explore AES-XTS for one of the task. When i was going though
Openssl 1.0.1, i found the below EVP interface EVP_aes_256_xts() but looks
like it needs FIPS mode . Apart from this, i also found other API but to me
they could only support 128 bits. My requirement is 512 bit key
Hi,
I am trying to establish an tls1 connection between a server and a
client, running in two threads.
When doing the handshake the server gets the hello message and throws an
error:
error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
I am using on both sides
Hello,
Test connection works:
SERVER:
# openssl s_server -key vpn-server-key.pem -cert vpn-server-crt.pem
-cipher RC4-SHA -tls1
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
-BEGIN SSL SESSION PARAMETERS-
Hi Marek Marcola, thanks a lot for your help. I tried the commands with
exactly the same certificates and private keys and the connection works.
This makes me half happy :)
So, maybe I doing something wrong on handshaking?
Best regards
chris r.
On 06.04.2012 18:46, marek.marc...@malkom.pl
Hello,
Maybe there is library initialization problem, try to add:
SSL_load_error_strings();
SSLeay_add_ssl_algorithms();
Best regards,
--
Marek Marcola marek.marc...@malkom.pl
owner-openssl-us...@openssl.org wrote on 04/06/2012 07:06:22 PM:
crk c...@crook.de
Sent by:
Hi,
unfortunately this didn't help.
Besides, I am using SSL_library_init. The manual says
OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are
synonyms for SSL_library_init().
Best regards
chris r. =)
On 06.04.2012 19:20, marek.marc...@malkom.pl wrote:
Hello,
Maybe there is
I am trying to make an x509v3 extension that is a STACK_OF(X509). But
I'm not really sure the best way to go about this on OpenSSL. I
essentially want to encode/decode this:
CertificateStack ::= SEQUENCE OF Certificate
Should I attempt to decode the SEQUENCE OF by hand and use d2i_X509() to
build
On Fri, Apr 6, 2012 at 1:42 PM, crk c...@crook.de wrote:
Hi,
unfortunately this didn't help.
Besides, I am using SSL_library_init. The manual says
OpenSSL_add_ssl_algorithms() and SSLeay_add_ssl_algorithms() are
synonyms for SSL_library_init().
The client and server each call a different
On 04/06/2012 01:46 AM, Dave Thompson wrote:
AES_KEY actx, dctx;
printf(\n keylen = %d; kebits= %d, KEYLEN, KEYBITS);
Get out of the habit of outputting 'partial' lines (not
terminated by \n) in C. Sometimes it works and sometimes
it doesn't. It appears in this case on your system
12 matches
Mail list logo