On Tue, Aug 21, 2012 at 2:14 PM, Charles Mills charl...@mcn.org wrote:
Actually, there IS *almost* a general solution to this problem.
The input consists of characters from some set of 'n' characters. (Perhaps
'n' is 94 -- 0x21 through 0x7e inclusive -- but it does not matter.) You need
to
On Fri, Aug 24, 2012 at 2:18 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Thu, Aug 23, 2012 at 9:06 PM, Paulo Roberto bad_boy_...@hotmail.com
wrote:
Hello, I am using the package libssl-dev on ubuntu in my beagleboard xm, and
I have to run two C algorithms using the openSSL library..
On Sat, Oct 6, 2012 at 2:52 PM, Charles Mills charl...@mcn.org wrote:
I have recently written a product that incorporates SSL/TLS server code that
processes client certificates. I designed what I thought made sense at the
time but now I am wondering if what I did was best.
In the product's
On Wed, Oct 17, 2012 at 9:52 AM, Brent Evans brentevan...@gmail.com wrote:
Hi,
I'm currently trying to use the openSSL library to perform DES3 encryption
on a string. The result from this encryption then has a base64 operation
performed on it, before this is passed to a Java application to
On Tue, Nov 13, 2012 at 6:34 PM, Sanford Staab sanfo...@gmail.com wrote:
I have been struggling with openssl for a few months now writing batch
scripts on windows trying to make a .net web client with a client
certificate work with 2-way ssl against an apache web server.
Do you guys just want
On Tue, Dec 25, 2012 at 1:35 PM, Jeffrey Walton noloa...@gmail.com wrote:
I fetched `makedepend` from FreeDesktop.org
(http://xorg.freedesktop.org/releases/individual/util/). It would not
build due to missing dependencies. Ad infinitum.
$ port search makedepend
makedepend @1.0.4 (x11, devel)
On Mon, Dec 31, 2012 at 11:39 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Sun, Dec 30, 2012 at 3:20 PM, jb-open...@wisemo.com wrote:
On 30-12-2012 21:01, Jeffrey Walton wrote:
Hi All,
While working on Apple with Mac OS X and iOS, I found I needed to
patch OpenSSL 1.0.1c's Makefile.
On Wed, Jan 2, 2013 at 8:34 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Mon, Dec 31, 2012 at 7:00 AM, Ben Laurie b...@links.org wrote:
On Mon, Dec 31, 2012 at 11:39 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Sun, Dec 30, 2012 at 3:20 PM, jb-open...@wisemo.com wrote:
On 30-12-2012 21
On Fri, Jan 4, 2013 at 9:58 AM, Tayade, Nilesh
nilesh.tay...@netscout.com wrote:
Hi,
The RSA_private_decrypt() function is proved to be costlier on my system.
I will try for some hardware cards (PCI or over the network), which will help
me perform asymmetric decryption in case of
The sharp-eyed will have already noticed we're moving to git.
Well, it looks like that's actually happened now. We're also shifting
pretty much everything to new infrastructure.
So, there may be outages, unexpected changes and general weirdness for
a little while.
We'll let you know when we're
On 26 December 2012 20:07, Jeffrey Walton noloa...@gmail.com wrote:
On Wed, Dec 26, 2012 at 9:57 AM, Ben Laurie b...@links.org wrote:
On Tue, Dec 25, 2012 at 1:35 PM, Jeffrey Walton noloa...@gmail.com wrote:
I fetched `makedepend` from FreeDesktop.org
(http://xorg.freedesktop.org/releases
On 19 January 2013 16:31, Jeffrey Walton noloa...@gmail.com wrote:
On Sat, Jan 19, 2013 at 9:17 AM, Ben Laurie b...@links.org wrote:
On 26 December 2012 20:07, Jeffrey Walton noloa...@gmail.com wrote:
On Wed, Dec 26, 2012 at 9:57 AM, Ben Laurie b...@links.org wrote:
On Tue, Dec 25, 2012 at 1
On 20 January 2013 00:09, Jeffrey Walton noloa...@gmail.com wrote:
Hi All,
How does one specify and architecture for Configure?
I don't think there is an approved way to do it in general. Probably
you have to edit Configure to specify a new target.
However, your problem appears to be that you
On 6 March 2013 03:55, Nayna Jain naynj...@in.ibm.com wrote:
Hi all,
Are RAND_seed(), RAND_add() NIST SP 800-151A compliant ?
800-151 does not appear to exist, got a link?
__
OpenSSL Project
On 18 April 2013 00:17, Jakob Bohm jb-open...@wisemo.com wrote:
This sounds like a gross violation of the Postel principle.
A principle that should be pretty much universally violated.
__
OpenSSL Project
On 24 July 2013 08:57, Lionel Estrade lionel.estr...@myriadgroup.com wrote:
Hello,
I am looking for a SSL/TLS stack for a project based on CVP2 and I need to
know if the following RFCs (which are required by CVP2) are fully/partially
implemented in OpenSSL.
RFC 4680 - TLS Handshake
Try
write_data( file_, data, strlen(data) + 1, mykey);
On 16 August 2013 03:34, Ztatik Light ztatik.li...@gmail.com wrote:
ps, yes, line 29 is a mistake and should read: char new_filename[strlen(
filename ) + 5];
But even with that fix i get the same results
On Fri, Aug 16, 2013 at
On 21 August 2013 03:19, Patrick Pelletier c...@funwithsoftware.org wrote:
On 8/15/13 11:51 PM, Patrick Pelletier wrote:
On Aug 15, 2013, at 10:38 PM, Nico Williams wrote:
Hmm, I've only read the article linked from there:
http://android-developers.**blogspot.com/2013/08/some-**
On 3 October 2013 22:14, Jeff Trawick traw...@gmail.com wrote:
E.g., run
echo GET / | openssl s_client -connect host:port
It does the handshake then stalls until you press a key (which will be
left unused in the buffer when openssl exits), then it sends the input. I
guess the kbhit() in
On 13 November 2013 10:35, Igor Sverkos igor.sver...@googlemail.com wrote:
According to RFC 3280, which defines
X.509 certficates, these entries, if they exist, must not have
an empty value.
FWIW, RFC 3280 has been obsoleted by RFC 5280.
I couldn't find where it said this in RFC 5280.
The offender was removed from the list earlier today :-)
On Wed, Sep 14, 2011 at 3:41 PM, Jakob Bohm jb-open...@wisemo.com wrote:
WARNING: The automatic vacation response mail system used by your coworker
Mr. Lau
is spamming a public mailing lists with its automatic responses. You may
want
On Wed, Sep 21, 2011 at 3:48 PM, Thomas J. Hruska
shineli...@shininglightpro.com wrote:
The Register published an article yesterday that some people here might be
interested in on TLS 1.0 being cracked:
http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/
The Register points
On Fri, Sep 23, 2011 at 4:54 PM, Dr. Stephen Henson st...@openssl.org wrote:
On Fri, Sep 23, 2011, Jakob Bohm wrote:
Is openssl running out of bit values for SSL_OP_ constants?
Well more ran out of contants. When a new flag was needed for TLS v1.2 all 32
bits were used but fortunately two
On Sat, Jan 7, 2012 at 4:12 PM, Manish Jain invalid.poin...@gmail.com wrote:
Hello Michael/Anyone Else,
Can you be kind enough to please point me to some place/URL where I can get
a bit more information about how the key is negotiated upon ?
I have gone through a a couple of write-ups on
On Tue, Feb 21, 2012 at 5:47 PM, Chris Dodd d...@csl.sri.com wrote:
On 02/19/2012 07:36 PM, anthony berglas wrote:
Exactly. So you need about 112 bits of entropy / Pass Phrase to
generate a good 2048 bit key. Remember that the vast majority of 2048
bit numbers are not valid key pairs.
On Tue, Feb 21, 2012 at 7:04 PM, Ben Laurie b...@links.org wrote:
On Tue, Feb 21, 2012 at 5:47 PM, Chris Dodd d...@csl.sri.com wrote:
On 02/19/2012 07:36 PM, anthony berglas wrote:
Exactly. So you need about 112 bits of entropy / Pass Phrase to
generate a good 2048 bit key. Remember
On Tue, Mar 27, 2012 at 8:26 PM, Ken Goldman kgold...@us.ibm.com wrote:
On 3/27/2012 3:51 PM, Jakob Bohm wrote:
On 3/27/2012 9:37 PM, Dr. Stephen Henson wrote:
You should really be using EVP instead of the low level routines.
They are well documented with examples.
Where, precisely?
I
On Thu, Mar 29, 2012 at 5:40 AM, Prashanth kumar N
prashanth.kuma...@gmail.com wrote:
Thanks Ken for pointing out the mistake... after changing to
AES_Decrypt(), it worked but i still see issue when i print the
decrypted output as it has extra non-ascii characters in it.
Below is the input
On Sun, Apr 29, 2012 at 10:40 PM, Mike Hoy mho...@gmail.com wrote:
We use McAfee to scan our website for vulnerabilities. They claim the
following:
Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS servers to only support cipher suites that do not use
On Mon, Apr 30, 2012 at 12:45 PM, Dr. Stephen Henson st...@openssl.org wrote:
On Sun, Apr 29, 2012, Mike Hoy wrote:
We use McAfee to scan our website for vulnerabilities. They claim the
following:
Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.
Configure SSL/TLS
...@quantum.com
Preserving the World's Most Important Data. Yours.T
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Ben Laurie
Sent: Monday, April 30, 2012 1:32 AM
To: openssl-users@openssl.org
Subject: Re: McAfee Claims TLS
demos/state_machine
demos/tunala
On Tue, May 8, 2012 at 2:17 PM, Marcin Głogowski m.glogow...@bossa.pl wrote:
Hello,
I have to write non blocking SSL/TLS server based on the OpenSSL library.
I couldn't find any example/tutorial with this.
Please write me where can I find some client/server
On Sat, May 12, 2012 at 12:15 AM, scott...@csweber.com wrote:
Ahhh!
So, a 15 byte block (or ends with a 15 byte after multiples of 16 bytes)
would use a 0x01 in the last position...?
And a whole multiple of 16 blocks would have an extra block filled with
0x0f's...?
0x10, actually.
My
On Tue, May 22, 2012 at 9:55 AM, Simner, John
john.sim...@siemens-enterprise.com wrote:
Dear all,
I am working on an embedded product which currently uses OpenSSL 0.9.8w with
FIPS support.
I'm curious: what product is this? I had a quick poke around and
couldn't find any mention of OpenSSL on
Richard Levitte - VMS Whacker wrote:
This kind of question should go to openssl-users@openssl.org, which is
why I only send the response there.
I'm surprised you bothered, given that he spammed every email address he
could find.
--
http://www.apache-ssl.org/ben.html
Rodney Thayer wrote:
I've tried one of the 0.9.8 snapshots and make test is failing, after
running for an enormous amount
of time. (openssl-0.9.8-stable-SNAP-20050613.tar.gz)
Two questions:
1. what's the output supposed to look like, these days? Specifically,
is it supposed to run a long
I expect a release to follow shortly.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit. - Robert Woodruff
OpenSSL v0.9.7a and 0.9.6i vulnerability
I'm coming close to the end of the work to get OpenSSL FIPS-140ed. So,
if people have comments/changes/concerns, they'd better get a move on
and clue me in, because once its done we can't change it.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
There is no
Mathias Brossard wrote:
On Fri, 2003-09-05 at 11:55, Ben Laurie wrote:
- What version of OpenSSL does it correspond to? 0.9.7b?
Yes, and the FIPS specific routines will be carried forward in future
OpenSSL releases. Only the cryptographic module containing the
relevant cryptographic module
Chris Brook wrote:
If I read your reply right, responsibility for DAC and Known Answer Test
checking is the responsibility of the app developer, though you will provide
the DAC checksum for the crypto module. Have you also included the KATs,
since they essentially exist the OpenSSL test
Mathias Brossard wrote:
On Fri, 2003-09-05 at 19:59, Ben Laurie wrote:
Mathias Brossard wrote:
- Asymmetric: DSA, RSA, ECDSA
Not my understanding. Anyway, DSS only. RSA can't be, and ECDSA we
aren't doing.
It's a little disappointing that RSA is not part of the process
Rich Salz wrote:
reversible compression hash alogorithms out there?
I'm not a mathematical cryptographer, but that phrase sounds like an
implausability to me.
It is, of course, trivial to prove that anything with arbitrary length
input and fixed length output is not reversible. I missed the
Tal Mozes wrote:
Hi,
I just ran into this article
(http://www.gcn.com/vol1_no1/daily-updates/24504-1.html) which title is
OpenSSL gets FIPS certification. There was also a link to the article
on the last SANS NewsBites (Vol.5 Num.52, see http://portal.sans.org/).
From what I read in the websites
Rich Salz wrote:
we got ahold of an AEP1000 crypto accelerator for testing purposes. I am
stumped. The numbers look horrible.
The openssl speed program is not good for testing anything other than
the openssl software implementations. It does a repeated
single-threaded call to RSA_sign, etc.
Jin Zhao wrote:
Looks like openssl tar balls are signed with a different PGP key for
each source tar ball.
For example, openssl-0.9.7b.tar.gz was signed using a key with key id
E06D2CB1 and openssl-0.9.7c.tar.gz was signed with key id 49A563D9.
My question is why not sign the released tar ball
Rich Salz wrote:
I think I misunderstood that question. I honestly don't know what we
would lose. Maybe a sense of openness.
In the past -- at least, say, 2-3 years ago -- we had a couple of
anonymous posters who made very worthwhile contributions. Haven't
seen that recently. Also, it used
Boyle Owen wrote:
-Original Message-
From: Ben Laurie [mailto:[EMAIL PROTECTED]
I disagree.
I've lost the thread... You want to limit posting to subscribers only or
you don't?
I don't.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
There is no limit to what a man
Steven Reddie wrote:
Hi Steve,
I take it that dynamically linking the FIPS OpenSSL into an executable
means that the FIPS certification is void for that application. So as
you have stated, static linking is required. However, if I'm producing
a security library that uses OpenSSL and I
Joseph Bruni wrote:
On Apr 11, 2004, at 1:44 PM, Garrett Kajmowicz wrote:
They don't do quite the same thing. RSAPrivateKey_dup() et al. do not
accept a
const RSA*, they accept a RSA*. The i2d function, however, does accept a
const RSA*, so I've resorted to that pair.
I believe that the
Peter 'Luna' Runestig wrote:
On Fri, 14 Jan 2005 21:10 pm, Eduardo Pérez wrote:
Do you know if it's possible to use SSL (or some other protocol) over
UDP running totally in user space.
The OpenVPN project http://openvpn.net/ runs OpenSSL over UDP, works
great.
No, it doesn't. It uses SSL do
Henry Su wrote:
Try to find some source code for EAP-TTLS or EAP-PEAP, these use mem BIO and
SSL. You can try to read some source code FreeRadius or Open.1X. Good luck.
Or mod_ssl in Apache 2.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
There is no limit to what a man can
Medi Montaseri wrote:
ThanksI was particularly interested in FreeBSD amd64 which currently
Configure does not
support. I have since found that FreeBSD.org has a patch and they claim
that OpenSSL code
maintainers have been notified but openssl community has not included
that on their recent
Richard Levitte - VMS Whacker wrote:
From: Achim Spangler [EMAIL PROTECTED]
spangler The error message is as follows:
spangler cc -I.. -I../../include -std1 -tune host -O4 -readonly_strings -c
spangler bss_fd.c
spangler cc: Error: /usr/include/sys/signal.h, line 486: In the declaration
Shridhar Bhat wrote:
[EMAIL PROTECTED] wrote:
On 24 Nov, Jean-Marc Desperrier wrote:
Shridhar, a tool that incorporates OpenSSL code can hardly be released as
GPL, because OpenSSL itself is not GPL.
As I understand the BSD license, BSD licensed code can be rereleased
under the
John Casu wrote:
For example, mod_ssl is released under the GPL, and links
with openSSL and Apache.
Actually, I believe mod_ssl is BSD-licenced, as is Apache-SSL.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't
David Schwartz wrote:
David Schwartz wrote:
That is not a restriction on the right to "copy, distribute or modify",
now is it?
Yes, it is.
All it restricts is your ability to advertise: i.e. if you
advertise yourself, you must also advertise us. A bit like a GPL for the
Bernard Dautrevaux wrote:
-Original Message-
From: David Schwartz [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, November 29, 2000 12:26 PM
To: [EMAIL PROTECTED]
Subject: RE: Looking for an HTTPS client for NT C/C++
Ben Laurie wrote:
I'm not convinced by your
Marco Russo wrote:
I need to generate a random polynomial in Zp, with p very large (1024-2048
bits).
Sorry for my math...:-(,
but I think that with your method the problem is that the numbers in [0,
p-1] are equally likely only if
(2^(n - 1))mod p = 0, where n is the number of bits in
Marco Russo wrote:
- Original Message -
From: "Ben Laurie" [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Wednesday, January 17, 2001 7:18 PM
Subject: Re: BN_rand question
Marco Russo wrote:
I need to generate a random polynomial in Zp, with p very large
Lutz Jaenicke wrote:
On Sun, Jan 21, 2001 at 07:03:07PM -0500, Greg Stark wrote:
sorry for the misinformation. I misunderstood a thread I had read in the
archives. Just out of curiousity, what do the following functions do:
SSL_CTX_set_session_cache_mode( );
Shridhar Bhat wrote:
Hi,
We are trying to deploy multiple SSL-based servers
in a cluster. We want to share the session cache of each
of these servers so that connections from same client
(with session id reuse) can be handled by any server in
the same cluster. The scheme is simple:
[EMAIL PROTECTED] wrote:
Further to my previous message, I have not only received my Cryptoswift
card, but I actually have it working. I'm seeing a speed improvement of
around 20x on a Dual Pentium 166.
Hmmm ... so we can expect about 3x on a single P3/1GHz. How much do
these things cost?
Joseph Ashwood wrote:
I've found a problem with BN_mod_inverse, in particular when it is called
many times in quick succession when verifying DSA signatures. Originally
this showed up when use DSA_do_verify, so I wrote my own, and I've isolated
the problem as being in BN_mod_inverse. It
[EMAIL PROTECTED] wrote:
-Original Message-
From: Ben Laurie [mailto:[EMAIL PROTECTED]]
Sent: 14 February 2001 13:25
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: echoping 4.1 released : a tool to test SSL servers
[EMAIL PROTECTED] wrote:
This is just
Patrick Li wrote:
Thanks for the information. Does that mean there is no longer restrictions
on using any of the cipher suites specified by TLS or SSL outside of the US?
There never were restrictions on _using_ them, only on exporting.
Sorry for a simple question. But is it still the
[EMAIL PROTECTED] wrote:
I have, for two days, been banging my head on trying to install this
apache server with mod_ssl. I keep having problems. I have tried
absolutely everything I can think of to try to fix this. I have searched
all of the postings and tried their solutions. Nothing
Rodney Thayer wrote:
meta question... is there/should there be an openssl faq?
Dunno if there is, but there certainly should be!
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit.
Ralf S. Engelschall wrote:
In article d759809f6ba5277d776e77367f8bfc5e@anonymous you wrote:
It looks like crypto/evp has some trash in it:
e_dsa.c
pk_lib.c
abc.c
abcs.c
The abc.c, abcs.c and pk_lib.c are bogus IMO and I've now removed them. About
the e_dsa.c I'm
Russell Selph wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just a quick build nit-pick: when you do "make links" to set up the
includes directory, it misses the files pem.h and pem2.h. It's easy
enough to fix by hand, but someone might want to patch up the makefile for
future
Goetz Babin-Ebell wrote:
At 12:33 12.03.99 +1300, you wrote:
Yes, I forgot. But then you would have to type that (URL+port) into your
browser, right?
-Original Message-
From: Goetz Babin-Ebell [SMTP:[EMAIL PROTECTED]]
https://www.company_a.com:1443/secure_page.html
Bodo Moeller wrote:
- Scrap crypto/pem/ctx_size.c and crypto/pem/pem.org (with
appropriate changes to the Makefile);
What do you do about the stuff it generates, then?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of
Massimiliano Pala wrote:
On www.OpenCA.org when will be available...
And when will that be?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and those who take the credit. He told me to try to be in the
first
Jarvis Mckenzie wrote:
please could send information/documentation on your preparations for 2000.
fax #: 01223 847176. Thank you.
Some people amaze me.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two kinds of people: those
who work and
Sergio Rabellino wrote:
Rafael Calzada Pradas wrote:
OpenSSL Users:
.
The URL where you can found this information is:
http://www.microsoft.com/security/tech/sgc/EnableAGC.asp
bye. Rafa
hmmm Ms tells me "The page cannot be found" ... Maybe these informations
are to be
Boyce, Nick wrote:
OK. I'm confused (;-). I thought I understood the
load-the-certificate-at-Apache-startup issue, but then ...
On 28th.April,1999 Paul Rubin wrote :-
If you need a lot of hits/sec (a smart card can't handle many) you can
use a hardware accelerator like the Ncipher
Holger Reif wrote:
What OpenSSL calls PEM is nothing more than the raw cert or request
content, base63 encoded and wrapped by -BEGIN XYZ- and
^^ base64 :-)
-END XYZ- lines. It doesn't use RFC1421-1432!
The name is a bit misleading :-|
Cheers,
Ben.
--
John Wehle wrote:
The Cisco 2501 generates the enclosed ASN1 data stream when asked
to generated a certificate request.
Gosh, when did they start doing that?
How do I certify it? It
doesn't seem to be recognized as a request by openssl.
$ openssl req -inform der cert_req.27281
The
This is mostly off-topic, but in a good cause: I'm trying to install
Linux, not coz I have any real need, but so that I can more easily
support OpenSSL and related stuff, some of which is a major battle to
compile on FreeBSD (unfortunately, IMNSHO). But, I'm having my usual
nightmare ... so are
Ulf Möller wrote:
I have just uploaded the beta1 tarball to the FTP server. Please test it
and give us any feedback. This is as much a test of the release process
as it is of the code.
Looks all right, except there is CVS stuff left in the top level
directory.
Grr! I'll take a look.
Richard Levitte - VMS Whacker wrote:
3moeller Then direct VMS users to an appropriate snapshot in the
3moeller announcements, because the latest VMS changes are also not
3moeller in the tar file.
Drat. OK, I'll build my own tarball and will direct the VMS folks to
it (not that it's
GOMEZ Henri wrote:
Hi !!!
Why not start feeding contrib dir located in http://www.openssl.org/contrib/
with
at least at least openssl RPMs (0.9.3) (found on
http://www.modssl.org/contrib/)
Good idea for the OpenSSL RPMs - but I'd say www.openssl.org should be
the primary source, no?
Wade L. Scholine wrote:
What's the format of an rfc822Name? Is it name@fqdn, or something else?
The X.509 doc doesn't seem to say.
This may be too obvious, but how about looking at RFC 822?
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My grandfather once told me that there are two
[EMAIL PROTECTED] wrote:
Hello,
I've problems with:
int pem_password_cb(char *buf, int size, int rwflag)
none of arguments allow examine for which certificate is need this
password.
..
Is here any way how solving this?
You might want to use global variables to guess
I have compared different platforms when generating RSA private keys through the
openssl testapplication. How come,
different HP 9000 machines with HP-UX 10.20 differs with over 3 minutes ??? I am
thinking if absence of Math.processor or
different Math.processor could be the problem ??
Holger Reif wrote:
plasma schrieb:
I'd like to know, when will openssl use thread?
Don't you rather want to know when *Apache* uses threads?
To which the answer is "in version 2". Except for Windows, which already
uses threads.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"My
Michael wrote:
Credit card information should not be kept on the server. Send it on a
one-way only trip to a second machine which is no accessible via the
internet.
How do you do that, then? (FWIW, I agree with the "one way trip" bit,
but it seems to me that "not accessible via the
Juan Carlos Castro y Castro wrote:
This is not to answer the question (whose answer is not unless OpenSSL
supports SGC)
which it does, but I don't really see how that helps.
but to make another related (and slightly offtopic)
question: if I find a 128-bit upgrade to MSIE already lying on
Michael Slass wrote:
Not on the following:
This is a TEST key; I'm never going to use it for anything. Please
don't flame me to tell me
1) That I must always store my private key encrypted
2) That I should never publish my private key in a newsgroup mailing
But you didn't! :-)
Cheers,
Richard Levitte - VMS Whacker wrote:
Bodo_Moeller Please find attached a patch against openssl-SNAP-19990718
Bodo_Moeller which modifies the pem/* stuff to take an extra
Bodo_Moeller argument of type void* to all the functions which use
Bodo_Moeller a password callback. It also modifies
Bodo Moeller wrote:
On Tue, Jul 20, 1999 at 01:20:52AM +0200, Richard Levitte - VMS Whacker wrote:
So, is backwards compatibility an important issue here
and is it worth this kind of evil hack, or should we
just add the parameters?
Backward compatibility is an important issue.
Bodo Moeller wrote:
On Tue, Jul 20, 1999 at 10:55:20AM +0100, Ben Laurie wrote:
Bodo Moeller:
So, is backwards compatibility an important issue here
and is it worth this kind of evil hack, or should we
just add the parameters?
Backward compatibility is an important issue. Think
Steve Lihn wrote:
I tried a = BN_dup(b);
if b is NULL, it causes error. Is this normal or should it just duplicate NULL over
to a?
Can someone fix it if it is a bug!
It's at times like this that I wish they hadn't made boolean.
Wouldn't it be cool to write:
a=b BN_dup(b);
?
Bodo Moeller wrote:
On Fri, Jul 30, 1999 at 09:49:57AM +0100, Ben Laurie wrote:
I tried a = BN_dup(b);
if b is NULL, it causes error. Is this normal or should it just
duplicate NULL over to a?
It's at times like this that I wish they hadn't made boolean.
Wouldn't it be cool
Holger Reif wrote:
I tried a = BN_dup(b);
if b is NULL, it causes error. Is this normal or should it just
duplicate NULL over to a?
It's at times like this that I wish they hadn't made boolean.
Wouldn't it be cool to write:
a=b BN_dup(b);
? (Works in Perl,
"Salz, Rich" wrote:
(a=b) (a=BN_dup(b));
Oh gak, are we really trying to be clever for its
own sake?
Yes. Is there something wrong with that? Bear in mind that I was
disussing language architecture, not how OpenSSL should work.
But back to the original question. I think it's
Mark Borgerding wrote:
Ben Laurie Wrote
It's at times like this that I wish they hadn't made boolean.
Wouldn't it be cool to write:
a=b BN_dup(b);
Yup, that would be cool, but you can still do
a = b a = BN_dup ( b );
or more explict, but still tight:
a = ( b ? BN_dup ( b ) : 0
"Meyer, Will" wrote:
Greetings,
Has anyone compiled OpenSSL into a PRC for the PalmOS, or heard of anyone
doing it? I'm curious as to the final size...
Thanks in advance for any info, and have fun.
I've been planning to do it: snag is, I haven't got around to figuring
out how to
Steve Cook wrote:
We have a patent license from RSA, so this is the only
legal-to-use-in-the-USA implementation built using the SSLeay library.
I don't quite understand where the "so" in that sentence comes from: are
you suggesting that RSA gave you an exlusive licence?
Cheers,
Ben.
--
Thomas Reinke wrote:
Thanks for the reply. For the most part, I think I understand what
you're saying, except that I have one gap in my knowledge.
If I can bother you to complete one more little gap in my
ignorance:
In chain verification, (ala Netscape), wouldn't the browser still
Paul Khavkine wrote:
-BEGIN PGP SIGNED MESSAGE-
OpenSSL is a continuatin of SSLeay project done initially in australia
It is an SSL developpement toolkit NOT an apache module.
If you want to get a SSL module for apache go to:
http://www.modssl.org
or http://www.apache-ssl.org,
1 - 100 of 138 matches
Mail list logo