[sorry for top posting]
This begs the question what is your access to the encrypted datastream?
If you are sniffing from the wire using Wireshark, then it will decode to this
level and show you a textual representation of the cipher list.
If you have access to the datastream through code, then
http://slproweb.com/products/Win32OpenSSL.html [1]
On Fri 05/10/12 2:37 PM , engineermike engineerm...@mindspring.com
sent:
HELLO,
Links:
--
[1] http://slproweb.com/products/Win32OpenSSL.html
Apologies for repeated top-posting. Only have crappy web-access.
See:
http://stackoverflow.com/questions/3242386/error-compiling-openssl-for-win32
[1]
You can locally fix up Op4enSSL's e_os.h to remove conflicts or find
another way to to do. I think the /G5 is being ignored.
On Wed 25/07/12 2:16 PM , Jakob Bohm jb-open...@wisemo.com sent:
On 7/25/2012 3:01 PM, Florian Rüchel wrote:
Hi,
I have a tool which calls RAND_bytes() for a length of 16 bytes while
using the CAPI engine and having set it to be used for all purposes.
If I run it in my Visual Studio
On Thu 12/04/12 3:08 PM , kthiru...@inautix.co.in sent:
Carl,
Thanks for your reply,
We have a Load Balancer in between the User ( desktop ) and the Server.
So, i used the getpeername and am getting only the Load Balancer IP in the
output and not the desktop IP. Is there any other way that i
On Tue 10/04/12 10:36 AM , kthiru...@inautix.co.in sent:
Am using OpenSSL for one of my TCP application and can someone explain how to
retrieve the source IP ( of the machine ) from which the SSL connection is
established.
Am using openssl-0.9.8a version.
I would say:
int fd =
On Tue 03/04/12 12:46 PM , brajan balamurugan@gmail.com sent:
I want to know what is ASN1_OCTET_STRING and how to convert that into c++
string /char *
--
An ASN1_OCTET_STRING is just another name for the ASN1_STRING type. Assuming
that the data you are trying to manipulate corresponds to
On Tue, Apr 3, 2012 at 6:03 PM, wrote:
On Tue 03/04/12 12:46 PM , brajan balamurugan@gmail.com sent:
I want to know what is ASN1_OCTET_STRING and how to convert that into c++
string /char *
--
An ASN1_OCTET_STRING is just another name for the ASN1_STRING type. Assuming
that the data you
On Tue 03/04/12 2:21 PM , Balamurugan rajan balamurugan@gmail.com sent:
I want to need to read the Certiifcate Key usage and identify the combination
values to determine what certificate is that . so i need the Keyuage values
of X509V3 certificate
That's a completely different thing!
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
My suggestion would be to use a BIO pair:
http://www.openssl.org/docs/crypto/BIO_new_bio_pair.html [1]
What do you think strlen(in) will return? You are mixing up variable length C
strings (nul terminated) with binary data - always pass the true data length
Carl
On Thu 29/03/12 12:58 PM , Chandrasekhar chandrasek...@evolute-sys.com sent:
Hi ,
I am new to this openssl libraries.
I am
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
I can see it:
03/14/2012 01:34PM 4,453,920 openssl-1.0.1.tar.gz [1]
On Thu 15/03/12 12:50 AM , Iain Morgan iain.mor...@nasa.gov sent:
On Wed, Mar 14, 2012 at 10:09:22 -0500, OpenSSL wrote:
-BEGIN
On Mon 12/03/12 4:02 PM , open...@master.openssl.org (OpenSSL) sent:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL Security Advisory [12 Mar 2012]
FTAO Dr Steve Henson,
Not that it's important, but the FAQ in 0.9.8u archive says:
* Which is the current version of OpenSSL?
The
On Mon 31/10/11 4:25 PM , Akanksha Shukla akshu...@cisco.com sent:
Hi Michael,
Thanks for the reply. But I think the issue is not from the C perspective.
As I already mentioned, that if I use fputs to directly write a string to
file, then I am able to do that successfully. But when I try to
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
Start second process as a daemon so it only does the entropy
gathering at process start-up?
On Wed 04/05/11 5:35 PM , Mounir IDRASSI mounir.idra...@idrix.net
sent:
Indeed, their have been already a modification to OpenSSL in
I used PKCS#12 files and CryptUIWizImport with these flags:
DWORD flags =
CRYPTUI_WIZ_NO_UI |
CRYPTUI_WIZ_IMPORT_TO_LOCALMACHINE |
CRYPTUI_WIZ_IMPORT_ALLOW_CERT |
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
My 2-cents worth...
If you had to tweak ANYTHING then this is not a FIPS-approved
build.
Carl
On Thu 09/12/10 4:39 PM , Christopher A Hotchkiss
christopher.a.hotchk...@jpmchase.com sent:
To All,
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
padding
On Fri 07/05/10 10:39 AM , Johannes Bauer jb@gmx.de sent:
Hello list,
I'm having trouble with the openssl enc feature. This here:
echo -n '0123456789abcde' | openssl enc -aes128 -nosalt -K
On Thu 18/02/10 3:31 PM , Robert Doncaster b...@edp.co.uk sent:
Hello,
Is there a programmatic way to give a list of available cypher names (eg
AES-128-ECB...)?
i.e a list of the names that could be supplied to EVP_get_cipherbyname().
the openssl enc.c example shows a function which
On Fri 22/01/10 1:54 PM , protagora27 protagora27 protagor...@gmail.com sent:
I want to test aes_wrap.c under sourceopenssl/crypto/aes.
Is this because AES needs 16 byte IV ??
__
OpenSSL Project
Hi,
In openssl, if I try to use anything using PBKD (PKCS#5 PBKDF2 in particular)
when in FIPS enabled mode, it returns an error.
Can someone point me to the relevant documentation in FIPS 140-2 that disallows
the use of PBKD functionality? In particular, when used to encrypt PKCS#12
files,
On Thu 22/10/09 9:05 AM , Misha Aizatulin ava...@hot.ee sent:
is there a way, given an EVP_CIPHER, to find out the human-readable
cipher name?
EVP_CIPHER_name
Carl
__
OpenSSL Project
On Thu 17/09/09 4:37 PM , Jeffrey Walton noloa...@gmail.com sent:
Hi Eystein,
typedef struct _STRING {
USHORT Length;
USHORT MaximumLength;
PCHAR Buffer;
} STRING, *PSTRING;
That looks like a UNICODE_STRING (or less commonly LSA_STRING) to me.
I don't ever recall seeing Microsoft defining
On Thu 13/08/09 4:46 AM , Sudarshan Soma sudarshan...@gmail.com sent:
Hi
Can anone please clarify this data with OPENSSL 0.9.8i:
RSA uses key ranges from 768-2048 and can operate only in CBC mode
DSA uses key length of 1024 and operates only in CBC
? CBC chaining mode only applies to symmetric
On Tue 4/08/09 10:19 AM , Tom Horstmann t...@utome.de sent:
Is there a way to determine if
a string is encrypted in DES or AES?
No
Will the decrypt AES fail on a DES
encrypted string always or will openssl return a good return but with
garbage as the decrypted string?
The latter
To the
Hi,
My apologies for a slightly off-topic question. When certificates are renewed
in most scenarios, is it usual to generate a new RSA key pair or would a client
re-use the existing keys and just ask for a new certificate with those keys?
Thanks for any guidance or pointers...
Regards,
Carl
I'm not going to comment on David's assertion's or anything about
wpa_supplicants, but lets take a step back:
SSL is NOT allowed in FIPS 140-2 compliant modes; TLS 1.0 IS allowed in FIPS
140-2 when using FIPS-approved security functions (see the FIPS 140-2
implementation guide).
TLS 1.0 is
BUF_MEM * server_ptr = NULL;
BIO_get_mem_ptr(server, server_ptr);
server_ptr-length should hold the size you want (assuming this isn't streamed
CMS)
Carl
On Tue 16/06/09 5:05 PM , Chris Bare ch...@bareflix.com sent:
Is there a way to find the size of the der-encoded CMS object without writing
Hi all.
I would like some help and guidance with using CMS in OpenSSL and general CMS I
guess. I just want to use enveloped data to transport an existing cryptogram.
The cryptogram was generated using AES-128 CBC with random IV using pre-shared
AES keys. I think I need to use key encryption
On Tue 12/05/09 10:52 AM , mail man mailman.inter...@gmail.com sent:
Small correction - the return type error came with the default file - with
void main. Now, only this error on compilation
[swu...@mpvmpc19 ssl]$ g++ -lssl -lcrypto cli.cpp
cli.cpp: In function `int main()':
cli.cpp:106:
On Tue 12/05/09 1:14 PM , Harm Verhagen harm.verhagen+web...@gmail.com sent:
As known on the openssl mailinglists there is a difference in byte order
between openssl and MS cryptoAPI, when doing RSA encryption.
Googling around I find many references to claims that openssl is PKCS#1
compliant
Hi,
Could someone please explain to me in simple terms the relationship between the
OpenSSL FIPS module and OpenSSL itself?
Is the FIPS module used by OpenSSL as a crypto engine or such like or am I way
off base here?
Thanks for any assistance or pointers.
Thanks,
Carl
On Mon 27/04/09 3:07 PM , Sever P A gnu.se...@gmail.com sent:
but, I search just a library functions that allows me to implement the
steps presented in an earlier message. Does it really exist ?
If so,
a) Which function(s) for generate the keys,
b) Which function(s) to obtain them,
c) Which
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
First things first, I would recommend against developing your own
protocol. Look at using TLS if you can and if it fits into your
applications paradigm.
Secondly, asymmetric encryption is very slow compared to
Hi all,
I have an application that uses OpenSSL and AES 192-bit keys to encrypt data
[files]. In it's original incarnation, it used PBKDF2 to derive the key. In its
newer form, it uses a FIPS approved PRNG to generate a random key and the key
is encrypted with a large RSA key for recovery. The
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
I would suspect that an 8 byte IV has been appended/prefixed
Carl
On Thu 19/03/09 9:16 PM , Dick Hollenbeck d...@softplc.com sent:
I am using on Ubuntu Hardy:
$ openssl enc -bf-cbc -K
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
Triple-DES is listed in the OpenSSL 1.2 security policy and is
listed as approved by NIST, so why would it not be available?
Carl
On Wed 11/03/09 12:01 PM , Kyle Hamilton aerow...@gmail.com sent:
Your key's digest
On Fri 20/02/09 10:17 AM , Tomasz Kolaj m...@abp.pl sent:
Hello,
Unfortunetly I need still compile shared version also and make fails with
that:
C:/msys/1.0/local/ssl/lib/libssleay32.a(ssl_lib.o)(.text+0x4ab):ssl_lib.c:
undefined reference to `BIO_s_socket'
That's part of openssl - you need
On Thu 19/02/09 1:41 PM , Tomasz Kolaj m...@abp.pl sent:
Hello,
Dnia czwartek 19 luty 2009 o 11:37:20 Victor B. Wagner napisał(a):
On 2009.02.19 at 09:48:20 +0100, m...@abp.pl wrote:
So, changing library order to
-lssleay32 -leay32 -lwsock32 -lwst -lws2_de -lz -lm
might help.
It works,
On Tue 10/02/09 10:53 PM , Michael Sierchio ku...@tenebras.com sent:
Tomasz Kaźmierczak wrote:
I've managed to base64 decode a public key (at least I think so;).
Now I'm trying to understand how to interpret the key data. I've found the
definitions of RSAPublicKey and RSAPrivateKey structures
40 matches
Mail list logo