Hello Mailinglist,
I'm a student and I must change a DES Implementation according to a lecture I
had last week. Now I'm looking for the DES source in OpenSSL. I have seen the
crypto\DES directory, but every change in a cbc function doese not work. (I add
on top of the function a
Hi all,
I am too new to this library and i am trying to do encrypt and decrypt in
RSA. But it gives a error in decrypting.
This is my code
#include stdio.h
#include string.h
#include openssl/rsa.h
#include openssl/engine.h
#include openssl/err.h
main(){
ERR_load_RSA_strings();
From is filled with random data. It is not a zero terminated text
string, therefore, strlen(from) will probably be invalid.
Bill
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of chamara caldera
Sent: November 24, 2008 7:58 AM
To:
Hi Victor:
On November 21, 2008 04:06:44 pm Victor Duchovni wrote:
The server-side SNI support in OpenSSL seems to be targeted at HTTPS
virtual host configurations, in which each Virtual host is associated
with its own SSL_CTX object, initialized not only with a separate
key+cert+trust chain,
On Mon, Nov 24, 2008 at 10:25:24AM -0500, Patrick Patterson wrote:
There will be no support for separately tunable SSL options per target
hostname, the only variables from name to name are the contents of
the PKCS#12 containers associated with each name.
Can you also make it so that it
Hi,
SSL_accept always returns 0 error. With SSL_get_error I found that the
error is SSL_ERROR_WANT_READ.
During debugging and troubleshooting, I realised that when I use normal
blocking windows socket, SSL_accept works fine.
Why using non-blocking windows socket caused that error ?
Thanks.
Max,
Glad you reached to the bottom of the problem. In my case - after carefully
analyzing the e_chil.c engine initialization code and my own application code
- it turned out to be an extremely trivial issue.
The disable_mutex_callbacks is by default initialized to 0, thus if you do
not
SSL_accept always returns 0 error. With SSL_get_error I found that the
error is SSL_ERROR_WANT_READ.
During debugging and troubleshooting, I realised that when I use normal
blocking windows socket, SSL_accept works fine.
Why using non-blocking windows socket caused that error ?
This is
A couple of questions:
Is there a new User's Guide for OpenSSL FIPS Object Module Version 1.2?
I don't see it in the openssl.org or in the oss-institute.org sites.
I'm assuming the same build model of config fips followed my make
and make test.
What can I do to overcome this error? I
On Mon, Nov 24, 2008, Carlo Milono wrote:
A couple of questions:
Is there a new User's Guide for OpenSSL FIPS Object Module Version 1.2?
I don't see it in the openssl.org or in the oss-institute.org sites.
It isn't quite ready yet.
I'm assuming the same build model of config fips
The error is in making fips - (config fips, followed by make) - not
even getting to make or make install for 0.9.8, so the
--with-fipslibdir option doesn't apply yet.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson
Sent: Monday,
On Mon, Nov 24, 2008, Carlo Milono wrote:
The error is in making fips - (config fips, followed by make) - not
even getting to make or make install for 0.9.8, so the
--with-fipslibdir option doesn't apply yet.
You need to build the validated source tarball. That will compile and install
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Bill Colvin
Sent: Monday, 24 November, 2008 08:48
From is filled with random data. It is not a zero terminated text string,
therefore, strlen(from) will probably be invalid.
Well, partly filled; but the rest is uninitialized,
Thanks, Steve.
The missing magic was 'fipscanisterbuild' - I had been using ./config
fips, which worked in the pre-1.2 versions of the fipscanister. I see
it in the Security Policy doc. Sorry for being boneheaded and not RTFM
closely enough.
-Original Message-
From: [EMAIL PROTECTED]
I used fwrite(signature,1,strlen(signature),fp) and got the same results.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni
Sent: Saturday, November 22, 2008 1:25 PM
To: openssl-users@openssl.org
Subject: Re: sign/verify kicking my ass
On
Well in this case I'm signing blah but I'm really trying to sign a base64
string. I'm just trying to use sign/verify to ensure that what was sent (a
base64 encoded message that's maybe 1024 chars long max) is real
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On
On Mon, Nov 24, 2008 at 05:59:39PM -0800, Shaun wrote:
I used fwrite(signature,1,strlen(signature),fp) and got the same results.
Which part of length of signature != strlen(signature) because signature
is not a NUL terminated C-string is not clear?
Which part of 'you are throwing away slen' is
Shaun wrote:
I used fwrite(signature,1,strlen(signature),fp) and got the same results.
Ok - strlen does the same thing as printf - it stops at a NULL. Since
the signature is NOT guaranteed to not contain a NULL, you can't use any
function that keys off of a NULL character. Which means that
I used fwrite(signature,1,strlen(signature),fp) and got the
same results.
You seem to have a fundamental misunderstanding about how strings work
in
C. That's not good for someone writing security software. The 'strlen'
function computes the length of a C-style string. The signature
According to the FIPS 1.2 Security Policy, Appendix A, Platform 8 cannot
be built as FIPS compliant because 'x84-64 asm' is a non-existent
platform. There is no such thing as x84. It should say 'x86-64 asm'.
Validation, from what I understand, only covers those platforms listed.
Hello,
My certificate was working when the openssl version was 0.9.7d. But once i
upgraded to openssl 0.9.8d it is failing giving the reason as :
level fatal
value certificate_unknown
Can anyone please let me know what could be the problem.
Thanks,
Kartik
PS:
21 matches
Mail list logo
