On 8/27/13 1:33 AM, Dave Thompson wrote:
From: owner-openssl-...@openssl.org On Behalf Of Yuan Kang
Sent: Tuesday, 27 August, 2013 00:54
I don't think that it is true that "(signed char)(*p) >= 0"
is always true,
Mr Weimer didn't say it IS always true, he said a compiler
IS ALLOWED T
Looks like some old code didn't get cleaned up, and the documentation
for elapsed isn't always displayed though it now is always compiled in:
diff --git a/apps/speed.c b/apps/speed.c
index 9232418..f70fd3e 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1126,9 +1126,7 @@ int MAIN(int argc, char **
I believe the masking part is there because of the UTF-8 standard:
https://tools.ietf.org/html/rfc3629#section-3
The first byte starts with, say n - 1, consecutive bits with value 1, and
then a bit with value 0 to indicate the number of bytes to read. The
remaining 8 - n bits in the first byte are
Hi,
am I somehow missing something obvious or are there numerous error handling
checks missing in the SRP implementation?
For example in SRP_create_verifier() in crypto/srp/srp_vfy.c, I would argue
that if the first two calls to BN_bin2bn() succeed, but the one for the
salt fails, that would prod
>On Tue, Aug 27, 2013 at 1:33 AM, Dave Thompson wrote:
> Mr Weimer didn't say it IS always true, he said a compiler
> IS ALLOWED TO ASSUME it is.
Sorry about the misinterpretation. I thought that Mr. Weimer meant that the
assumption is desired behaviour here, with which I disagreed, but now it
ma
OK, found the error. I simply did not give a "double size" key to the cipher as
required. That would explain why it sometimes worked. Sorry for the trouble
Thanks for your time and support
LJB
> -Original Message-
> From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.
OK, sorry this stupid error has been resolved. There was some openssl init code
which got disabled when I disabled lines of source for FIPS mode.
The problem however still persists for me even with this OpenSSL which has been
compiled without fips. I will continue looking at my code.
Thanks
LJB
I forgot to mention that, even though performance is not my concern
here, I do appreciate your comments on that matter.
Le 27/08/2013 11:13, Michel a écrit :
Thanks for your comment,
but no, I didn't talk about performance.
I understand this is not very costly, especially compared with other
c
Ok, some weirdness happening here...
I've selected to test with option 2 and recompiled my openssl 1.0.1e withOUT
"fips" in "./config fips".
$ openssl version
OpenSSL 1.0.1e 11 Feb 2013
I've verified that the AES-XTS cipher is present with:
$ openssl list-cipher-algorithms
In my app I resolve
Thanks for your comment,
but no, I didn't talk about performance.
I understand this is not very costly, especially compared with other
crypto operations.
My concern was mostly about keeping the source code easy to understand
and 'logically consistent'.
I am trying to save the reader from askin
>From: owner-openssl-...@openssl.org On Behalf Of Yuan Kang
>Sent: Tuesday, 27 August, 2013 00:54
>I don't think that it is true that "(signed char)(*p) >= 0"
>is always true,
Mr Weimer didn't say it IS always true, he said a compiler
IS ALLOWED TO ASSUME it is. As I adjusted, the comp
> From: owner-openssl-...@openssl.org On Behalf Of Florian Weimer
> Sent: Monday, 26 August, 2013 10:58
> To: openssl-dev@openssl.org
> Cc: PMHager
> Subject: Re: UTF8 decoding, unneeded byte masking
>
> On 08/25/2013 12:23 PM, PMHager wrote:
> > If your intention is performance optimization you c
12 matches
Mail list logo
