> -Original Message-
> From: owner-openssl-us...@openssl.org [mailto:owner-openssl-
> us...@openssl.org] On Behalf Of Dave Thompson
> Sent: Thursday, August 23, 2012 2:31 AM
> To: openssl-users@openssl.org
> Subject: RE: About the encrypted premaster length.
>
> > From: owner-openssl-us...
For my own benefit and that of others, I made a page at
http://jmarshall.com/stuff/handling-nbio-errors-in-openssl.html listing
various error conditions after SSL_accept(), SSL_connect(), SSL_read(),
SSL_write(), and SSL_shutdown(), all on *non-blocking* sockets. The tables
show what to do after t
> From: owner-openssl-us...@openssl.org On Behalf Of Tayade, Nilesh
> Sent: Wednesday, 22 August, 2012 16:13
> The 'Client Key Exchange' packet carries the encrypted
> premaster. I am working on utility for decrypting the data
> and supported cipher suites are RC4_128_MD5 and RC4_128_SHA.
>
Onl
Hi,
The 'Client Key Exchange' packet carries the encrypted premaster. I am working
on utility for decrypting the data and supported cipher suites are RC4_128_MD5
and RC4_128_SHA.
I observed that the encrypted premaster length varies in the 'Client key
exchange' packet. Sometimes it is 128bytes
Hi folks,
Thanks for your help with previous questions. I have a new one, which
should hopefully be quick:
In implementing AES-CMAC-128 over a message, I assumed it would be
equivalent in OpenSSL to hand the EVP_aes_128_cbc() EVP_CIPHER to CMAC, as
I did not see a regular AES-128 EVP_CIPHER availb
Hi
We are in the process of adding support for ECDSA-ECDHE cipher suites and
hence ECDSA certificates to our server.
Right now, the server does the following:
1) Assign the ECDSA certificate to the SSL_CTX.
2) Set the callback for ECDH parameter generation using
SSL_CTX_set_tmp_ecdh_callback.
I
On 21 Aug 2012, at 2:39 PM, Bart W Jenkins wrote:
> Given:
>
> openssl smime -binary -sign -passin "pass:SomePassword" -signer cert.pem
> -inkey key.pem -in Document.txt -out Document.txt.sig -outform DER
>
> What *exactly* is done to the s/mime text to create a "binary" file?
Are you asking a
On Wed, Aug 22, 2012, Seiichi Tatsukawa wrote:
> We are seeing the deadlock in FIPS 2.0. (1.0.1c + fips-2.0 and using
> AES256-SHA256 if that matters.) DRBG's auto reseeding (after 2^24 operations)
> causes it. Here is the simplified backtrace.
>
> fips_drbg_bytes()
> CRYPTO_w_lock(CRYPTO_LOCK
I'm looking at
https://groups.google.com/forum/?fromgroups#!topic/mailing.openssl.users/j8O
bkLf6xgs
Do I interpret it correctly as saying that assuming I do not have some
clever source of entropy of my own, that I should just "do nothing" and let
OpenSSL do what it decides is best? In other wor
Hi all,
We (and a couple of others) had faced this issue on Windows 7 and Windows
2008 systems. We raised the issue with MS and very recently they released a
hotfix to address the problem in Ntdll.dll. If you ever face the issue,
please install the hotfix from http://support.microsoft.com/kb/27193
On Tue, Aug 21, 2012, Nathan McCrina wrote:
> On 08/21/12 23:04, Dave Thompson wrote:
> >>From: owner-openssl-us...@openssl.org On Behalf Of Nathan McCrina
> >>Sent: Tuesday, 21 August, 2012 21:31
> >
> >Not in commandline; in library it's fine.
> >See http://marc.info/?l=openssl-users&m=134463726
We are beating this to death but one problem is that the encoded string is
not an exact number even of *bits* (except for favorable values of 'n').
I don't know what is so fascinating about this problem but I was thinking
about it again this morning. There may be 94 *possible* characters but any
g
We are seeing the deadlock in FIPS 2.0. (1.0.1c + fips-2.0 and using
AES256-SHA256 if that matters.) DRBG's auto reseeding (after 2^24 operations)
causes it. Here is the simplified backtrace.
fips_drbg_bytes()
CRYPTO_w_lock(CRYPTO_LOCK_RAND)
FIPS_drbg_generate()
drbg_reseed()
fips_get_ent
Given:
openssl smime -binary -sign -passin "pass:SomePassword" -signer cert.pem -inkey
key.pem -in Document.txt -out Document.txt.sig -outform DER
What *exactly* is done to the s/mime text to create a "binary" file?
I'm trying to do the equivalent in Java using BouncyCastle and just can't get
14 matches
Mail list logo
