On Sun, Oct 28, 2012 at 3:01 PM, Solar Designer so...@openwall.com wrote:
On Sat, Oct 27, 2012 at 06:47:05PM -0700, Patrick Pelletier wrote:
For the most part, I would say that OpenSSL is not badly written, just
badly documented. I am not a cryptography expert (just a smart,
experienced
I am wondering just how bad openssl is ?
While one can find various software engineer faults, I think that main issue is
not that it is bad, it is that OpenSSL is written for cryptographic experts
not standard software developers.
The unfortunate thing is that most of the time the latter
On Mon, Oct 29, 2012 at 04:06:58PM -0400, Jeffrey Walton wrote:
On Sun, Oct 28, 2012 at 3:01 PM, Solar Designer so...@openwall.com wrote:
The OPENSSL_cleanse() function is such that the memory is overwritten
with the counter values, whereas the counter is incremented in ways
dependent on
Hi Alexander,
Sorry to go offlist.
On Mon, Oct 29, 2012 at 7:31 PM, Solar Designer so...@openwall.com wrote:
On Mon, Oct 29, 2012 at 04:06:58PM -0400, Jeffrey Walton wrote:
On Sun, Oct 28, 2012 at 3:01 PM, Solar Designer so...@openwall.com wrote:
[SNIP, SNIP, SNIP]
GCC uses volatile
