certificate-less SSL ?

Hi, I've written a http client and a http server trying to follow the s_client and s_server code. I want to cover all SSL cases including the one without certificates, but this one seams a bit tricky. What is needed to set up SSL without certificates, some special cipher setup? I tried to run t

Problem in SSL_accept()

Hi there, I have just started using the SSLeay library in my http proxy to handle https. The problem I am running into is that SSL_accept returns -1. Here is the error-status: -1 error:::lib(0) :func(0) :reason(0) And ssl_get_error() reveals that the error-code is SSL_ERROR_SYSCALL. Th

Re: Is PKCS#12 secure?

zhu qun-ying wrote: > > I am actually quite new to the Crypto world, just about 2 months. While reading > Peter Gutmann's article on breaking PKCS#12 formatted file, I am wondering is > the implementation of OpenSSL's PKCS#12 routines subject to the same attack. > What's the most secure format co

Re: Does OpenSSL support the Palm environment?

> Dear all, > Does OpenSSL support the Palm environment? If not, is there any > people working on this? Ian Goldberg did a port a couple of years ago of the ancestor code - SSLeay 0.8.1. It's available (along with other cool Palm stuff) at the ISAAC group web site at

enc probs

I am trying to encrypt a file and have tried allsorts to get the thing working. What am i doing wrong? It seems to corrupt within the while llop that updates the encryption. thanks in advance Lee Melville Here is the code //

Re: enc probs

buff[1024] != out[512 + 8]; Lee Melville wrote: > I am trying to encrypt a file and have tried allsorts to get the thing > working. What am i doing wrong? It seems to corrupt within the while llop > that updates the encryption. > > thanks in advance > > Lee Melville > > Here is the code > > //

Re: Is PKCS#12 secure?

> I supplied some of the info for that article and I wrote PKCS#12 for > OpenSSL so I'd say yes OpenSSL PKCS#12 implementation is reasonably > secure with the usual precautions, i.e. not picking obvious or guessable > passwords. > > OpenSSLs implementation uses high mac and encryption iteration c

Re: Is PKCS#12 secure?

zhu qun-ying wrote: > > > Thank you for your clearence. There are still some information that I want to > know. Is the default setting to PKCS12_create() will be sufficient? Or do I need > to increase the mac_iter and nid_cert ciper to 3DES-CBC? > They should be sufficient. Certificates are us

Re: Is PKCS#12 secure?

> They should be sufficient. Certificates are usually public knowledge > anyway so using weak or no encryption on them is harmless but if you > want to use strong encryption on it you can, however some of the older > export browsers wont import 3DES encrypted certificates. > > Steve. My concern i

Re: Is PKCS#12 secure?

zhu qun-ying wrote: > > > They should be sufficient. Certificates are usually public knowledge > > anyway so using weak or no encryption on them is harmless but if you > > want to use strong encryption on it you can, however some of the older > > export browsers wont import 3DES encrypted certi

Re: sixth revision of the draft 4th edition of X.509 is on the server

From: Michael **UNKNOWN CHARSET** <[EMAIL PROTECTED]> michael> Thanks for the link. How can I subscribe to this list? http://www.imc.org/ietf-pkix/ -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 Redakteur@Stacken \