From: owner-openssl-...@openssl.org On Behalf Of Yuan Kang
Sent: Tuesday, 27 August, 2013 00:54
I don't think that it is true that (signed char)(*p) = 0
is always true, snip
Mr Weimer didn't say it IS always true, he said a compiler
IS ALLOWED TO ASSUME it is. As I adjusted, the
Thanks for your comment,
but no, I didn't talk about performance.
I understand this is not very costly, especially compared with other
crypto operations.
My concern was mostly about keeping the source code easy to understand
and 'logically consistent'.
I am trying to save the reader from
Ok, some weirdness happening here...
I've selected to test with option 2 and recompiled my openssl 1.0.1e withOUT
fips in ./config fips.
$ openssl version
OpenSSL 1.0.1e 11 Feb 2013
I've verified that the AES-XTS cipher is present with:
$ openssl list-cipher-algorithms
In my app I resolve the
I forgot to mention that, even though performance is not my concern
here, I do appreciate your comments on that matter.
Le 27/08/2013 11:13, Michel a écrit :
Thanks for your comment,
but no, I didn't talk about performance.
I understand this is not very costly, especially compared with other
OK, sorry this stupid error has been resolved. There was some openssl init code
which got disabled when I disabled lines of source for FIPS mode.
The problem however still persists for me even with this OpenSSL which has been
compiled without fips. I will continue looking at my code.
Thanks
OK, found the error. I simply did not give a double size key to the cipher as
required. That would explain why it sometimes worked. Sorry for the trouble
Thanks for your time and support
LJB
-Original Message-
From: owner-openssl-...@openssl.org
On Tue, Aug 27, 2013 at 1:33 AM, Dave Thompson dthomp...@prinpay.comwrote:
Mr Weimer didn't say it IS always true, he said a compiler
IS ALLOWED TO ASSUME it is.
Sorry about the misinterpretation. I thought that Mr. Weimer meant that the
assumption is desired behaviour here, with which I
Hi,
am I somehow missing something obvious or are there numerous error handling
checks missing in the SRP implementation?
For example in SRP_create_verifier() in crypto/srp/srp_vfy.c, I would argue
that if the first two calls to BN_bin2bn() succeed, but the one for the
salt fails, that would
I believe the masking part is there because of the UTF-8 standard:
https://tools.ietf.org/html/rfc3629#section-3
The first byte starts with, say n - 1, consecutive bits with value 1, and
then a bit with value 0 to indicate the number of bytes to read. The
remaining 8 - n bits in the first byte are
Looks like some old code didn't get cleaned up, and the documentation
for elapsed isn't always displayed though it now is always compiled in:
diff --git a/apps/speed.c b/apps/speed.c
index 9232418..f70fd3e 100644
--- a/apps/speed.c
+++ b/apps/speed.c
@@ -1126,9 +1126,7 @@ int MAIN(int argc, char
On 8/27/13 1:33 AM, Dave Thompson wrote:
From: owner-openssl-...@openssl.org On Behalf Of Yuan Kang
Sent: Tuesday, 27 August, 2013 00:54
I don't think that it is true that (signed char)(*p) = 0
is always true, snip
Mr Weimer didn't say it IS always true, he said a compiler
IS ALLOWED
11 matches
Mail list logo
