Re: [openssl.org #2352] PATCH: Add new extended key usage ipsecIKE

2010/9/29 Micah Anderson via RT > > According to RFC 4945 § 5.1.3.12 section title "ExtendedKeyUsage"[0] the > following extended key usage has been added: > > ... this document defines an ExtendedKeyUsage keyPurposeID that MAY be > used to limit a certificate's use: > > id-kp-ipsecIKE OBJEC

Re: Already generated files are not generated a second time because

2010/9/22 >Hi, > > > > You should only have to modify objects.txt, the others are all updated > from > > > it. > > > > > That's the point, the others are not updated if all the files have the > same > > date. > > > Yes, "make" completely relies on dates to decide what files need to be > g

Re: Already generated files are not generated a second time because they already exist

2010/9/22 Dr. Stephen Henson > On Tue, Sep 21, 2010, Gregory Bellier wrote: > > > Hi all ! > > > > I'm currently playing with openssl-0.9.8o to add a cipher in it (just for > > fun). > > > > I noticed in crypto/objects that 2 files (obj_dat.h and

Re: Already generated files are not generated a second time because they already exist

Le 21/09/2010 17:57, Martin Kaiser a écrit : Thus wrote Gregory Bellier (gregory.bell...@gmail.com): I noticed in crypto/objects that 2 files (obj_dat.h and obj_mac.h) are automatically generated from scripts which read obj_mac.num and objects.txt. Therefore I did not update manually

Already generated files are not generated a second time because they already exist

Hi all ! I'm currently playing with openssl-0.9.8o to add a cipher in it (just for fun). I noticed in crypto/objects that 2 files (obj_dat.h and obj_mac.h) are automatically generated from scripts which read obj_mac.num and objects.txt. Therefore I did not update manually obj_dat.h and obj_mac.h.

Re: TLS and bad record mac

Tim Hudson a écrit : Gregory BELLIER wrote: I added a cipher in OpenSSL and NSS. I would like to send an email with SMTPs from a modified Thunderbird (because of NSS) to a postfix. The TLS negociation is between NSS and OpenSSL. [snip] Do you have any hint in what could be wrong? Use the

TLS and bad record mac

Hello, I added a cipher in OpenSSL and NSS. I would like to send an email with SMTPs from a modified Thunderbird (because of NSS) to a postfix. The TLS negociation is between NSS and OpenSSL. However, I get the following error: Mar 18 19:40:15 pico postfix/smtpd[3842]: SSL3 alert write:fatal:

Re: Ciphers and modes of operation

case, you needn’t to worry about what you have missed to fill up. Weidong *From:* owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] *On Behalf Of *Gregory BELLIER *Sent:* Wednesday, February 24, 2010 3:

Re: Ciphers and modes of operation

Dr. Stephen Henson a écrit : On Wed, Feb 24, 2010, Gregory BELLIER wrote: Hello Weidong and Stephen, So please, if you have time, take a look at this code sample, maybe you'll notice something in just a glance. #define BLOCK_CIPHER_def_dyna(cname, nmode, mode, MODE, kstruct

Re: Ciphers and modes of operation

I forgot to mention that what I do is based on OpenSSL-0.9.8l Grégory. Cheng, Weidong a écrit : Please give more information as Stephen suggested. -Original Message- From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of Gregory BELLIER Sent

Re: Ciphers and modes of operation

give more information as Stephen suggested. -Original Message- From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of Gregory BELLIER Sent: Tuesday, February 23, 2010 8:48 AM To: openssl-dev@openssl.org Subject: Re: Ciphers and modes of operation I did some te

Re: Ciphers and modes of operation

enssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of Gregory BELLIER Sent: Tuesday, February 23, 2010 7:45 AM To: openssl-dev@openssl.org Subject: Ciphers and modes of operation Hello. Simple question, is it mandatory to declare the cbc, ecb, cfb, ofb for each cipher or is it possib

Ciphers and modes of operation

Hello. Simple question, is it mandatory to declare the cbc, ecb, cfb, ofb for each cipher or is it possible to only declare and implement some of them (let's say ecb and cbc) ? Regards, Grégory BELLIER. __ OpenSSL Projec

Re: SSL_ENC_MASK since SEED

understood. Thanks. Mounir IDRASSI a écrit : The bit flag for a new algorithm would logically be 0x2000 and the next 0x4000. Thus, the value of the mask would be 0x3C3F8000L and 0x7C3F8000L respectively. __ Ope

Re: SSL_ENC_MASK since SEED

Thanks Mounir but you didn't exactly answer my question. I noticed Camellia and SEED. My question was about how to define the mask according to a new cipher. That's why I've already taken a look at the last 2 entries. However, if a new algorithm makes it in OpenSSL, what would the mask be ? I

SSL_ENC_MASK since SEED

Hello. I'm studying some parts of the OpenSSL code and I now have a question. In ssl/ssl_locl.h, I'm wandering if the #define SSL_ENC_MASK is right. Before the Camellia was added (0.9.8b), we had : #define SSL_ENC_MASK 0x0*4*3F8000L In 0.9.8c: #define SSL_ENC_MASK 0x0*C*3F8000L From 4 to C ->