RSA structure altered during its lifetime?

the SSL server will mostly be doing private key decryptions in RSA key exchange - correct? Tom Biggs __ OpenSSL Project http://www.openssl.org Development Mailing List [

Re: 'openssl speed' and ENGINE

At 07:14 PM 10/2/01 +0100, Ben wrote: >Tom Biggs wrote: > > > > I'm trying to get a handle on how fast our crypto engine is, > > so I'm running 'openssl speed xxx -engine yyy'. > > > > Can someone explain the difference between normal timi

'openssl speed' and ENGINE

and why. When I do '-elapsed' with the software vs. my hardware, it shows the hardware as being _much slower_, so clearly I'm missing something. Tom Biggs __ OpenSSL Project

DSO_load and library versioning

version' method. We are slowly slouching toward release of our ENGINE, and it wouldn't do to only add the get_version method in version 2... ;-) Tom Biggs __ OpenSSL Project http://ww

Re: ENGINE and DSO under FreeBSD

At 12:18 PM 8/18/01 +0200, Richard wrote: >From: Tom Biggs <[EMAIL PROTECTED]> > >tbiggs> It blew up with a NULL pointer fault. I was surprised to discover >tbiggs> the reason - apparently, Configure assumes that FreeBSD and >tbiggs> FreeBSD-elf don't

ENGINE and DSO under FreeBSD

27;no-dso')? Did I miss some other obvious step? Please don't tell me I have to hack Configure - I love Perl, but whoa, Configure is some seriously fuggly Perl... :-) Tom Biggs __ OpenSSL Project

Re: int return values from ssl(3) API functions

At 02:43 PM 4/27/01 +0200, Bodo wrote: >On Fri, Apr 20, 2001 at 11:29:51AM -0400, Tom Biggs wrote: > > > I'm implementing code to do OpenSSL handshake/read/write > > for some radically different hardware. These will completely > > replace the standard OpenSSL handsha

int return values from ssl(3) API functions

ps it has something to do with blocking vs. non-blocking. Somewhere, maybe in the manpages or in ekr's book, it implied that it was to aid the application programmer who wasn't used to zero return values. Can someone help me with the subtleties here? Also, does this behavior change

another slightly off-topic post, sorry

not generally questions that apply to all OpenSSL developers. Any other ideas? Tom Biggs __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Autom

Re: ServerKeyExchange

dreds of people... :-) I meant to say, In the case where the server sends a Certificate message, is the ServerKeyExchange message only used for sending an ephemeral key? Tom Biggs __ OpenSSL Project

ServerKeyExchange

This may seem a stupid question (and this is probably not the right list), but - Is the ServerKeyExchange message _only_ used for sending ephemeral RSA or DH keys? Tom Biggs __ OpenSSL Project

slightly off-topic, sorry

7;user' questions on this list... but it was just an idea I had...) Apologies for the off-topic post. Tom Biggs __ OpenSSL Project http://www.openssl.org Development Mailing List

Re: Newbie: test program failed

>Can somebody explain the following error: >I am using Apache - 1.3.14 >mod_ssl 2.7.1 >openssl 0.9.6 > > >openssl s_client -connect localhost:8080 -state -debug >CONNECTED(0003) >SSL_connect:before/connect initialization >write to 08086400 [080A8000] (130 bytes => 130 (0x82)) > - 80 8

My servers don't wanna talk v2

h a more recent protocol? ServerHello doesn't look like it can say anything like that. - if the v2 ClientHello is dropped on the floor by the server, will the major browsers try again with a v3 ClientHello, or just give up? ((((((((

Re: quality of generated random numbers

At 05:50 PM 12/15/00 +0100, Ulf Moeller wrote: >On Thu, Dec 14, 2000, Tom Biggs wrote: > > > I think our hardware's basic method of generating > > randomness is pretty good, but the HW engineer is going > > to stir and combine the first stage randoms even further &

quality of generated random numbers

be answered by such data. (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - and hence clamorous to be led to safety - by menacing it with an endless series of hobgoblins, all o

Re: open ssl on nt running as service

Dan Kegel provides some pointers to help get started at: http://www.kegel.com/ssl/ (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - and hence clamorous to

ssl23_accept

comment says "we have SSLv3/TLSv1 in an SSLv2 header" - did I miss this in the Netscape V3 spec, or is it specified somewhere else? (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical pol

plans for ENGINE merge with main tree

whole openssl-engine-0.9.6 tree into my local repository, and I wondered if I would have to change it radically when 0.9.7 comes out. (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics i

ssl23_accept

comment says "we have SSLv3/TLSv1 in an SSLv2 header" - did I miss this in the Netscape V3 spec, or is it specified somewhere else? (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical pol

Chinese Remainder Theorem and RSA

imate? (((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - and hence clamorous to be led to safety - by menacing it with an endless series of hobgoblins, all of them imag

Re: pkcs7 processing

ction pointers though. (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - and hence clamorous to be led to safety - by menacing it with an endless series of ho

Re: indent script

x27;t be that hard. If I do I'll submit it. (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - and hence clamorous to be led to safety - by menacing it with an endless serie

Re: more ENGINE questions

At 11:31 AM 12/1/00 -0800, Geoff wrote: >Hey there, >On Thu, 30 Nov 2000, Tom Biggs wrote: > > > I started to look over hw_cswift.c to get some idea of > > what I'll need to do for our engine. ... > > How *do* the PCKS1_SSLeay > > functions hook to the csw

indent script

can fix that at the touch of a button. When I get to the point of submitting code though I'd like to have it back to the standard OpenSSL format. (not just for style consistency but also to keep diff from going crazy...) (((((

more ENGINE questions

supplant the built-in software maths routines, and provide a few hints on how it all hangs together, I'd be quite happy... (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is

RE: ENGINE questions

At 08:03 AM 11/30/00 -0800, Lynn wrote: >From: Tom Biggs <[EMAIL PROTECTED]> > > > What are the calling application's responsibilities > > for configuring and enabling the engines? Does anyone > > have some example code showing how that works? > > Does A

ENGINE questions

writing an ENGINE wrapper for our new crypto accelerator. (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - and hence clamorous to be led to safety - by me

SSL_peek()

on in the sockets call set, so I can only presume that SSL_peek() is there to somehow compensate for difficulties caused by SSL data being chunked into separate records instead of arriving as a stream. I guess my main question is, does anyone use it? ((((

Re: nonblocking crypto (was: Re: ASN1 non blocking I/O...)

abstract? Yes. (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - and hence clamorous to be led to safety - by menacing it with an endless series of hobgoblins, all of them imag

Re: cvs commit: openssl-play/levitte FAQ faq.cgi faq.html

R egd !!! READ SECTION x.xx IMMEDIATELY! ;-) (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - and hence clamorous to be led to safety - by menacing it with an

Fwd: secrets

r example, if I'm a server, I'd use the client >secrets when reading, and my (server) secrets >when writing? Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - an

Re: Upper limit on BN?

At 10:32 PM 10/3/00 +0100, Ben wrote: >Ulf Moeller wrote: > > > > On Tue, Oct 03, 2000, Tom Biggs wrote: > > > > > I have so many questions, but this one is most pressing - > > > Is there a reasonable upper limit on the size in bits of a BN? > > >

Re: Openssl Documentation

, get writing then! ;-) Seriously, this is all volunteer driven. If you see a void, step up and fill it. (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - a

Upper limit on BN?

uct. (how many times have you been programming some device and said "argh, if only they'd...") Thanks for any assistance. (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politi

hardware acceleration

encryption (and possibly digest) algorithms? Thanks in advance. (((((((( Tom Biggs '89 FJ1200 DoD #1146 "The whole aim of practical politics is to keep the populace alarmed - and hence clamorous to be led to safety

RE: Error message within 'make'

ectory > > `/webMethodsReloc/secure/distribution-0.9.5a/tools' > > make[1]: Nothing to be done for `all'. > > make[1]: Leaving directory > > `/webMethodsReloc/secure/distribution-0.9.5a/tools