I was using DES-CBC3-SHA1 for the testing. I tested it with DES-CBS and
it is only the 1st 8 bytes of the decrypted message that are in
variance. The rest of the bytes match those in the plain text sent by
the server. I guess that rules out new key material.
Andy S.
-Original Message-
F
Well, Like I said, I'm a newbie at this. This is something we have to do for
our customers and are playing it by ear. Actually, the key is stored in a
database which is inaccessable without the right passwords. If you have any
suggestions on how I should go about doing this, I am interested.
B
Title: RE: Newbie
Michael,
What I understood from the message was this. He wants to load a file into memory. Encrypt the memory and store that in his database. Right now he is using the openssl tool to do this. He wants to write his own program that will bas
Yes.
On September 20, 2001 11:54 am, Andrew Finnell wrote:
> Peter am I correct?
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated L
sounds like you are using the wrong IV but the correct key.
> -Original Message-
> From: Andy Schneider [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 20, 2001 11:54 AM
> To: [EMAIL PROTECTED]
> Subject: RE: SSL renegotiation and SSL_bio (more data)
>
>
> I was using DES-CBC3-SH
"Andy Schneider" <[EMAIL PROTECTED]> writes:
> It looks like although it has the right data and probably the right
> frame (since it gets the MAC correctly) the client is in some state
> where it isn't using the correct data to compute the MAC. Anyone any
> hints as to why this maybe?
[...lots of
Hello,
Try:
openssl genrsa -des3 -out clientX.key 1024
openssl req -new -key clientX.key -out clientX.req
edit the /usr/share/ssl/openssl.cnf and set nsCertType
= client, email
openssl ca -in clientX.req -out clientX.pem
Now you have to make a PKCS12 file that must be imported in your
Hi there,
On Wed, 19 Sep 2001, Tom Biggs wrote:
> I've got a nearly rhetorical question, but I thought I'd toss
> it into the ring anyway.
>
> I'm wondering how much overlap there might be between _all_ of
> the modulus values used across all OpenSSL modular exponentiation
> calls. If there is
I applied the patch and it has allowed me to perform a handshake even
when there are writes in-flight. For the record then (and those who have
wrestled with SSL_renegotiate and have found this through a search):
1) I use SSL_renegotiate () and SSL_read (ssl, 0, 0) on the server to
request a ha
On Thu, Sep 20, 2001 at 06:43:23PM +0100, Andy Schneider wrote:
> BTW: I don't know if there is an official bug fix channel.
There exists an address "[EMAIL PROTECTED]", but in fact the
email is just forwarded to openssl-dev. Therefore, please send bug
bug reports to [EMAIL PROTECTED]
If a bug is
Title: Message
Dear openssl
people,
In one of my classes methods I do
something similar to this. I got it off the openssl site. When EVP_EncryptInit
is called, it blows away all my memory. My this pointer is invalid and all the
local data becomes garbage. I was wondering if there was any
Hey all. I have a problem I need to solve.
I am testing an SSL client app, and Need to verify that SSL
certificate chains are handled correctly. So I took my root CA cert,
and used it to sign another cert. I then used that cert to sign a
cert for my server.
I installed the cert on my server,
At 10:14 AM 9/20/01 -0700, Geoff wrote:
>On Wed, 19 Sep 2001, Tom Biggs wrote:
>
> > I'm wondering how much overlap there might be between _all_ of
> > the modulus values used across all OpenSSL modular exponentiation
> > calls. If there is a good probability that some reasonably-sized
> > set of
Hi Guys,
Recently i have upgraded to apache-1.3.19 with
ssl(mod_ssl and openssl).sometimes after processing
requests apache throws memory exception(not always).I
have debugged the sources and found that after calling
ap_get_ctx from the method ssl_recwithtimeout of
ssl_engine_io.c it throws excep
hi, im applying for a server certificate from
verisign, i have redhat 7 wich i believe comes with openssl.
when i run the command line
/usr/bin/openssl genrsa -rand /dev/urandom -out /etc/httpd/conf/server.key 1024
the console screen does nothing and when i stop it
using CTRL C and check
Hello All,
I did not get any
suggestions so I looked at the issue more.
It turned out that I had OBJ_cleanup() called
before I needed to use the custom extensions. The long and the short is, do OBJ_create(), in needed, in the client and/or server initialisation
code and OBJ_cleanup() in
Lutz Jaenicke <[EMAIL PROTECTED]>:
> There exists an address "[EMAIL PROTECTED]", but in fact the
> email is just forwarded to openssl-dev. Therefore, please send bug
> bug reports to [EMAIL PROTECTED]
No, to openssl-bugs please (which can be treated specially by programs
such as procmail).
Hi,
> when i run the command line
> /usr/bin/openssl genrsa -rand /dev/urandom -out /etc/httpd/conf/server.key
1024
> the console screen does nothing and when i stop it using CTRL C and chec
> the server.key file under /etc/httpd/conf the file size is 0
Correct me if I'm mistaken but doesn't -r
Hi Guys,
Recently i have upgraded to apache-1.3.19 with
ssl(mod_ssl and openssl).sometimes after processing
requests apache throws memory exception(not always).I
have debugged the sources and found that after calling
ap_get_ctx from the method ssl_recwithtimeout of
ssl_engine_io.c it throws excep
Andy Schneider <[EMAIL PROTECTED]>:
> I applied the patch and it has allowed me to perform a handshake even
> when there are writes in-flight. For the record then (and those who have
> wrestled with SSL_renegotiate and have found this through a search):
>
> 1) I use SSL_renegotiate () and SSL_re
Hi,
I tried to use SSL_dup() functions to duplicate my SSL object and use that
SSL object to communication. But it fails. However I could communicate with
original SSL object well. Is anyone know reson for that.
Ashada
__
Ope
hi
I want to set certificate request version 3.
I wrote code as below
CA sign cert req but, certificate version number is 1.
send to me info.
thanx in advance
X509_REQ *req;
X509_NAME *subj;
if ((req = X509_REQ_new()) == NULL) {
return NULL;
}
if (!X509_REQ_set_vers
On Thu, Sep 20, 2001 at 11:36:15AM -0400, Peter Osborne wrote:
> We would like to use the ssl libraries to do all this and scip all the file
> stuff & command line utilites but I don't know where to start. Does anyone
> know where I can find some sample code that does simple file
> encryption/d
Bodo moeller <[EMAIL PROTECTED]>:
> Andy Schneider <[EMAIL PROTECTED]>:
>> I applied the patch and it has allowed me to perform a handshake even
>> when there are writes in-flight. [...]
> Please try the following patch instead. This should remove the cause
> of the problem.
Eric noticed that
24 matches
Mail list logo
