The breaking of SHA1

Hello everybody, I am not quite sure which list to address so I chose both. Regarding the news around the breaking of SHA1, I wonder if it is planned or already in work to implement other hash algorithms like SHA256 into OpenSSL. Best Regards Thomas Beckmann

RE: Multiple Threads accessing an SSL connection

I read many posts about multiple threads accessing a single SSL connection for read/write. I am still confused about the usage. What exactly is the truth? You cannot access the same SSL connection from more than one thread at a time. If I have a client SSL connection that has

RE: Multiple Threads accessing an SSL connection

Hey Thanks a lot for the answer David. Sanjay --- David Schwartz [EMAIL PROTECTED] wrote: I read many posts about multiple threads accessing a single SSL connection for read/write. I am still confused about the usage. What exactly is the truth? You cannot access the same

EVP_SignFinal() throws access violation - wrong documentation

Hello I have problems running an application under Windows XP, which uses EVP functionality. EVP_SignFinal() always fails. After some days of lost time I compiled a debugable version of OpenSSL and the error always occurred in line 86 in the file p_sign.c int EVP_SignFinal(EVP_MD_CTX *ctx,

SSL connection behind proxy

Hi all, I am trying to establish SSL connection behind proxy using https. But could not figure it out how will it be possible. As for as http based connection behind proxy is concerned I connected to proxy and set the request URI to the URL To which non SSL http based connection is to be made.

Is it possible to set IV length in EVP_Cipher?

Hello! I have been looking at how I can set the length of the iv parameters in a cipher algorithm. I saw that we can put the IV with EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_decrypt); However this length, in RC2_CBC, is 8 bytes I don't know if it is possible to use another

Re: The breaking of SHA1

At 10:23 AM 3/8/2005 +0100, [EMAIL PROTECTED] writeth: Hello everybody, I am not quite sure which list to address so I chose both. Regarding the news around the breaking of SHA1, I wonder if it is planned or already in work to implement other hash algorithms like SHA256 into OpenSSL. Best

Re: Is it possible to set IV length in EVP_Cipher?

On Tue, Mar 08, 2005, Antonio Ruiz Martínez wrote: Hello! I have been looking at how I can set the length of the iv parameters in a cipher algorithm. I saw that we can put the IV with EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, do_decrypt); However this length, in RC2_CBC, is 8

Whya are there .so.2, .so.4 and .so.0?

I am condused, really a normal state for me :-). I have a slackware install and it has libssl.so.0, but some apps require libssl.so.2 or libssl.so.4. I go to www.openssl.org and find that 0.9.7m is the latest release. Where are the .2 and .4 major numbers coming from and what distinquishes

Re: Whya are there .so.2, .so.4 and .so.0?

I think one of them is the default that came along with your OS. This is to avoid conflict when user installs a different version of the lib later on. Just my guess. tj wrote: I am condused, really a normal state for me :-). I have a slackware install and it has libssl.so.0, but some apps

configuration file seems to have priority over command line?

I have the following in the coniguration file: (B (B[ req ] (B{...} (Bprompt = no (B{...} (B[ req_distinguished_name ] (BC = JP (BST = Hyogo (BCN = example (BemailAddress = [EMAIL PROTECTED] (B (Band I try this on the command line: (B (Bopenssl

RE: configuration file seems to have priority over command line?

How about creating a config file that does not have the CN and (BemailAddress (Bfields? (B (BTed (B (B -Original Message- (B From: [EMAIL PROTECTED] (B [mailto:[EMAIL PROTECTED] Behalf Of Joel (B Sent: Tuesday, March 08, 2005 6:02 PM (B To: openssl-users@openssl.org (B Subject: