Hi,
Using the VIA Advanced Encryption Engine (ACE, Padlock) with OpenSSL
seems to work fine, except for small blocks of data, as may be
illustrated by the following OpenVPN execution.
[EMAIL PROTECTED] var] openvpn --test-crypto --secret key
--cipher AES-128-CBC --engine padlock
Wed Apr 6
Hi
When I read a PEM certificate with PEM_read_bio_X509(bp, NULL, 0,
NULL); that return me a X509 object. who can I display it in STRING
or char * format?
thanks
François
__
OpenSSL Project
Dear Users
I have developed a custom OpenSSL based multi-threaded
server. It only uses ADH and is working fine except for one problem. The server
crashes randomly with segmentation fault. However, it does not generate any
core dump. I am developing this server on RH9 with OpenSSL
Hi
We are trying to construct a CMS Signed-Data object (as per RFC
2630) from a Digital Signature.
The CMS object is furthter required to be represented into octet
string (or char string).
Have anybody come across such a problem.
or if you have any
I can´t say what is exactly causing your problem,
but we had a very similar problem when stressing our OpenSSL applications with
100 threads. We did exactly the same that you: to use the callbacks you mention
in mttest.c.
Our problem was not to use certain reentrant
functions as books say
Have a look at this site, this should help you.
Best regards
Dan
http://www.zvon.org/tmRFC/RFC3369/Output/chapter5.html
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rafeeq Ahmed
Sent: mercredi, 6. avril 2005 13:04
To: openssl-users@openssl.org
Hello Again
In my case, it is a simple server, not too
much complexity with respect to SSL usage or network protocols. Basically just
receives a string, parses it and passes the result back, then do some server
side processing. Additionally, in my case, the crashing seems to occur at
Hi Daniel,
Thanks for ur respose,the information which u have provided is
present in the RFC-2630.
Our issue is to create a octet string (unsigned char string) of the cms object.
thus our objective can be achived in two steps.
1. Creation of CMS (signed-data) object,
2. populationg
Hi,
Can anyone please point to me where I can find the definition
for SSL_new function. I did a find and grep into all the files in the
OpenSSL, didn't come across a definition anywhere.
-- Thank you,Best RegardsRiaz Ur Rahaman
On Wed, Apr 06, 2005, Rafeeq Ahmed wrote:
Hi Daniel,
Thanks for ur respose,the information which u have provided is
present in the RFC-2630.
Our issue is to create a octet string (unsigned char string) of the cms
object.
thus our objective can be achived in two steps.
1.
Hi,
Please excuse the simplicity of this question to the list, but I can't
seem to find a clear example of how to setup the information for the
cert that I will send to a trusted issuer of a certificate. Can someone
point me to a site that explains it in laymans terms. I simply want to
add
Hi
I am a bit of an openssl virgin so I am probably completely misunderstanding
something in the process.
I am also assuming that my problem is an openssl one, which of course it may
not be.
VERSIONS...
PHP Version 4.2.2
OpenSSL 0.9.6b [engine] 9 Jul 2001
OpenLDAP ldap.c,v 1.116.2.1 2002/04/23
Hi:
In our case, it was a client doing
SSLcommunication and some PKCS7 handling, but the crash was at specific
locations too, althoughvery far awayof the real error. Stressing the
application made easier to reproduce the error, and then, by commenting our code
(i.e, by putting /*...*/ on
Hello. I've sent my question to the wrong group previously.
I'm a beginner of using the ssl library. I got a problem about handshaking.
I need to do an application to read all the incoming and outgoing
traffic, including the handshaking of ssl.
I would like to know where and which functions are
Dr. Stephen Henson wrote:
On Tue, Apr 05, 2005, Ladar Levison wrote:
Howdy gents. I wrote an SMTP server using OpenSSL, and it periodically
likes to segmentation fault. The core dumps are below. I can't seem to
get full stack traces, but I think that is related to the number threads
I am
2005-04-06 18:02 +0530Riaz Rahaman
Hi,
Can anyone please point to me where I can find the definition for
SSL_new function. I did a find and grep into all the files in the
openssl-0.9.7f/ssl/ssl_lib.c line 225 SSL *SSL_new(SSL_CTX *ctx)
is what you want ? (I got it via source navigator
Francois noel wrote:
Hi
When I read a PEM certificate with PEM_read_bio_X509(bp, NULL, 0,
NULL); that return me a X509 object. who can I display it in STRING
or char * format?
try X509_print_ex
Nils
__
OpenSSL Project
I am new to Apache and Solaris. I am using Solaris 9 with apache 2.0.53
and openssl .0.9.7f. I am trying to get openssl working with Apache. I
have tried to compile openssl by doing the following:
../config
make
make build-shared
mv libssl.so* /usr/local/lib
mv libcrypto.so* /usr/local/lib
And I
Ok, here's my problem. I'm using OpenSSL as part of my application, but not
all users have /dev/random (or /dev/urandom) so what's a developer to do? I
don't really want to seed with a constant string as the test apps do, but I
need a source I can count on. Asking my users aren't system
Ok I don't know if I understood your problem correctly, but if you're looking for ways for seeding you can always use current system time, I believe this is pretty much available on all systems.
Hope that helps."Bibbs, Christopher" [EMAIL PROTECTED] wrote:
Ok, here's my problem. I'm using OpenSSL
Sorry for not being clear. Essentially, I'm looking for good ways
to seed the PRNG since I have no control over my users systems. Using
time() seems like a bad idea since it isn't really random and it doesn't
provide the 128 bits needed. However, if that's the normal practice, so
I have
essentially the same question. I need to be able to call RAND_seed() on both
Windows and UNIX.
__
John Hoel Product Author
Skywire Software 2401 Internet Blvd., Suite 201 Frisco, Texas 75034 (972)377-1110 main (425)396-4687 direct [EMAIL PROTECTED]
You can try using RAND_poll() instead. It tries
several things to gather random data. I believe
that this is called automatically for you anyway.
Mike
__
OpenSSL Project http://www.openssl.org
I wouldn't say Seeding PRNG using system time is the best practice, but it is used sometimes, personally I had to use it since I'm developing my applications on win32 platfrom therefore I can't use /dev/random. The other option was to use EGADS, this is a good option security-wise, but it tends to
From: Michael D'Errico
You can try using RAND_poll() instead. It tries
several things to gather random data. I believe
that this is called automatically for you anyway.
If it is, it is failing because I'm getting failure to seed the PRNG errors
on my test systems that don't have
Hi List,
can anyone point me to a solution for this ?
[Sat Apr 09 16:14:30 2005] [info] SSL library error 1 in handshake (server
muc03306:443, client 149.235.163.228)
[Sat Apr 09 16:14:30 2005] [info] SSL Library Error: 336131157
error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or
Bibbs, Christopher wrote:
From: Michael D'Errico
You can try using RAND_poll() instead. It tries
several things to gather random data. I believe
that this is called automatically for you anyway.
If it is, it is failing because I'm getting failure to seed the PRNG errors
on my test systems that
Hi,
I'm looking at adding compression to an SSL enabled protocol. However I'm not
sure whether it's worth the effort in the end. Perhaps this question should be
asked in a zlib mailing list and if that's more appropriate let me know.
Does SSL compress the entire STREAM of an SSL-connection
In addition to RAND_screen(), you can use:
RAND_event(...,...,...);
but you must know that use of both functions is highly discouraged, in other words they should be your last resort.Egon Andersen [EMAIL PROTECTED] wrote:
Bibbs, Christopher wrote:From: Michael D'ErricoYou can try using
I am adding OpenSSL 0.9.7e to an existing Windows XP application and I am new
to OpenSSL. This application is both a TCP server and a TCP client. Since I'm
adding OpenSSL support to both the client side and the server side, I thought I
could test the OpenSSL changes by having the application
30 matches
Mail list logo