Hello,
> Ok, it looks like these values are computed from the password...
>
> Is the algorithm for computing the key and IV from the password
> published ?
PBKDF2 from PKCS#5 realized by EVP_BytesToKey() in OpenSSL.
I don't remember exactly but there was some incompatibility
with this standard ...
Ok, it looks like these values are computed from the password...
Is the algorithm for computing the key and IV from the password
published ?
R.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Randy Turner
Sent: Wednesday, August 23, 2006 1:40 PM
To: op
Charlie Lenahan wrote:
George Adams wrote:
1) Why isn't everyone using stronger public/private key pairs?
Nobody who seems to offer SSL certs (Verisign, Thawte, GoDaddy,
Comodo) tells their customers to generate 2048-bit keys with
OpenSSL. Obviously they're not worried - why not?
The questi
> > If you get a 'select' hit, whether for readability or
> > writability, you
> >should retry *all* operations, whether reads or writes.
> > (Obviously, don't
> >call SSL_write unless you have some data to write!)
> > Again, I also recommend trying an SSL_read on any hit,
> > whether for
Using the following command...
openssl enc -aes-256-cbc -salt -in -out
I can create an AES-encrypted file.
Subsequently I can use the -d option to decrypt the same file if I use
the same key (when prompted) that I used to encrypt the file.
I think the same initialization vector (IV) has to b
George Adams wrote:
1) Why isn't everyone using stronger public/private key pairs? Nobody
who seems to offer SSL certs (Verisign, Thawte, GoDaddy, Comodo) tells
their customers to generate 2048-bit keys with OpenSSL. Obviously
they're not worried - why not?
It's really up to you to determi
I only know some basics about SSL, symmetric keys and asymmetric keys, and
I'd greatly appreciate anyone who can shed some light on this question!
My understanding (and feel free to correct anything below here!) is that SSL
transactions between a web browser and a web server involve first a
ha
Hello,
> The problem is with my x509. What do I do to fix that?
>
> On 8/23/06, Marek Marcola <[EMAIL PROTECTED] > wrote:
> Hello,
> >
> > Hi. I am new at this and at my wits end. I keep on
> getting the
> > same error when I try and start l
So now I think it is an bug in the version 0.9.8b. Because with lib
0.9.8a it will not happened. Can some one verify it?
smime.p7s
Description: S/MIME Cryptographic Signature
The problem is with my x509. What do I do to fix that?On 8/23/06, Marek Marcola <[EMAIL PROTECTED]
> wrote:Hello,>> Hi. I am new at this and at my wits end. I keep on getting the
> same error when I try and start lighttpd. I have rekeyed my> cert 2 times now so I am fairly c
Hello,
>
> Hi. I am new at this and at my wits end. I keep on getting the
> same error when I try and start lighttpd. I have rekeyed my
> cert 2 times now so I am fairly certain that it is not a
> problem there. I have redone the KEY and CSR as well. I do no
Thank you Steve,
I just was doing that. In fact I am doing a "PKCS7_Cosign" function which have
a STACK_OF(X509) and STACK_OF(EVP_PKEY) instead of X509 and EVP_PKEY.
I will watch dev version 0.9.9 fixes too.
Fernando.
-Mensaje original-
De: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
I have done that. Any more ideas?On 8/23/06, Visolve Security Consulting Group <[EMAIL PROTECTED]
> wrote:
Hi Timothy,
Make sure the cert and the key are in exact order
as key is first and the cert is second. Also make sure you have added the
signing authority after this as
ssl.ca-file =
Some news.
It only happens on Windows(0.9.8b) on Linux(0.9.8a) it works.:(
smime.p7s
Description: S/MIME Cryptographic Signature
On Mon, Aug 21, 2006, Harakiri wrote:
> Nice advertising here by john..
>
> i think there are more products =) - try bouncycastle
> API they can do it too ... for free
>
OpenSSL has been able to do this for a very long time but the APIs weren't
very friendly and it couldn't be done from the com
Hello, I have an problem with the SSL_set_cipher_list() function, I send
trash to it and it returns 1.
Sample:
SSL_set_cipher_list(ptrSSL,"trash");
But in the SSL doc is written that it returns only 1 when if any cipher
could be selected.
smime.p7s
Description: S/MIME Cryptographic Signature
Hi Timothy,
Make sure the cert and the key are in exact order
as key is first and the cert is second. Also make sure you have added the
signing authority after this as
ssl.ca-file = "path to ca"
Thanks,ViSolve Security Consulting
Group
- Original Message -
From:
Timothy W
17 matches
Mail list logo
