Vijay Kotari wrote:
@DS
Nicely put.
So, if I was to try to decrypt/encrypt one of these messages, I would
need the key and the iv and something else? Because if just the key and
iv are sufficient to encrypt/decrypt the data, then how are the
different encrypted messages generated for the same
@DS
Nicely put.
So, if I was to try to decrypt/encrypt one of these messages, I would need
the key and the iv and something else? Because if just the key and iv are
sufficient to encrypt/decrypt the data, then how are the different encrypted
messages generated for the same cleartext?
On Tue, Jun
Hi,
I have a program which is using DTLS blocking mode. And it works fine.
But I need to change it to non-blocking mode to port it to my
platform.
Can openssl DTLS support this?
I have tried to change the underlying sock to non-blocking mode. When
the SSL_connect is called, I can see using ether
> Hi,
> I've this command:
> /usr/bin/xmlsec1 sign --privkey-pem DSAPrivateKey.pem
> --pubkey-der DSAPublicKey.key --output out.xml.out in.xml
> I'm not allowed to use xmlsec on my server, and i need to sign this xml
> with only openssl. Is this possible?
I'm not an expert on this by any mean
Hi to all,
In the install win32 of the openssl v. 0.9.8h GNU C (MinGW) part it
reference to use the DLL instead the static libraries. Do you what file
needs to be modified? Also, where you change the path of the Openssl.cnf
?
Regards,
Mr. Manuel B Noesi
Space and Naval Warfare Systems Center, Ne
Hi,
I've this command:
/usr/bin/xmlsec1 sign --privkey-pem DSAPrivateKey.pem --pubkey-der
DSAPublicKey.key --output out.xml.out in.xml
I'm not allowed to use xmlsec on my server, and i need to sign this xml with
only openssl. Is this possible?
Bye
Dr. Stephen Henson wrote:
The CA.pl script is the recommended way to generate certificates and should
make matters easier.
You can use CA.pl to include subjectAltName. However you need a customised
openssl.cnf file which you can point to using the OPENSSL_CONF environment
variable or you could m
I don't see how this is related to my question in the slightest?
Ed W
vinni rathore wrote:
hi
i m getting undefined symbol for my sample server program that is on
linux. my program is using openssl apis.
i have installed the openssl 0.9.8g version on the red hat machine
everything got s
> While observing some packet dump, I noticed that while sending
> the same application data over twice, different packet dumps
> were obtained in both cases.
Good.
> This was done in the same SSL session, so the connection keys
> being used are all the same. Is this expected behavior or am I
>
Steffen DETTMER wrote:
(...)
BTW, for passphrases to be entered by humans (without binary zeros
inside) I think C-strings could be suited, the data type for some
entry function could be `char *const passphrase' and for some
function that uses it maybe `const char *const passphrase'. Is
that right
RC4 is owned (and trademarked) by RSA Security Inc, but they are no
longer enforcing the patent,
RC4 was never protected by patent, but by trade secret. When the
details of the algorithm were published, Ron Rivest himself suggested
calling the "alleged RC4" "ARCFOUR". It is indeed a tradema
I don't trust binary releases from third partys.
You never know if there is a backdoor in it.
Beside this I want to be able to update my dlls whenever there is a
bugfix of OpenSSL.
What we need is to fix that issues.
Is it possible to deactivate the code parts that are referencing RC4?
If not
On 6/16/08, bagavathy raj <[EMAIL PROTECTED]> wrote:
> Hi,
> Is there any binary distribution where I can find SSL dlls without
> patented algorithms like IDEA,MCD2,RC4,RC5 etc. I tried compiling
> without them. I could exclude other algos but not RC4. Some linking
> issues. So i need to know if th
I think we are sailing in the same boat. I hit into exactly the same
problem.if you try compiling without disabling rc4. You will not get
those linking errors. But if we want to exclude all patented
algorithms, then we need to look for specific build releases without
these algorithms.
On 6/16/08,
Hello
I tried to deactivate patented algorithms that are mentioned in README,
but I get unresolved externals linker errors.
I'm building this way:
set OPTS=no-asm
perl Configure disable-idea disable-rc4 disable-rc5 disable-ntt
disable-mdc2 VC-WIN32
perl util\mkfiles.pl >MINFO
perl util\mk1mf.p
Hi,
Is there any binary distribution where I can find SSL dlls without
patented algorithms like IDEA,MCD2,RC4,RC5 etc. I tried compiling
without them. I could exclude other algos but not RC4. Some linking
issues. So i need to know if there is any ssl release without the
patented algorithms.
On 6/1
The only mode that should cause the same encrypted data to be sent
twice in exactly the same manner is "ECB" -- Electronic Code Book.
Because this has been recognized by cryptographers as being vulnerable
to many different cryptographic analysis techniques, I am not aware of
any SSL/TLS implementat
Hi,
I am using openssl and try to validate a self signed certificate where
keyUsageSign bit in keyUsage extention is not set. Openssl is rejecting the
certificate at TLS handshake time. I try to find does keyUsageSign bit in
keyUsage extention, is required for a certificate to be used for signa
Hi,
Use the tool Dependency Walker (http://www.dependencywalker.com/) to look
at the exported functions of libeay32.dll. If it exports RC5, you will see
exported symbols starting with RC5. For MDC2, you'll find symbols starting
with MDC2 and etc...
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idri
* Konrad Kleine wrote on Fri, Jun 13, 2008 at 17:32 +0200:
> One of our principles is to have only one exit point in
> functions, so in this point we would agree with you. On the
> other hand, it is also possible to do it without "goto"s.
Yes, it is possible to `goto' without `gotos', sometimes th
Hi,
I have openssl dlls(i.e.libeay32.dll, ssleay32.dll). I need to know if these
libaries are using any of the patented algorithms like IDEA, RC4, RC5,MDC2
etc. Can you please let me know if there is any way to find out this?
Any help would be highly appreciated.
Thanks in adavance,
Bagavathy
Hi..
first of all thanx as I got success using -lssl option with my file but
could you please give me the whole procedure that why the linking errors??
how to link with the Library it needed .. i think in linux it require
Libcrypto.so and libssl.so..
please provide me the steps..
thnx in advance
r
-- Forwarded message --
From: lakshmi prasanna <[EMAIL PROTECTED]>
Date: Mon, Jun 16, 2008 at 6:06 PM
Subject: Re: Difference in packet contents
To: Vijay Kotari <[EMAIL PROTECTED]>
Hi,
You can find information on this page "
http://developer.mozilla.org/en/docs/Introduction_to_S
Thnx for ur reply Mr. Vijay
I have a question .. as there are two libraries in case of Windows :
Libeay32.lib and SSLeay32.lib
so the same libraries are for linux or something different in case of linux.
Sorry for this basic question as i m very much new to Linux for openssl.
Thnx and Regards,
Vi
On Mon, Jun 16, 2008, Gerhard Gappmeier wrote:
> Hi
>
> I can create certificates with UTF-8 Strings like this:
> X509_NAME_add_entry_by_txt ( pName, "CN", MBSTRING_UTF8, ( unsigned char* )
> subject.commonName.toUtf8(), -1, -1, 0 );
>
> But how can I read back entries in the same encoding?
>
(sorry for my english)
Hi all.
I'd to try use openvpn+openssl+gost cipher, but I can't find any gost cipher
in openssl (openssl ciphers) and openvpn (openvpn --show-ciphers).
I dowloaded newest sources from cvs.
--
Software is like sex, it is better when it's free
Hi
I can create certificates with UTF-8 Strings like this:
X509_NAME_add_entry_by_txt ( pName, "CN", MBSTRING_UTF8, ( unsigned char* )
subject.commonName.toUtf8(), -1, -1, 0 );
But how can I read back entries in the same encoding?
X509_NAME_get_text_by_NID does not return UTF-8 and I cannot fin
Hi,
You mean you are using RSA for encryption???
Normally, this will not be the case. DHE-RSA is used for Key exchange
and/or Authentication but nor for encryption. Just verify the Server
Hello Message you received, it consists a string like
DHE_RSA_WITH_. The "something" part indicates the
Encryp
Hi,
If you are using Stream Cipher or CBC mode block cipher, then the same
application data will produce different encrypted data, since the two
encryption (cipher) algorithms perform encryption using the previous
block and current block (CBC mode block cipher) or previous stream
data (Stream Ciph
Hi,
While observing some packet dump, I noticed that while sending the same
application data over twice, different packet dumps were obtained in both
cases. This was done in the same SSL session, so the connection keys being
used are all the same. Is this expected behavior or am I reading the pack
Hi,
Based on what you have shared, I believe you didn't link the library files
required. You should use the -lssl option for this.
i.e.
root #: gcc sample_file.c -lssl
This is of course assuming that Openssl installed without any incident as
you have said. Also, if this is the first time that yo
Could you post the message given you by the compiler??
On Mon, Jun 16, 2008 at 9:51 AM, vinni rathore <[EMAIL PROTECTED]> wrote:
> hi
> i m getting undefined symbol for my sample server program that is on linux.
> my program is using openssl apis.
> i have installed the openssl 0.9.8g versio
hi
i m getting undefined symbol for my sample server program that is on linux.
my program is using openssl apis.
i have installed the openssl 0.9.8g version on the red hat machine
everything got sucess but still getting the linking errors.
steps that i followed:
1- config
2. make
3. make insta
hi
i m getting undefined symbol for my sample server program that is on linux.
my program is using openssl apis.
i have installed the openssl 0.9.8g version on the red hat machine
everything got sucess but still getting the linking errors.
steps that i followed:
1- config
2. make
3. make insta
34 matches
Mail list logo
