Jeremy,
The application still grows intermittently by multiples of 4KB although
the memory leak tools provided by SSL and myself shows no memory leaks.
The start for the checking of the memory leaks is before the SSL_new()
and the actual check is after SSL_free().
It should be noted
On Tue, Jan 12, 2010, jim.r...@sncorp.com wrote:
> I'm trying to build openssl-fips-1.2 for an Arm XSCALE 255 running a
> debian-based linux filesystem. Build system is an x86-Knoppix machine.
>
> I've applied the openssl-fips-1.2.crossbuild.patch as advised in the User
> Manual and Security P
Responses inline, again. :)
On Tue, Jan 12, 2010 at 2:53 AM, Steffen DETTMER
wrote:
> The main thing I still not understood is whether TLS by design
> enforces the `bad behavior', meaning TLS cannot be used securely
> at all by anyone,
> - or -
> if TLS just does not enforce to use is securely, m
Responses inline. :)
On Tue, Jan 12, 2010 at 3:12 AM, Steffen DETTMER
wrote:
Hi,
thank you too for the detailed explanation. But the impact on
the client certificates (and its correct validation etc) is not
clear to me (so I ask inline in the second half of this mail).
* Kyle Hamilton wrote
After running my app for a couple of iterations for over an hour, I get the
following:
[11:45:42]10 file=stack.c, line=125, thread=15418, number=20,
address=20077768
[11:45:47] 8711 file=lhash.c, line=193, thread=15418, number=12,
address=20093E38
[11:45:42] 5 file=stack.c, line=125,
On Tue, Jan 12, 2010, Douglas Gemignani wrote:
> This looks like a recent change in the v1.0.0 beta
> *) Update PKCS#7 enveloped data routines to use new API. This is now
> supported by any public key method supporting the encrypt operation. A
> ctrl is added to allow the public key al
This looks like a recent change in the v1.0.0 beta
*) Update PKCS#7 enveloped data routines to use new API. This is now
supported by any public key method supporting the encrypt operation. A
ctrl is added to allow the public key algorithm to examine or modify
the PKCS#7 RecipientIn
On Tue, Jan 12, 2010 at 06:19:18PM +0100, Lutz Jaenicke wrote:
> Forwarded to openssl-users for public discussion.
>
> Best regards,
> Lutz
>
> - Forwarded message from Vincenzo Giarratana
> -
>
> From: Vincenzo Giarratana
> To: r...@openssl.org
> Subject: RE: Help Request
> Dat
I'm trying to build openssl-fips-1.2 for an Arm XSCALE 255 running a
debian-based linux filesystem. Build system is an x86-Knoppix machine.
I've applied the openssl-fips-1.2.crossbuild.patch as advised in the User
Manual and Security Policy.
After setting $CROSS_COMPILE and $HOSTCC as needed,
Forwarded to openssl-users for public discussion.
Best regards,
Lutz
- Forwarded message from Vincenzo Giarratana
-
From: Vincenzo Giarratana
To: r...@openssl.org
Subject: RE: Help Request
Date: Tue, 12 Jan 2010 17:57:02 +0100
Thread-Index: AcqToX9nGNbClrvkRoCvNYvYVzWmuQAABiAg
Ok - several things:
1: Does the certificate contain both an email address, and EKU of
emailProtection?
2: Did you import the CA certificate chain before trying to import the
certificate?
3: I presume this certificate is so that you can perform S/MIME encryption -
do you have the correct valu
On Tue, Jan 12, 2010, Douglas Gemignani wrote:
> Hello,
>
> I need to generate a pkcs#7 certificate with a enveloped message
> inside it. As far as I understand this message (X509) will be
> encrypted with a random generated TDES key.
> This is my snippet, but it is still incomplete and some comm
Hi Anton,
I don't know if my article can help you, but you can find what I wrote
here about OpenSSL CA and Thunderbird (I am sorry for my poor English)
here: http://www.homeworks.it/Html/OpenSSL_PKI_Articolo_Eng.html#InstEMailCert
Bye,
Alex
Anton Xuereb wrote:
Hi,
I'm trying to cre
Ok - several things:
1: Does the certificate contain both an email address, and EKU of
emailProtection?
2: Did you import the CA certificate chain before trying to import the
certificate?
3: I presume this certificate is so that you can perform S/MIME encryption -
do you have the correct valu
Hello,
I need to generate a pkcs#7 certificate with a enveloped message
inside it. As far as I understand this message (X509) will be
encrypted with a random generated TDES key.
This is my snippet, but it is still incomplete and some comments
regarding my doubts, I hope someone could help me!!
//
Dave,
I think I have been getting ahead of myself and need to do some more
reading. More quick questions, if you don't mind me asking.
I have included an answer you gave me months ago regarding Yc.
For a 192bit curve, the number of bytes is 50.
I imagine one of the bytes is if the point is com
The Client im trying to import the public key into is Thunderbird 3 on
linux.
The client on windows is MS outlook with winpgp installed for pgp
encryption.
The problem is being presented with thunderbird at the moment as I'm trying
to import the public key in order to be able to send encrypted em
Hi,
What mail client are you using under Windows?
Each mail client has its own storage for private keys (Thunderbird uses
local NSS key storage, Outlook uses CSP and IE certificate store). So,
since you generated the key outside the scope of the mail client, you
will certainly have to create a
Hi,
I'm trying to create a private CA with openssl for my enterprise. I have
generated the CA private key and certificate. I have created a key pair and
a certificate signing request from a windows pc using kleopatra (key
management utility that comes with winpgp). I signed the request with the
CA
Hi,
thank you too for the detailed explanation. But the impact on
the client certificates (and its correct validation etc) is not
clear to me (so I ask inline in the second half of this mail).
* Kyle Hamilton wrote on Mon, Jan 11, 2010 at 14:28 -0800:
> The most succinct answer is this: the serve
Hi,
thank you for your detailed explanations.
The main thing I still not understood is whether TLS by design
enforces the `bad behavior', meaning TLS cannot be used securely
at all by anyone,
- or -
if TLS just does not enforce to use is securely, meaning that TLS
relies on application code imple
I'm trying to build openssl-fips-1.2 for an Arm XSCALE 255 running a debian-based linux filesystem. Build system is an x86-Knoppix machine. I've applied the openssl-fips-1.2.crossbuild.patch as advised in the User Manual and Security Policy. After setting $CROSS_COMPILE and $HOSTCC as needed, I am
22 matches
Mail list logo