Hi,
We are using openSSL in OpenAT-FXT modem. the version used is 0.9.8h. When I
am calling function to generate keys, it goes into infinite loop inside the
function and system got crashed.
By entering traces, I checked the flow of code
Code is given below
const int kBits = 4096;
RSA *rsa =
I'm trying to declare a BN_CTX on the stack (with a subsequent call to
BN_CTX_init) to stay out of the memory manager.
When I do, I get an error:
aggregate ‘BN_CTX’ has incomplete type and cannot be defined
I've included openssl/bn.h, so I'm kind of surprised I can't
compile. (openssl/bn.h
Steve,
It is word aligned. I tried different ways to prepend the value in DH-d but
it is not working. When I dump the memory it shows leading zeros but when I
print the same DH-d using BN_print_fp it does not show zeros which is
expected but leading zeros are not increasing the num_bytes
it is BIGNUM-d not DH-d
--
View this message in context:
http://openssl.6102.n7.nabble.com/DH-compute-key-query-tp13943p48184.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project
Hi,
I also experienced going into an infinite loop using
BN_generate_prime_ex() function.
I my case it was because I didn't fully understand how to use 'add' and
'rem' parameters.
I am now assuming they should be used as in dh_builtin_genparams(), in
dh_gen.c.
I am not qualified to discuss
Thanks Steve. Issue is fixed please ignore my previous email.
--
View this message in context:
http://openssl.6102.n7.nabble.com/DH-compute-key-query-tp13943p48186.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
On Thu, Jan 16, 2014 at 10:35:41AM +, Nischal wrote:
We are using openSSL in OpenAT-FXT modem. the version used is 0.9.8h. When I
am calling function to generate keys, it goes into infinite loop inside the
function and system got crashed.
You should be using OpenSSL 0.9.8y, or if possible
[Sorry for top-post - Outlook Web Client]
I would say that BN_CTX_init() is deprecated and you should be using BN_CTX *
ctx = BN_CTX_new();
Indeed, https://www.openssl.org/docs/crypto/BN_CTX_new.html says
BN_CTX_init() (deprecated) initializes an existing uninitialized BN_CTX. This
should not
Hi,
I write a SSL server, enable zlib, TLS 1.0/1.1/1.2, can I check the
client use which TLS protocol, or whether the client use zlib
compression ?
Thanks,
Dongsheng
__
OpenSSL Project
On Fri, Jan 17, 2014 at 4:38 AM, Carl Young carlyo...@keycomm.co.uk wrote:
...
I would say that BN_CTX_init() is deprecated and you should be using BN_CTX *
ctx = BN_CTX_new();
Yeah, it works with BN_CTX *. I was hoping to keep out of the memory
manager since it seems like a waste when it can
Hi,
I write a SSL server, enable zlib, TLS 1.0/1.1/1.2, can I check the
client use which TLS protocol, or whether the client use zlib
compression ?
Thanks,
Dongsheng
__
OpenSSL Project
Hi folks,
I'm almost out of my depth, and really need help on the next step.
I've that the in-system fingerprint comparison fails with a
FINGERPRINT_premain: FIPS_signature mismatch error
incore DEBUG=1 output gives:
=
TARGET: elf32-bfinfdpic
On Fri, Jan 17, 2014 at 09:57:00AM -0500, Jeffrey Walton wrote:
BN_CTX_init() (deprecated) initializes an existing uninitialized
BN_CTX. This should not be used for new programs. Use BN_CTX_new()
instead.
Odd its still being used in the source code.
Not that odd. Libraries are free to
On Fri, Jan 17, 2014 at 11:16 AM, Viktor Dukhovni
openssl-us...@dukhovni.org wrote:
On Fri, Jan 17, 2014 at 09:57:00AM -0500, Jeffrey Walton wrote:
BN_CTX_init() (deprecated) initializes an existing uninitialized
BN_CTX. This should not be used for new programs. Use BN_CTX_new()
instead.
Are you compiling for the uclinux distro or something similar?
Are you using the 16 or 32-bit arch?
Are you utilizing the DSP or trying to?
It might be nice to know more about the parameters you are passing to the
compiler and what compiler that you are using.
My area is in primarily ARM
Hi Stacy, sorry, should have included that:
On Fri, Jan 17, 2014 at 12:17 PM, Stacy Devino childoftheh...@gmail.com wrote:
Are you compiling for the uclinux distro or something similar?
ucLinux -- 2.6.34
Are you using the 16 or 32-bit arch?
The blackfin is a 32-bit little-endian machine
Hi folks,
I've patched fips_canister.c to properly retrieve the blackfin
instruction pointer. When I run openssl on the target now, I now get
reasonable numbers (though they still don't match incore).
===
root:/ OPENSSL_FIPS=1 openssl ciphers
Hi all,
I am trying to load the name and value of an X509 extension programmatically
via the API (in other words, the openssl.cnf file isn't being used), and I am
struggling with openssl telling me that the tag doesn't exist.
The extension I want to load has the name keyUsage and value
Hello,
Our organization just switched some of our environments to using
openssl-1.0.1e, and since doing so connections from those machines to our
Windows servers fail where they used to succeed. I've done some
investigation into openssl and I have the problem narrowed to the list of
cipher
On Fri, Jan 17, 2014 at 06:05:37PM -0800, Jeff Franklin wrote:
Our Windows servers only go up to TLSv1, and the key indication of a
failed connection is that openssl s_client will claim that 'Secure
Renegotiation IS NOT supported'. However, if I use openssl-1.0.0k
against the same server it
20 matches
Mail list logo
