On Thu, Apr 27, 2017 at 04:32:33PM +0100, Matt Caswell wrote:
> >>> Does openssl provide any way to set MSG_NOSIGNAL on sendmsg (Underlying
> >>> TCP/IP socket layer) ?
> >>
> >> No. You will have to modify the code yourself.
> >
> > Actually, it is possible to do the I/O in application code,
Great article. Who is the author?
Sent from Mail for Windows 10
From: Viktor Dukhovni
Sent: Thursday, April 27, 2017 11:54 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Query regarding MSG_NOSIGNAL with SSL_Write
On Thu, Apr 27, 2017 at 12:32:42PM +, Salz, Rich via openssl-us
On 27/04/17 15:53, Viktor Dukhovni wrote:
> On Thu, Apr 27, 2017 at 12:32:42PM +, Salz, Rich via openssl-users wrote:
>
>>> Does openssl provide any way to set MSG_NOSIGNAL on sendmsg (Underlying
>>> TCP/IP socket layer) ?
>>
>> No. You will have to modify the code yourself.
>
> Actually
On Thu, Apr 27, 2017 at 12:32:42PM +, Salz, Rich via openssl-users wrote:
> > Does openssl provide any way to set MSG_NOSIGNAL on sendmsg (Underlying
> > TCP/IP socket layer) ?
>
> No. You will have to modify the code yourself.
Actually, it is possible to do the I/O in application code, u
It depends on the CA in question, more so on the number of the attributes that
are included, and of course on the set of users. ;-)
So far I assure you I've no concern for pitchforks. ;-)
Regards,
Uri
P.S. Why do you think validating, e.g., three email addresses is any more
difficult than one?
On 04/27/2017 04:09 PM, openssl-users-requ...@openssl.org digested:
> From: "Blumenthal, Uri - 0553 - MITLL"
>
> You do not "revoke" a subset of attributes aka SAN emails. When any of
> the certified attributes changes (i.e., is certification no longer valid),
> the certificate is revoked and (po
You do not "revoke" a subset of attributes aka SAN emails. When any of the
certified attributes changes (i.e., is certification no longer valid), the
certificate is revoked and (possibly) re-issued. The process is no different
than with any other set of attributes, several of which may be owned/
On 04/26/2017 07:13 PM, Viktor Dukhovni was digested as writing:
> On Apr 26, 2017, at 1:03 PM, Blumenthal, Uri - 0553 - MITLL
> wrote:
>> It?s been my understanding that a cert can contain as many SAN attributes as
>> needed,
>> but it appears that Apple believes it has to be only one (because
Hello Again,
Sorry, I should have explained myself better. I am using AES-256 in
CBC mode. I am getting a string as a password, and using
PKCS5_PBKDF2_HMAC_SHA1 function to generate 256 bit key and 128 bit
IV. I was wondering if generating and IV like this is necessary, or
can I just use a constan
Classic requirement is that IV is unique per key.
As theoretical crypto evolved, and attacks like Chosen Ciphertext Attack (you
can make the victim to encrypt any plaintext of your choice (aka CPA), *and*
*decrypt* any ciphertext of your choice) were developed, CBC could not hold
against such
> For AES-256 encryption, should IV be random? I am already using a random
> salt, so I was wondering if IV should be random too.
It should be non-repeating. It can just be a counter.
(Yes, I know OP didn't ask about AESGCM. But if they're coming here for advice
... )
--
openssl-users mailin
> Does openssl provide any way to set MSG_NOSIGNAL on sendmsg (Underlying
> TCP/IP socket layer) ?
No. You will have to modify the code yourself.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On 27/04/2017 14:00, Yaşar Arabacı wrote:
Hi,
For AES-256 encryption, should IV be random? I am already using a
random salt, so I was wondering if IV should be random too.
Thanks in advance
AES itself takes neither an IV nor a salt.
AES in CBC mode takes a 128 bit IV for the CBC mode, it is
On Thu, 27 Apr 2017 15:00:37 +0300
Yaşar Arabacı wrote:
> For AES-256 encryption, should IV be random? I am already using a
> random salt, so I was wondering if IV should be random too.
An IV is part of a cipher mode. AES-256 is just a block cipher. You
can't use it on its own. So you need to sp
Hi,
For AES-256 encryption, should IV be random? I am already using a
random salt, so I was wondering if IV should be random too.
Thanks in advance
--
http://ysar.net/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On 27-04-17 13:01, Wouter Verhelst wrote:
> On 27-04-17 12:56, mahesh gs wrote:
>> Hi,
>>
>> We are using Openssl for establish a secure communications for both
>> TCP/SCTP connections.
>>
>> In our application it is possible that remote end forcefully disconnect
>> the connection due to which
>>
On 27/04/17 11:56, mahesh gs wrote:
> Hi,
>
> We are using Openssl for establish a secure communications for both
> TCP/SCTP connections.
>
> In our application it is possible that remote end forcefully disconnect
> the connection due to which
>
> SSL_Write raises a SIGPIPE which we want to s
On 27-04-17 12:56, mahesh gs wrote:
> Hi,
>
> We are using Openssl for establish a secure communications for both
> TCP/SCTP connections.
>
> In our application it is possible that remote end forcefully disconnect
> the connection due to which
>
> SSL_Write raises a SIGPIPE which we want to sup
Hi,
We are using Openssl for establish a secure communications for both
TCP/SCTP connections.
In our application it is possible that remote end forcefully disconnect the
connection due to which
SSL_Write raises a SIGPIPE which we want to suppress. Does openssl
provide any way to set MSG_NOSIGNA
19 matches
Mail list logo