Sounds like you want to look into the ocf-linux patchset.
http://ocf-linux.sourceforge.net/
That said, you should realize that even if you have a hardware
crypto accelerator, small encryption blocks will probably be
faster in pure userland due to the penalty of kernel/userland
context switches, e
Commenting below.
> For better clarification, I have attached the trace of Valgrind on the
> Pastebin:
> http://pastebin.com/f1e222abd
> Here is the last lines
>
>1. ==3290== LEAK SUMMARY:
>2. ==3290==definitely lost: 268 bytes in 1 blocks.
>3. ==3290==indirectly lost: 66
> Does the release of 0.9.8j also include the FIPS module support?
> (i.e., is this a bug-fix only release, or does this include what you
> have been working on for the past few months as well?)
The actual 0.9.8j release announcement stated:
"This is the first full release of OpenSSL that can lin
Use RAND_egd("/var/opt/prngd/egd-pool")
in whatever program you're compiling to use with OpenSSL.
Just make sure you call that routine before doing any
SSL functions.
-Brad
KING,RICHARD (HP-Boise,ex1) wrote:
OS: HPUX 11
SSL VER: OpenSSL 0.9.6g 9 Aug 2002
Hello,
I'm compiling SSL from source.
My company has had great success with PRNGd. It basically takes
log files, and whatever else it can get its hands on to generate
a pool of random characters...
Anyhow, you can get it from here:
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
It supports about any OS that do
4 bit or a 32 bit application? I'm specifically
> considering this for Solaris 2.7.
> Also, do Apache and/or modSSL have to be compiled at the same bit level
> as openSSL or is that a separate decision?
>
> If anyone knows or can direct me to relevent info it is appreciated...
--
---
I don't think this is an appropriate question for this
mailing list, though I will answer your question.
The problem is with dependancies and RPMs ...
The first error you got obviously was because you
already had a previous version of OpenSSL installed.
The second error occurred because there a
Get EGD or PRNGd from:
http://www.aet.tu-cottbus.de/personen/jaenicke/postfix_tls/prngd.html
And call RAND_egd("/var/run/egd-pool");
before you try to use any crypt or ssl routines ...
Obviously /var/run/egd-pool may vary depending on where
you initialize the egd socket from egd or prngd
Pers
Well, here it is... Works great for me, passed all tests.
Creates a 64bit OpenSSL package for Solaris using the newly
released GCC 3.1
Just patch and run ./Configure solaris64-sparcv9-gcc31
I'd recommend creating both 64bit and 32bit versions depending
on your project, where for the 64bit vers
>>But when I comment out the key length line, and truncate the key
>>so it's only 16 bytes instead of 32, it returns the same ciphertext.
>>
>>Is it not possible with EVP to change the key size??
>>I've checked the return code of EVP_CIPHER_CTX_set_key_length, and
>>everything looks like it shou
>>char iv[]={ 1, 2, 3, 4, 5, 6, 7, 8 };
>>
>>int do_crypt(char *source, long src_len, char *target, char *key)
>>{
>> int outlen, tmplen;
>> EVP_CIPHER_CTX ctx;
>> EVP_CIPHER_CTX_init(&ctx);
>> EVP_EncryptInit(&ctx, EVP_bf_cbc(), key, iv);
>> /* let's try to extend the key length used!!!
Ok, I looked at the openssl documentation stating that
blowfish accepts a variable key length. But it also says
to use the EVP method of encryption for Applications because
it provides a more generic way to use multiple algorithms, etc...
Anyhow, I can't set a different key length for blowfish
u
from my experience on Mac OS X, you have to move
/usr/lib/*ssl.dylib* and /usr/lib/*crypto.dylib* out of
the library path (because OpenSSL seems to try to link
against those objects instead of the newly created ones)
Then rebuild openssl ... anyhow, that has worked for me
in the past ...
Just r
The certs are not hard-coded into IE at all...
While in IE6, go to
Tools->Internet Options
Click on the Content Tab
Click on the Certificates Button
Click on Trusted Root Certificat Authorities
Then select the entire list (click on first one the
shift-click the last one)
And click the export
Or how about using popen ??
you might have to specify an absolute path as well.
-Brad
Grant wrote:
> > I am trying to execute this command "openssl ca -batch -msie_hack -in
> > req.pem -out crt.pem -config myconf.cnf -key "mykey" " in a PHP sript with
> > the exec function but the output of the
15 matches
Mail list logo