Edward Chan <[EMAIL PROTECTED]> wrote:
> But I think this always returned me 128 bytes. So am I supposed to
> bzero the output buffer first?
Here's how I fixed the bug (not very elegant, it was a quick hack)
int i, ret = DH_compute_key(secret, pkey, m_dh);
if( ret > 0 && ret < 128 )
> So the error was not in OpenSSL or CAPI, but rather in the incorrect
> use of the function DH_generate_key (the return value was not taken
> into account properly when setting up the shared secret). A simple
> fix is to add zero padding when the secret is less than 128 bytes.
My mistake, it's th
Edward Chan <[EMAIL PROTECTED]> wrote:
> Openssl to openssl - this works 100%
> CAP to CAPI - works 100%
> OpenSSL to CAPI - sporadic failures
> XySSL to CAPI - sporadic failures
> OpenSSL to XySSL - works 100%
I noted earlier that when your testcode failed, OpenSSL's secret
always begins with 0x
Edward Chan <[EMAIL PROTECTED]> wrote:
> Thanks for the reply. So I'm a bit confused as to how different crypto
> packages interoperate. I've been having a problem with MS CryptoAPI
> doing a DH key exchange with OpenSSL. There are some quirks such as
> byte order, and a couple other things. B
[EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> I saw a tantalizing thread from 2006 in the mailing list archives that
> talked about adding an mingw target to Configure and I wonder if that's
> not the way to go. Should I add powerpc-linux and arm-linux target
> lines to Configure to do what I wa