On Sun, Jul 02, 2000 at 07:54:14PM -0700, Mark Maggelet wrote:
Sorry if this isn't the best place to post this, but
openssl-users would have been the right place.
in the INSTALL.W32 file that comes with openssl
it says that it can be compiled w/ GNU C (Mingw32 or Cygwin32).
It then goes on
Ted Powell wrote:
Besides the OpenSSL source code, and the file bio.doc
from 0.6.6 (included in openssl-0.9.5a/doc/ssleay.txt),
is there any other documentation for the BIO routines?
I don't think so.
__
OpenSSL Project
On Fri, Mar 24, 2000 at 08:00:09AM -0600, Wilder, John wrote:
I did try the link - unfortunately, it must not be ready yet.
I'll keep checking.
The web server update has been restarted, the page is there now.
Sorry for the confusion.
On Thu, Mar 23, 2000 at 10:09:35PM -0500, Dr. Frank Bucolo wrote:
I am using SuSE 6.3 and have installed OpenSSL with no difficulties.
I am not a Linux Guru, but pleased to report that SuSE 6.3 OpenSSL
went OK.
There was a problem with OpenSSL 0.9.5 and SuSE Linux. If linker
errors
On Fri, Mar 24, 2000 at 05:34:14PM -0500, [EMAIL PROTECTED] wrote:
We are having problems compilingfirst we run the Configure script.
Thanks for the report.
Please try OpenSSL 0.9.5a-beta2 with the changes below (I assume the
Cygwin defines __CYGWIN32__; if it is something else, please
On Thu, Mar 09, 2000 at 11:10:24AM +, Gerard Monsen wrote:
Wow. I'm at a loss here. Does anyone know of any
way that my (tiny) company can legally use SSL for
commercial purposes in the US without paying an obscene
amount of money to RSA or buying an obscenely expensive
web
On Wed, Feb 23, 2000 at 03:13:28PM +0200, Elen Mägioja wrote:
The code i managed to write is added below. It seems to work
ok... no errors... the signature gets printed out... but what makes
me wonder is the output format of the signature. That's not in the
format I want to get... Shouldn't
On Tue, Feb 22, 2000 at 03:01:02PM -0800, vijay karthik wrote:
How do i specify the conf file path during
runtime ? How do i get around this problem ?
http://www.openssl.org/docs/apps/req.html#ENVIRONMENT_VARIABLES
__
OpenSSL
On Tue, Feb 08, 2000 at 09:46:07AM +, Marco Nardelli wrote:
Does anyone know if RSA_Public_Encrypt encrypts a non-ASCII string?
http://www.openssl.org/docs/crypto/RSA_public_encrypt.html
__
OpenSSL Project
On Thu, Feb 03, 2000 at 05:42:19PM +0900, Srinivas, Ravi wrote:
I have downloaded the openssl-0.9.4.How can I get a debug version of the
openssl.
Try using "./config -d", as described in INSTALL. If that doesn't work
on your system, edit the configuration line for your platform in
Toni Andjelkovic wrote:
appears to work well except on redhat 6.1, where the
"send" part will dump core.
It works all right on Debian Linux. I'd recommend to set a breakpoint
in BF_cfb64_encrypt and single-step through it, but it may well be a
RedHat bug.
the command perl util/mk1mf.pl 32 libeay
produces
BIO_number_read does not have a number assigned
BIO_number_written does not have a number assigned
X509_STORE_CTX_rget_chain does not have a number assigned
this doesn't seem right to me.
They'll get numbers assigned the next time
i don't know if this is related to openssl, but every time
i run the following code on redhat 6.1 it will receive a SEGV.
Please post compilable source code and specify which OpenSSL version
you are using.
__
OpenSSL Project
On Thu, Dec 09, 1999 at 06:10:51PM +, Andrew Cooke wrote:
- Ichange NSTALL.W32 to mention this. Something like "If you use any of
the -no-XXX options in Configure to exclude ciphers you will have to
remove entries from libeay32.def and ssleay32.def in the ms directory
before link will
That said -- to the extent that RSAREF is still being used as a
crypto library for SSLeay/OpenSSL and SSHv.1 "testbed implementations," in
the US and elsewhere (?!) -- would not it be easier and safer to address
this sort of potential problem with a wrapper which checks for
I committed a patch to that effect to our RSAREF wrapper functions.
Well, I just undid the change. SSLeay or OpenSSL-based applications
are not vulnerable to the buffer overrun error.
The alleged problem is:
"Providing a suitable modulus length to RSAPrivateDecrypt() it is
possible to force
It compiled without errors and warnings but when
testing it with "make test" the test aborts at the
BN (big number) test. I installed it, hoping that
it would work anyway.
That error might also come from problems with bc, but in your case it
looks like the bignum math does go wrong. You
When i try to make openssl (nmake -f ms/nt.mak) i get an error because
the file
obj_dat.h didn't exist.
The Configure script should generate that file, but there were
problems with some version of Perl. This should be fixed in the
current snapshot.
Hello, I am not in USA. I want to use openssl for
commercial purpose. Are there some legal problem
I must be cautioned ? I have used DSA instead of
RSA , but my browser(netscape 4.5) did not support.
You are allowed to use OpenSSL commercially as long as you attribute
it to the authors (see
Here is a test data that does not work with rsa_oaep_test.c
Can someone tell me what could be wrong?
You've got an invalid value for iqmp. You can set it like this:
BN_mod_inverse(key-iqmp, key-q, key-p, ctx);
int RSA_check(RSA *key)
{
BIGNUM *i, *j, *k;
BN_CTX *ctx;
int
Most CAs will have some requirements on the lengths of the public keys they
will sign. Currently the CA has to manually check the key length once a
certificate request arrives since "openssl ca" gives no indication about
the key length. I think it would be a good idea if the CA could use the
I have just uploaded the beta1 tarball to the FTP server. Please test it
and give us any feedback. This is as much a test of the release process
as it is of the code.
Looks all right, except there is CVS stuff left in the top level
directory.
Any change we can get this put into the README or FAQ somewhere???
That is going to be fixed in 0.9.3.
But you probably won't be able to use the bignum stuff on IRIX
machines as of yet.
__
OpenSSL Project
Unresolved:
bn_div_words
./rsa_oaep_test
Encryption failed!
Both are known problems in the 0.9.2b setup, and are fixed in the
current development version. There also is a patch available on
www.openssl.org to get rid of the "Encryption failed!" message.
Dose OpenSSL allow such change? If dose, what're the key steps and
things need to be watched out?
Removing ciphers is easy. For example if you want to use OpenSSL
without RC5 (which requires a patent license in many countries), run
"./config no-rc5; rm -Rf crypto/rc5" and make sure that
This *looks* like a typo (should be "syslog.h" ?). I searched my entire
Fixed. Thanks.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
I am trying to build OpenSSL (to be followed by mod_ssl and Apache) on an
Ultrix 4.4 system, for the first time. I have followed the installation
instructions as far as I can see, but the build is failing due to the names
LOG_CONS and LOG_DAEMON being undefined, as follows :
That was fixed
I have been struggling with this for a week on my
386 DX/40. I found the answer last night. There is a
option to the config script for openssl that solved the
problem for me. I believe it's "-no_asm"
The current development version of OpenSSL does support 386 assembler.
But I just
Is there a flag or something that needs to be set?
Yes. You should configure OpenSSL with the flag "no-asm", or download
the current snaphot.
__
OpenSSL Project http://www.openssl.org
User
Is there any docement describing how one should use OpenSSL completely
legally?
btw, how do commercial Web sites based on Apache deal with the RSA
patent (or perhaps they don't use RSA at all)?
If you are in the US, you need to get a license from RSADSI or buy a
licensed server (available from
So, whatever we call the next one, the string version must come after
"0.9.2b" (intuitively) and the hex version must be 0x0922.
Name the next "major" release 1.0 with hex code 0x01, then go on
with 1.1 == 0x010100, etc., and all of a sudden the problem is vanished.
Right?
As a quickfix you could do something like
mkdir perlbin
ln -s /usr/bin/perl5 perlbin/perl
setenv PATH perlbin:$PATH
That's what I did for building on BSD, but I would like the config
script to take care of that problem automatically.
Of course you need to have a compiler to use it, and if you plan to
produce something to run with Windows, you'd better have a Visual C++
For many purposes Mingw32 (a port of GNU C++ which uses the Microsoft
C runtime system that is shipped with each copy of Windows) is at
least as good as
Ulf Möller wrote:
Here's a list of open issues with OpenSSL. Perhaps someone can add
it to the STATUS file?
Hm. I forgot an entry about code that would properly initialize the PRNG
in the absence of /dev/random.
__
OpenSSL
Some well known applications use SSLeay with an uninitialized random
number generator. SSLeay interally adds data such as the time and pid
to the PRNG. Unless the machine in question happens to have /dev/random,
that results in a ridiculously insecure system -- as everybody should
know since
35 matches
Mail list logo