Obviously I have misunderstood the manpage for RAND_bytes. What is says
is:
int RAND_bytes(unsigned char *buf, int num);
int RAND_pseudo_bytes(unsigned char *buf, int num);
DESCRIPTION
RAND_bytes() puts num cryptographically strong pseudo-random
bytes into buf. An error o
In the future, please do not post such user problems to the developer
mailing list. (Should this be a faq :)
I am hazarding a guess here. It seems you me that you are trying to use the
sample cert supplied with the demo. Note that this is just a dummy
certificate and not signed by a "real" CA. Is
We have a similar application where we reuse a pool of SSL connections. The
only difference between our approach and yours is the following piece of
code which we execute before reusing an already used SSL structure.
SSL_set_session(ssl, NULL);
Can you try this and see if the problem recurs? We
Hi folks,
I'm a rookie on OpenSSL and security stuff in general, and I think I can now
officially classify myself as knowing just enough to be dangerous.
Here's my situation. We're trying to do one-way authentication between a
Servlet on one machine and a C++ CGI on the other.
I have chosen
Burger, Kobus K wrote:
> I have noticed a couple of discrepancies between mainframe support for MDC2
> and OpenSSL's support:
>
> * Mainframe supports MDC2 with various keys (The documentation notes that
> the default key is the same as the one used by OpenSSL) - Openssl has a
> single key hard
I am fixing my pine+ssl hack to seed the PRNG. My development
platform is FreeBSD, so I never noticed a problem, since it
has a /dev/random.
I plan on doing something like a 'ls /' and sending that into the
PRNG along with the time, pid, ppid, uid and any other metrics
I can get my hands on, but
From: Louis LeBlanc <[EMAIL PROTECTED]>
leblanc> Anyway, this is what I did:
leblanc> unsigned char entropy[4096];
[...]
leblanc> RAND_bytes(entropy, 4000);
leblanc> RAND_seed(entropy, 3000);
And what do you think this gives you? Have you actually thought of
checking the returned status code?
> Anyway, this is what I did:
> unsigned char entropy[4096];
>
> /* Then I call the SSL_load_error_strings() and
> OpenSSL_add_all_algorithms()
> * routines, and create my context. Then, . . .
> */
>
> RAND_bytes(entropy, 4000);
> RAND_seed(entropy, 3000);
you've just seeded with bytes g
> My code miraculously worked without modification when building against
> 0.9.4.
> 0.9.5a and the snapshot broke the same code at the handshake, giving the
> 'PRNG not seeded' message.
...
> the cert creation and translation tests and
> suggested that I set the RANDFILE environment variable
On Fri, Jun 30, 2000, Louis LeBlanc wrote:
> RAND_bytes(entropy, 4000);
> RAND_seed(entropy, 3000);
> /* just giving myself some room until the code is working */
>
> And everything works.
No, nothing works, as you would have noticed, had you checked the RAND_bytes()
return value. You still
Thank you so much. Your message cleared up a problem I wrestled with for
some time. Once you pointed me in the right direction, I found everything
in the manpages, and it all fell into context (I have to admit to being a
little thick from time to time :).
Anyway, this is what I did:
unsigned ch
I tested it under RedHat Linux 6.2 and Windows 9x. It worked for me :-}
The RAND_??? functions is to make sure that there is a sufficients
source of random numbers for generating the random session keys for SSL.
The functions with "verify" in them is there to tell the server or
client where the p
Does it work?
Because what exact commands do you have to add if you want client authentication
on serv.cpp and cli.cpp?
I have tried it following the code I have found on sslcli.cpp and sslsrv.cpp
and it doen't work. If somenone wants to help me, (I work on a Sun WS)
, what is the mean of RAND_lo
On Tue, Jun 27, 2000 at 02:54:04PM -0400, Bill Rebey wrote:
> The product is a poor man's software VPN. A Server (the thing I'm writing)
> accepts local, clear connections, consults a routing table that is part of
> that Server's configuration, sets up an SSL connection with another Server
> as
ditto[on experiencing memory leaks, and using those
free functions]
Bounds
Checker output not included - although my mem-leaks aren't nearly as bad as
Raggi's, but hey I'm using Bio's.
-Original Message-From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]Sent: Friday, June 30, 200
Hi all
I have also been receiving numerous copies of each message posted for the 24 hours...
I just wanted to add my BoundsChecker printout to the pool, I am also trying to eliminate memory leaks from my app. If I find something out I will let you know.
BTW Arora : i am calling the same function
hi,
How can I be sure that oid I'm trying to add to my certificate, are actually
added ?
What's the openssl command to use ?
Will my added oids appear somewhere in these lines :
**
subject=/C=FR/ST=Nord/O=Org/CN=mycn/Email=myemail
issuer= /C=FR/ST=Nord/O=Orgi/CN=root
On Thu, Jun 29, 2000 at 11:13:43PM +0200, Richard Levitte - VMS Whacker wrote:
> Hey!
>
> Repeating your message x times doesn't solve anything. On the
> contrary, it may piss people off, and then I'll just say "happy
> isolation!" to you.
I got this message twice... but I'm going to assume it
From: Louis LeBlanc <[EMAIL PROTECTED]>
leblanc> The project involved an https load generator - primarily used
leblanc> for correctness testing of another project. I had the worst
leblanc> time getting the initial handshake to work. The dreaded
leblanc> 'PRNG not seeded' message kept plaguing m
Title: MDC2 block size
Hi folks,
(I am not subscribed to the list, so please reply directly)
I am trying to use openssl on Solaris to checksum files coming from an IBM mainframe. The only function that exists on both platforms is the MDC2 checksum.
I have noticed a couple of discrepancie
20 matches
Mail list logo
