Michal Ludvig wrote:
James Yonan wrote:
I have personally seen this behavior as well with the Padlock, though it
was last year (June or July) and I don't have model/stepping info. In my
case it was fixed by inserting sleep(0) calls immediately after OpenSSL
EVP crypto calls. So
Yes, thank you very much.
-RiazOn Apr 6, 2005 8:43 PM, yf-263 <[EMAIL PROTECTED]> wrote:在 2005-04-06三的 18:02 +0530,Riaz Rahaman写道:> Hi,>> Can anyone please point to me where I can find the definition for> SSL_new function. I did a find and grep into all the files in theopenssl-0.9.7f/ssl/ssl_li
I am adding OpenSSL 0.9.7e to an existing Windows XP application and I am new
to OpenSSL. This application is both a TCP server and a TCP client. Since I'm
adding OpenSSL support to both the client side and the server side, I thought I
could test the OpenSSL changes by having the application con
In addition to RAND_screen(), you can use:
RAND_event(...,...,...);
but you must know that use of both functions is highly discouraged, in other words they should be your last resort.Egon Andersen <[EMAIL PROTECTED]> wrote:
Bibbs, Christopher wrote:>>From: Michael D'ErricoYou can try using RA
Hi,
I'm looking at adding compression to an SSL enabled protocol. However I'm not
sure whether it's worth the effort in the end. Perhaps this question should be
asked in a zlib mailing list and if that's more appropriate let me know.
Does SSL compress the entire STREAM of an SSL-connection
Bibbs, Christopher wrote:
From: Michael D'Errico
You can try using RAND_poll() instead. It tries
several things to gather random data. I believe
that this is called automatically for you anyway.
If it is, it is failing because I'm getting failure to seed the PRNG errors
on my test systems that d
Hi List,
can anyone point me to a solution for this ?
[Sat Apr 09 16:14:30 2005] [info] SSL library error 1 in handshake (server
muc03306:443, client 149.235.163.228)
[Sat Apr 09 16:14:30 2005] [info] SSL Library Error: 336131157
error:1408F455:SSL routines:SSL3_GET_RECORD:decryption failed or ba
> From: Michael D'Errico
>
> You can try using RAND_poll() instead. It tries
> several things to gather random data. I believe
> that this is called automatically for you anyway.
If it is, it is failing because I'm getting failure to seed the PRNG errors
on my test systems that don't have /dev/
I wouldn't say Seeding PRNG using system time is the best practice, but it is used sometimes, personally I had to use it since I'm developing my applications on win32 platfrom therefore I can't use /dev/random. The other option was to use EGADS, this is a good option security-wise, but it tends to
You can try using RAND_poll() instead. It tries
several things to gather random data. I believe
that this is called automatically for you anyway.
Mike
__
OpenSSL Project http://www.openssl.org
User
I have
essentially the same question. I need to be able to call RAND_seed() on both
Windows and UNIX.
__
John Hoel Product Author
Skywire Software 2401 Internet Blvd., Suite 201 Frisco, Texas 75034 (972)377-1110 main (425)396-4687 direct [EMAIL PROTECTED]
www.s
Sorry for not being clear. Essentially, I'm looking for good ways
to seed the PRNG since I have no control over my users systems. Using
time() seems like a bad idea since it isn't really random and it doesn't
provide the 128 bits needed. However, if that's the normal practice, so
Ok I don't know if I understood your problem correctly, but if you're looking for ways for seeding you can always use current system time, I believe this is pretty much available on all systems.
Hope that helps."Bibbs, Christopher" <[EMAIL PROTECTED]> wrote:
Ok, here's my problem. I'm using OpenS
Ok, here's my problem. I'm using OpenSSL as part of my application, but not
all users have /dev/random (or /dev/urandom) so what's a developer to do? I
don't really want to seed with a constant string as the test apps do, but I
need a source I can count on. Asking my users aren't system administ
I am new to Apache and Solaris. I am using Solaris 9 with apache 2.0.53
and openssl .0.9.7f. I am trying to get openssl working with Apache. I
have tried to compile openssl by doing the following:
../config
make
make build-shared
mv libssl.so* /usr/local/lib
mv libcrypto.so* /usr/local/lib
And I s
Francois noel wrote:
Hi
When I read a PEM certificate with "PEM_read_bio_X509(bp, NULL, 0,
NULL);" that return me a X509 object. who can I display it in "STRING"
or "char *" format?
try X509_print_ex
Nils
__
OpenSSL Project
å 2005-04-06äç 18:02 +0530ïRiaz Rahamanåéï
> Hi,
>
> Can anyone please point to me where I can find the definition for
> SSL_new function. I did a find and grep into all the files in the
openssl-0.9.7f/ssl/ssl_lib.c line 225 SSL *SSL_new(SSL_CTX *ctx)
is what you want ? (I got it via source na
Dr. Stephen Henson wrote:
On Tue, Apr 05, 2005, Ladar Levison wrote:
Howdy gents. I wrote an SMTP server using OpenSSL, and it periodically
likes to segmentation fault. The core dumps are below. I can't seem to
get full stack traces, but I think that is related to the number threads
I am using.
Hello. I've sent my question to the wrong group previously.
I'm a beginner of using the ssl library. I got a problem about handshaking.
I need to do an application to read all the incoming and outgoing
traffic, including the handshaking of ssl.
I would like to know where and which functions are b
Hi:
In our case, it was a client doing
SSL communication and some PKCS7 handling, but the crash was at specific
locations too, although very far away of the real error. Stressing the
application made easier to reproduce the error, and then, by commenting our code
(i.e, by putting /*...*/ o
Hi
I am a bit of an openssl virgin so I am probably completely misunderstanding
something in the process.
I am also assuming that my problem is an openssl one, which of course it may
not be.
VERSIONS...
PHP Version 4.2.2
OpenSSL 0.9.6b [engine] 9 Jul 2001
OpenLDAP ldap.c,v 1.116.2.1 2002/04/23
Hi,
Please excuse the simplicity of this question to the list, but I can't
seem to find a clear example of how to setup the information for the
cert that I will send to a trusted issuer of a certificate. Can someone
point me to a site that explains it in laymans terms. I simply want to
add se
On Wed, Apr 06, 2005, Rafeeq Ahmed wrote:
> Hi Daniel,
>Thanks for ur respose,the information which u have provided is
> present in the RFC-2630.
>
> Our issue is to create a octet string (unsigned char string) of the cms
> object.
>
> thus our objective can be achived in two steps.
>
>
Hi,
Can anyone please point to me where I can find the definition
for SSL_new function. I did a find and grep into all the files in the
OpenSSL, didn't come across a definition anywhere.
-- Thank you,Best RegardsRiaz Ur Rahaman
Hi Daniel,
Thanks for ur respose,the information which u have provided is
present in the RFC-2630.
Our issue is to create a octet string (unsigned char string) of the cms object.
thus our objective can be achived in two steps.
1. Creation of CMS (signed-data) object,
2. populationg th
Hello Again
In my case, it is a simple server, not too
much complexity with respect to SSL usage or network protocols. Basically just
receives a string, parses it and passes the result back, then do some server
side processing. Additionally, in my case, the crashing seems to occur at tw
Have a look at this site, this should help you.
Best regards
Dan
http://www.zvon.org/tmRFC/RFC3369/Output/chapter5.html
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rafeeq Ahmed
Sent: mercredi, 6. avril 2005 13:04
To: openssl-users@openssl.org
Subject
I can´t say what is exactly causing your problem,
but we had a very similar problem when stressing our OpenSSL applications with
100 threads. We did exactly the same that you: to use the callbacks you mention
in mttest.c.
Our problem was not to use certain reentrant
functions as books say (s
Hi
We are trying to construct a CMS Signed-Data object (as per RFC
2630) from a Digital Signature.
The CMS object is furthter required to be represented into octet
string (or char string).
Have anybody come across such a problem.
or if you have any suggest
Dear Users
I have developed a custom OpenSSL based multi-threaded
server. It only uses ADH and is working fine except for one problem. The server
crashes randomly with segmentation fault. However, it does not generate any
core dump. I am developing this server on RH9 with OpenSSL 0.9.7a
Hi
When I read a PEM certificate with "PEM_read_bio_X509(bp, NULL, 0,
NULL);" that return me a X509 object. who can I display it in "STRING"
or "char *" format?
thanks
François
__
OpenSSL Project
Hi,
Using the VIA Advanced Encryption Engine (ACE, Padlock) with OpenSSL
seems to work fine, except for small blocks of data, as may be
illustrated by the following OpenVPN execution.
[EMAIL PROTECTED] var] openvpn --test-crypto --secret key
--cipher AES-128-CBC --engine padlock
Wed Apr 6 10:
32 matches
Mail list logo
