On Wed, Aug 17, 2005 at 02:21:30PM +0800, Tan Eng Ten wrote:
> This is a general crypto question and I hope someone could help me
> out.
>
> Often we use RSA of 512, 1024, 2048, 4096, etc. bit lengths. Are
> other sizes such as 520/1045 bit "valid"? Mathematically, it sh
Hi all,
This is a general crypto question and I hope someone could help me out.
Often we use RSA of 512, 1024, 2048, 4096, etc. bit lengths. Are other
sizes such as 520/1045 bit "valid"? Mathematically, it should work, but
are there reasons why odd sizes are not to be used?
_
Hi, Today i was very much excited to see this mailing
list on openSSL. I searched several messages and its great to see that
people here are helping others.I need your help. I read tutorials on OCSP from http://openvalidation.org about using OCSP in openssl,I have couple of questions.
1) I used t
Hi all,
We are coding an engine to work with a crypto device we are developing.
Our crypto hardware work on a two level basis. We have the crypto
hardware direct connected to a soekris (net4801), running a custom
OpenBSD and a key management application. We already have a front end to
conne
> David Schwartz wrote:
> >>Dr. Stephen Henson wrote:
> >
> >>A determined and knowledgable attacker can subvert anything that's
> >>not in hardware.
> >
> > I think this is a very strange thing to say. If he has access to the
> > hardware, he can subvert it too. If he doesn't have access to
David Schwartz wrote:
>>Dr. Stephen Henson wrote:
>
>>A determined and knowledgable attacker can subvert anything that's
>>not in hardware.
>
> I think this is a very strange thing to say. If he has access to the
> hardware, he can subvert it too. If he doesn't have access to the hardware,
>
One more try... anyone? :-)
K
- Original Message -
From: [EMAIL PROTECTED]
To: openssl-users@openssl.org
Subject: Re: OpenSSL on VxWorks
Date: Sat, 13 Aug 2005 13:01:55 -0500
>
> From what I've read about it, this error seems to
> indicate that the server certificate could not be
> ve
David Schwartz wrote:
> %.h: %.pem
> xxd -i $< > $@
That's compile time so it's not quite as flexible as the link time
command.
Why does this matter? You might have a situation where the source
code is managed by one group without access to the PKI objects,
and the PKI objects are managed
On Tue, Aug 16, 2005, David Schwartz wrote:
>
> > Dr. Stephen Henson wrote:
>
> > A determined and knowledgable attacker can subvert anything that's
> > not in hardware.
>
> I think this is a very strange thing to say. If he has access to the
> hardware, he can subvert it too. If he doesn
> Dr. Stephen Henson wrote:
> A determined and knowledgable attacker can subvert anything that's
> not in hardware.
I think this is a very strange thing to say. If he has access to the
hardware, he can subvert it too. If he doesn't have access to the hardware,
how can he subvert the soft
> cert.o: cert.pem
> ld -o $@ (flags) $<
Or even:
%.h: %.pem
xxd -i $< > $@
DS
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Dr. Stephen Henson wrote:
> Depends on whether you want it embedded in the executable after it has been
> linked or at compile time, i.e. embedded in a C source file.
I think this is slightly off, but at link time (using the gnu tool
chain) you can use:
ld -b binary -r -o root.o root.pem
then
Yes, Read INSTALL.XX file available with the source.
On 8/14/05, Edward Chan <[EMAIL PROTECTED]> wrote:
>
>
> I was wondering if OpenSSL can be built as static libs as I don't want
> people to be able to simply replace the dll's with their own.
>
> Thanks,
> Ed
__
oï guys,
Is it possible to choose how to generate RSA key ??
I think that the default mode uses the Chinese
remainder theorem but I'm really not sure about
that... can you confirm ??
Thanx,
Nicolas Mivielle
ferias de Dax forever
_
On Tue, Aug 16, 2005, James Whitwell wrote:
> Hi,
>
> Can anyone tell me if it's possible to embed a client certificate inside
> my executable, and what calls I should use to tell OpenSSL to use it? I
> think I'll also need to do it for the CA, since we use self-signed
> certificates, and I w
hi,
well, i'm using Linux, with a 2.4.xx kernel and the 0.9.8 version of
the ssl library,
to compile it i do: gcc -o master master.c -lssl -lcrypto -lpthread
(same as you do it)
i've compiled the library configurating using "./config zlib" the
library is compiled with this parameter...
thanks p
Hello Ignacio,
I tried the program you attached and it seems to work fine .
#include #include int main(){COMP_METHOD *comp_method;comp_method = COMP_zlib();if(comp_method != NULL) { printf("compression name: %s\n", (comp_method->name !=NULL? comp_met
Hello Robert,
I think the problem is with your Pseudo Random Number Generator and not OpenSSL 0.9.8
i. Check if you system has the /dev/random or /dev/urandom ii. If /dev/random and /dev/urandom are not present then make sure prngd is running iii. If your answer is yes to question i or ii then
Hello Dave,
Try setting your environment variable HOME since the seed file will be written to the file $HOME/.rnd or set the variable RANDFILE in the openssl.cnf file to an existing location.
Thanks,
Prakash Dave Peterson <[EMAIL PROTECTED]> wrote:
I hope this isn't a repeat of a
19 matches
Mail list logo
